This is possible because Lemmy doesn’t proxy external images but instead loads them directly. While not all that bad, this could be used for Spy pixels by nefarious posters and commenters.
Note, that the only thing that I willingly log is the “hit count” visible in the image, and I have no intention to misuse the data.
Very interesting, I think I’ll probably be using Tor for my Lemmy usage from now on, or at least a VPN since this does have the potential to be used maliciously in personal DDoS attacks.
Are you sure about that because I can open and view lemmy.world just fine in Tor, I think what they mean is federation between hidden services i.e. lemmyinstanceoniondomain.onion is blocked or just not implemented.
I haven’t gotten Cloudflare captchas on lemmy.world yet, Haven’t tried using an app with Tor, as a general rule it’s best to use Tor through the browser since it has features to reduce fingerprinting and MITMs
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@lemmy.world
This is a most excellent place for technology news and articles.
deleted by creator
This is possible because Lemmy doesn’t proxy external images but instead loads them directly. While not all that bad, this could be used for Spy pixels by nefarious posters and commenters.
Note, that the only thing that I willingly log is the “hit count” visible in the image, and I have no intention to misuse the data.
Not really.
Jerdoa
Same, I’m using an app.
removed by mod
It got my OS right, but browser wrong. Tested both Librewolf and Vivaldi, which it sees as Firefox and Chrome.
Very interesting, I think I’ll probably be using Tor for my Lemmy usage from now on, or at least a VPN since this does have the potential to be used maliciously in personal DDoS attacks.
Annoyingly, lemmy.world blocks tor. They should host a tor onion service
Are you sure about that because I can open and view lemmy.world just fine in Tor, I think what they mean is federation between hidden services i.e. lemmyinstanceoniondomain.onion is blocked or just not implemented.
I can if I use a browser and solve the cloud flare capt ha, but not if I use sync behind tor
I haven’t gotten Cloudflare captchas on lemmy.world yet, Haven’t tried using an app with Tor, as a general rule it’s best to use Tor through the browser since it has features to reduce fingerprinting and MITMs
“an unknown (mobile?) client”
Well, nice try anyway.
Same, woo for my security I guess!
The post know where I am because it knows where I am not.
“You are viewing this from ome Mobile web View on Andr”… Uhhhh… Ok?