In a way this does make me slightpy concerned about Lemmy servers, Reddit has a team of lawyers and tonnes of funds behind it to fight pointless demands like these
A lot of server owners won’t and will be much easier to coax into giving up information about it’s users
Both IVPN and Mullvad have just removed port forwarding. I hear the options now are proton (which I hear may not have port forwarding on linux yet, but say they will) and AirVPN.
While it can be abused, it can also not be abused, surprisingly enough. I don’t want a secondary cheap vpn for DOWNLOADING, I happen to SEED, you leech, and also use slsk which means I now can’t connect to anyone who also can’t forward their ports because they also use one of your cheap VPNs with no port forwarding for DOWNLOADING.
You are condescending, have added no new info, and you’re clearly just a leech, I’m pretty done with this conversation, sorry “pal.”
The thing is, chasing individual instances is a game of whack-a-mole, with a lot of downside and not a lot of upside. Established companies follow laws and regulations because they are easy targets, with local assets, offices, and public figures that are worth serving/seizing and can be compelled to comply to court orders. How TF you going to enforce a court order in a country that doesn’t recognize your jurisdiction or laws?
The other thing thing is, if you run an instance with moderation rules that skirt the law, you are incentivised not to log personal information and disseminate it because a) that makes you a target, and b) you’ll get called out by your own users for logging and leaking IPs, and people will just move to a different server.
It seems pretty obvious to me that you should assume at all times when you are online that you are basically in a public space, like in a public cafe: People can see you, even if the fact that they are not paying close attention to you creates the illusion of privacy. If you start doing something to stand out, people will start to pay attention to you, and it’s all visible to see unless you actively take precautions to hide your identity. That starts–but doesn’t end–with not browsing piracy on main.
I wonder if there’s a Lemmy out there with Tor access. It shouldn’t be too hard and it would solve the IP address leak risk for servers like dbzer0.com.
@prole@ReCursing In most cases, the Tor instance wants to federate with clearnet instances. Clearnet instances might want to opt-in to federating with Tor instances - no child porn, but reading news about piracy is legal.
yes. I have a Diaspora, another Fediverse platforms, account on diasp.org that I hav only ever accessed via their hidden tor service http://diasporg5tj4xz5mxkd5qnrppo7tbb6ynk2gtmjw5lmz6mtbesj3k6id.onion and their i2p connection http://diasporg.i2p , and i have no issue federating with friends that only use normie instances like Friendica. I have heard there are some maston imstances that support tor hidden service to. Maybe kolektiva.social?
This was something I suggested for this instance, since there is even a guide for hosting an onion service: https://lemmy.dbzer0.com/post/135234
Maybe /u/db0 will have more time after the spam settles down, but it seems he’s got a lot on his plate at the moment between being an admin and doing AI stuff.
@skullgiver@Fonz It is possible; you have to set it up yourself and you won’t federate with many places.
Hosting Lemmy or Mastodon on Tor or I2P isn’t hard; you just host it, and link your Tor/I2P daemon to it same as any other website. But you have to be aware you’ll be cut off from the majority of other instances. You’ll be running standalone.
I am not sure about Lemmy, but Pleroma supports feeding all your federation traffic through a proxy; you can use one called fedproxy to split out your I2P federation traffic through your I2P daemon, and likewise for Tor. I am not currently running this on my server. It should still work for other fedisoftware than Pleroma. https://docs.akkoma.dev/stable/configuration/i2p/
You’re right that federation will be an issue. Maybe a Cloudflare tunnel squeezed through a Tor exit node for the clearnet domain and Tor for the rest? I’m not sure if you can use multiple domains like that but ActivityPub should support it.
I don’t know if Lemmy disables/doesn’t include proxy support by default, but there are tools like graftcp to force traffic through proxies in that case.
Alternatively, you could hack together a DNS server that resolves *.onion to 127.6.6.6, where you put up a proxy that just feeds directly into Tor. This will break for HTTPS sites but Onion services rarely have HTTPS anyway.
@skullgiver Yes, there are many ways to make sure your server connects to Tor and I2P sites. But that’s what the guy who ISN’T running a Tor/I2P site has to do, to federate with the Tor/I2P site. If you’re running the Tor/I2P site you can’t really do much on your side to enable federation.
Cloudflare won’t help because you need inbound connections. Some VPNs support *transient* port mapping designed for BitTorrent, but good luck trying to claim a stable port number for any significant length of time, never mind port 443 (which I’m sure is outside of the allocation range anyway). You’d have more luck trying to find a VPS provider crazy enough to let you pay anonymously with cryptocurrency with just a pinky promise that you’re not hosting child porn. Or just don’t federate.
