Conversation
Notices
-
So the mastodon.social privacy policy is ok, but if I were the maintainer I'd avoid recording any IP addresses. One thing to consider is that when you're a meganode both state and non-state organisations will become interested in your logs and will try to obtain them either explicitly, with goons showing up and making threats, or also less explicitly with implants and exfiltration or NSLs and gagging orders. If you don't record IPs then in the worst case there's not much that third parties can get.
Another factor to consider is that the demographic of fediverse folks probably includes a higher proportion of non-normative views and lifestyles than you might find in the silos. These non-normative people are precisely the groups which the really bad guys always seek to target. So as maintainer you should be concerned with your user's interests and practice metadata minimization which can limit any potential damage.
- soloojos likes this.
- soloojos, victorhck and tuttle_(defunct) repeated this.
-
@frankiesaxx it all comes back to the problem of having too many users on one server. Users should be able to block whoever they want, but having the admin do that without agreement of the users is problematic. As the number of users on an instance increases the probability of affinity between the admin and any random user approaches 0.5
-
@fl0wn another strategy would be to write logs to a ramdisk if you have enough ram, or to write them to a tomb and then throw away the key every however often.
-
@fl0wn on !Freedombone I use a ramdisk for the tmp directory and they're pretty easy to create within /etc/fstab. By default I just log to /dev/null and have something in the control panel to turn logging on if I need to debug something. If I forget to turn it off again it does that automatically after a few days.
-
@fl0wn if I were implementing it I'd move all web logs to a ramdisk. In my case when it's enabled I have separate log files for each domain, separated into access and errors. access is probably the most sensitive one though, so as a quick modification just moving that to a ramdisk will probably give users better privacy.
-
@radiolaria This is why self-hosting is a good idea. Also when there are laws pertaining to logs I would scrutinize them carefully to see precisely what is being mandated and for how long and under what conditions disclosure can take place. Often the people making those laws are technically incompetent and so don't really know what data they want.
-
@maloki it can be in some cases, but these days blocking the domain name is more reliable because few people have static IPv4 addresses anymore. On !Freedombone there's an option in the control panel to block domain names at the iptables level if that's required.
-
@hishamhm as @gargron said earlier, it's just a boilerplate privacy policy from elsewhere, and that's fair enough because rolling your own legal text is usually considered bad practice.
Data retention laws vary from one place to another, and may be an issue for some admins - especially if they have a lot of users.
Bob Mottram
All Bobinas P4G content and data are available under the