Like even if they have nothing else they could just leak IP is there any law against it ? Or any technical aspect stopping them ?
I run an instance. I promise, I have literally 0 care about who you are. I have much more productive things to do with my time.
So you’re just gonna let CSAM fly?
Why’s that where your mind goes?
Because it’s the most important reason we have admins, and they have a responsibility to not “not care” about it
Oh? Are you signing the checks?
Except they don’t though. They have 0 reason or incentive to care. You are hoping they are good people and care, but they don’t have to.
I’m sorry I didn’t call out every exception to the rule. Obviously, if you do illegal things on my instance, I will care. I kind of thought that was a given, to be honest.
Don’t worry its a troll just stop feeding it.
The counter-question is : what do you win by doing this ?
An IP address by itself isn’t going to let you dox users unless you have access to the databases that map these to the subscriber accounts. Typically, you would need to be an ISP or law enforcement to do this, but you can also purchase this information from a data broker if you know what you’re doing.
With that said, there is absolutely nothing stopping the instance operator from getting your IP address. You’re connecting to his or her computer which they own, so they can easily see where you’re connecting from.
A notable way to protect against this is to use a VPN. Then the operator only knows you use a VPN.
Also need to be careful of what you write in comments (this is a public forum!). People sometimes write a surprising amount of detail about their life and it makes it much easier to narrow you down to a single individual the more you do it.
Eh, have faith in people
Even on Reddit, I was always 100% honest about living in Monetenagro as a Canadian Mexican immigrant. Sure life is busy as CEO of Disney but I always make time to attend a Lakers game with Leonardo DiCaprio when I’m visiting Panama.
But to comb thru a large account would take a bot to look for keywords and frequency mentioned.
So if you’re concerned about it, a less honest person could just randomly make outrageous but specific claims. Even when in the same comments and obviously contradictory, it would throw it off as long as you’re not constantly disclosing identifying information
That’s how I was able to become Batman and buy a house in Tokyo anyways
Ewwww ! Imagine having faith in people… gross !!
Yea after all that has happened you want faith GET RELIGION
I’m gonna put some dirt in your eye
Glad someone got the referance
The biggest thing is don’t accidentally give away your security questions to reset passwords to anything important.
Don’t let your guard down but at some point trust and risk consideration is required for most systems to work. If you’re after solutions; you could run your own node in the cloud and federate it.
Was thinkin about it and read some docs which brought me to the conclusion that its too much work for me
Because its a waste of there time? What’s stopping anyone from doxxing you?
There’s not much to prevent it from happening. They could lose standing in the community. They could be given legal trouble, and they could be attacked in return by people who knew which server owner was responsible. But that’s pretty much it.
There’s also a much lower bar for entry when it comes to running a server. All you need to “be” is technically competent. You don’t need to be very good at security, and you don’t need the temperament of a reasonable person.
And when that’s the case, data might be leaked even indirectly.
Two Mastodon examples come to mind.
- One administrator shut down their servers after being accused of transphobia. They could have done anything after having a bit of a public meltdown, so that was the best case scenario.
- Another server administrator was raided by police, and all the contents on the server were made accessible to them.
You’re connecting to their servers. They’re going to get your IP. This is unavoidable.
They can even * [gasp] * read the messages and things you willingly post onto their servers.
I hereby revoke the right of my messages being read by lemmy.ml administrators under any circumstances.
I don’t think that’s enforceable, it would be like if there was a sign that said “do not read me” which some games have done as a joke.
Technically nothing but vibes
Maliciously Leaking IP is doxxing, doxxing is illegal.
That said, law enforcement can just request for the IP/Logs and they’ll likely hand them over.Oh my… This whole thread is literally the best of ‘Do you have something to hide?’, ‘Why should they use it?’, ‘What could happen?’, ‘That’s paranoid’ and so on.
Really disappointing.
Yeah the lemming hive mind
Here’s my IP
42.74.98.48
Here’s my device information.
Device: husky Model: Google Pixel 8 Pro Android: 14
You are lying aren’t you ?
But are you on wifi or mobile data, gotta know before doing absolutely nothing with that information
Pfft if you’re a pro hacker you would already know where I live and my mother’s maiden name.
Technical measures are impossible in this particular case. However, I would say that the complete lack of benefits or incentives makes it very unlikely. Doing so could be illegal and collecting data which is otherwise useless is only a liability and a waste of resources. Basically the admin own self-interest I would say is what’s stopping them. That said, if someone is individually afraid due to a bad relationship with an admin, then personal motives could void the above, in which case, they should change instance probably or use a VPN at least.
Nothing stops them.
Don’t worry too hard about the ip though, there’s plenty of servers still running versions with insecure pms and that seems like a much bigger problem than ip addresses.
What are you concerned about? maybe I can help you figure out a way to mitigate it.
Nothing much just ip leak . And i don’t say anything on pm that i won’t say in public.
Well, ip leak would be useful for me if I were trying to figure out your general location, the specific edge device that you’re behind or if I were compiling a massive dataset to find a vulnerability.
In the first case, don’t worry about it. Ip addresses are allocated to the provider and dynamically assigned such that without a huge corroborating dataset or at least a couple of recent delivery records cross referenced to an online order someone can’t reasonably figure out your home address from it.
The second thing is inherent to the design of the internet, but the danger of someone knowing the ip of the edge device you’re sitting behind can be mitigated by securing that device. The easy stuff would be like turning off web console or snmp on wan, picking a good password, making sure its firmware is updated etc. if you’re forwarding ports or self hosting it gets more complex but that’s how you can make it “okay” that anyone could know your ip.
The third thing is complex and at this point requires a fundamental change in the way you view computer&web usage, communication and most likely a subscription to some scrubbing service. Sorry, we live in the bad timeline.
All three can be either mitigated or assisted by the use of a vpn. You have to pay for a vpn, the free options are monetized by bundling and selling the data that goes through them.
If there’s something I missed or whatever, lmk.
I use tor for most thing so i am not at all worried about those. But for lemmy i just use jerboa .
Get a vpn. It’ll make you less worried.
The gold standard is mullvad paid for with cash, but lots of stuff blocks their exit ips so if you get pissed off by that, use express or nord or whatever gets high ratings from websites that see if their exit nodes are blocked.
Nobody cares about your IP. Admins can see it, they can see mine, they don’t care.
If you want to be paranoid use mullvad and call it a day.
Always use a VPN. Its mandatory