Unsurprisingly, some folks on raddle and reddit seem to have a big problem with lemmy. A lot of it is pure FUD.
However, this appears to be a valid security concern:
https://raddle.me/f/fediverse/166674/lemmy-is-so-much-like-email-it-even-brought-back-spy-tracker
Any thoughts on how fixable this is?
Of course the general consensus on reddit is “lemmy devs are clueless and dangerous”. I’m pretty sure a lot of it is one guy with multiple alt accounts, tho. He has a Joe McCarthy attitude about lemmy because of one of the primary devs.
Can someone with more knowledge on the lemmy protocol/api bring some light into this? The way the linked posted is written, it seems like some random angry guy just hates lemmy for whatever reason.
To me it seems like a complete bs argument. As far as I can tell this tactic is possible with every service where users can provide content. Of course I can link to a site that reads users data. There’s basically no preventing this unless the (lemmy) clients provide their own modified browser that masks the users IP and other metadata.
There is definitely some of that at play here. I am hoping some smarter cybersec folks without the anti-lemmy-rage-bias can weigh in on t.