YSK: Your Lemmy activities (e.g. downvotes) are far from private
Edit: obligatory explanation (thanks mods for squaring me away)...
What you see via the UI isn't "all that exists". Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see "under the hood". Any instance admin, proper or rogue, gets a ton of information that users won't normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.
Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.
Is it just user activity that's public? Curious to know about what is preserved on the backend, like if user removed posts/etc get stored somewhere accessible like this too.
What happens if someone posts something illegal? Does the instance owner have to know enough SQL to remove the row and the image connected to it or is there a friendly way to do it in an admin interface?
So if someone posts illegal images, it's up to admins to know how to remove it from their database(s). That might be a bit of a sweaty, scary, moment for some people who can follow instructions to setup an instance but aren't familiar with databases.
Ok at least y'all have that. Do you happen to know how much legal trouble you'd be in if your server did - temporarily - contain illegal images? Is that the sort of thing that - if you immediately deleted and worked with the FBI, you wouldn't get in trouble? I'm considering starting an instance for me and my wife because we have slow internet but - if we cached everything in an instance at home - it would be über fast. But I'm worried about the legality.
Instances don't cache images from remote users.
No one is going to put you in jail for reporting illegal stuff when you find it and it would have to be posted by one of your users to make it to your storage.
Thems the breaks when using what is essentially alpha software. The devs of both Lemmy and Kbin are aware that the admin tools need work, but stuff takes time.
Yeah but maybe we should provide some unix tools which help people delete data from their server. Imagine someone is upset at an admin. So they post cp to the server as revenge and then immediately report the server to the FBI. The poster puts themselves at risk, but it's much easier to avoid that risk than it is for an admin.
The unix tools can become the base for an actual admin interface, but I don't have the time for all that lol but scripting something that:
Finds the offending post in the database
Deletes any images in the post from the pictures foder
There's purge post/comment. I don't know if there's an easy way to go backwards and find what post a picture is associated with when that's the only information you have.
Self removals are hard to sync between instances, so a message you posted and deleted can linger forever.
For example, a message I posted from sopuli.xyz to a pawb.social post and then deleted shows as being deleted on sopuli, but is still visible on pawb.