PSA: The Lemmy federation convention of hotlinking images to other peer federation servers makes it easy for a rogue instance to collect end-user IP addresses & browser strings, don't assume otherwise
If you visit a popular community like /c/[email protected] with your web browser, the images shown are hotlinked from the Lemmy instance that the person posting the image utilized. This means that your browser makes a https request to that remote server, not your local instance, giving that server your IP address and web browser version string.
Assume that it is not difficult for someone to compile this data and build a profile of your browsing habits and patterns of image fetching - and is able to identify with high probability which comments and user account is being used on the remote instance (based on timestamp comparison).
For example, if you are a user on lemmy.ml browsing the local community memes, you see postings like these first two I see right now:
You can see that the 2nd one has a origin of pawb.social - and that thumbnail was loaded from a sever on that remote site:
At this point, raise awareness that it isn't like a major identifiable social media site who has a reputation to worry about. Right now, anyone can create a Lemmy instance and join the federation, there is no approval or application process.
I agree 100%, people need to know what they aare using and doing, especially less savvy or less curious users who wont seek out this kind of information on their own.
Im asking though, is their anything that can be done by the user themselves to obscure their IP when loading images, or is it just something that has to be accepted as part of using the fediverse if you want to use it, and thats just that.
The Mullvad Browser. Think of it like the Tor Browser without Tor. That combined with Mullvad's VPN service would address both of the legitimate issues brought up in the OP.
Now that is purely passive, just data collection from routine serving of images.
A rogue site could start serving crafted images to confuse users or cause NSFW content to appear on all other Lemmy sites where users were browsing a meme.
When you have small-time image hosts being used by the dozens, they likely aren't as worried about their reputation being burned by pranks like this.
I know very little about networks, but aren't end-users IP addresses dynamically assigned by their Internet providers? Don't providers use NAT systems so the public IP you see is not actually the one assigned to someone's "house"?
Don’t providers use NAT systems so the public IP you see is not actually the one assigned to someone’s “house”?
Typically NAT ends at the building. So a coffee shop it is going to use private addresses for every person on WiFi inside the coffee shop, but the servers are still going to get the single IP address of that building.
Thanks, iplocation.net has a lot more detail than iplocation.com, but they both show exactly the same public IP for me (that is my provider), were they supposed to be different on the 2 sites?
While most residential ISP customers are dynamically assigned a public IP address, those addresses usually don't change unless you reset (not just restart) your router. My "dynamic" IP address has been the same for over a year (ever since I switched to my current ISP).
As the other person said, that address is then shared among all devices connected to your router. Even most IPv6 networks (without NAT) share the same address prefix.
Big instances surfing up content from smaller instances is invariably going to cripple them unless larger instances start locally caching that content.
A "solution" to this might be for lemmy instances/apps to have the option to "load remote images" the way e-mail providers do. So I have to actively click to load the images. Could even be done per subscription, so I could declare that I just want everything loaded when I see lemmy.ml/c/pics but not in general, where I usually want text.
If you use a VPN, the analysis of timestamp probability in logs is still going to reveal that you are likely the user who made x comment at y time. Another lemmy instance you never signed up at can start to look in logs for your comment id: #734995 and cross-reference it to image loading.