Cloudflare has a tunnel daemon that allows you to server a website from a network that doesn’t allow any incoming connections. It’s something between a VPN and a proxy and it should work fine, even from Tor exit nodes. Other services offer similar products.
You don’t even need port 443, though most clients will probably break if you pick another port. You can host a Lemmy server on port 13847 if you want, as long as you make sure federating traffic includes the port number on outgoing traffic.
Getting two hostnames to reach the same server would be the biggest challenge, I think. I have seen some indications in the Lemmy database that may suggest the possibility of multi domain setups, but there’s a good chance this is a remnant of an old design decision that has long since been abandoned.
That’s a good point. You’d probably need to go invite-only for the Tor side of things (Beehaw style) for Tor instances to kick out the black markets/pedo networks. I don’t think Lemmy can do that (federate with all clearnet servers, whitelist for Onion services, require validation for Tor+Tor exit node user registrations).
I think you can throw something together with a reverse proxy setup (refuse federation from .onion sites that aren’t on the whitelist, disable access to the registration API), but there are probably issues I’m missing here.
This is basically true. You need to have certain DNS configurations you cannot afford on Tor hidden services to federate, and while you still could be listening on a Tor hidden service, clearnet servers would still need to reach you to federate.
On top of that, even if you somehow manage to do that, either youre federation trafic goes through Tor (lmao how to DDoS Tor in 1 step), or It doesn’t and all servers can see your public IP, which deafeats the purpose.
Lemmy federation traffic can be measured in kilobytes per second, I doubt you’ll take down Tor. Tor works at speeds closer to one or two megabytes per second these days. The latency will be abysmal, so you’ll effectively be slowloris-ing every server you federate with, but I don’t see why it shouldn’t work from a technical point of view.
Imagine when film companies pay Google for access to pirate’s gmail registrations. I’m glad I switched to Protonmail years ago. Any of these “free” services will sell your information for the right price.
Been teaching my kid this. Do what you’re expected to do, follow directions from teachers and parents, so that when you do something you’re not supposed to and if you get caught, they won’t even believe you did it. Hide in plain site and cover your tracks by thinking of what you’d look for trying to catch someone.
I highly doubt there are any actual pirates on here, it’s just users being edgy. A bunch of dorks that don’t even own a boat role playing badass pirates.
I think many people just couldn’t care less about pirating and believe the companies can’t figure out who they are. For example, I discuss pirating stuff pretty openly on my reddit account. But every single comment I make, I consciously make sure to not reveal enough for people to dox me.
I also don’t have Facebook which is how most people figure out identities.
“Hmm, they’re an underwater welder from a specific small town and they have three sons. Well this is the only Facebook profile that matches that so I bet it’s this person” type of thing.
You are only truly anonymous if you always use a VPN or Tor. If not, Reddit has your IP and the ISP knows who is behind the IP. If LE knocks at Reddit’s door with a warrant, they will give them your IP, with which they go to the ISP to get your name.
they’re an underwater welder from a specific small town and they have three sons
You would be suprised of how much less info than that is needed to ID a person. There are studies about ID’ing people via their favorites and last-watched lists on netflix.
. But to actively say, ‘I downloaded X, from Y. It worked great.’ and/or ‘I’ve downloaded loads from X, I have over a thousand X, and they all work.’ it makes me cringe.
I think a lot of it is to do with the actual chance that the individual is going to get charged with it, big companies generally go after the Distributors and not the individuals regarding it. Plus staying online that you did something doesn’t prove that you actually did it so they would still have to get solid evidence that you actually did it which costs money A lot of times more money than they would have lost from the pirating activity in the first place which is why a lot of them just settle for sending a dmca to the ISP and the ISP for as it saying LOL you better not be doing this
Silly nonsense. Just cause I said I downloaded something isn’t proof I did it. If I said I murdered someone you still have to proof I did it especially if there is no god damn body. In other words: they have to link my comments to a download I did via vpn years ago. Yeah, good luck losers.
If they have no proof prior, they will absolutely wreck you with a comment like that linked to an account you own.
That’s a confession, which you made, it is idiotic as you gained nothing admitting to it.
Only because many people don’t care, doesn’t mean it doesn’t matter.
Also it’s no proof that any piracy took place. It would be a different thing altogether if they already had evidence and you confessed to it, but as is, not everything said on the internet is true. Here, my “confession”
I broke into Area 51 on September 5th 1997 at 07:43 AM and I took photos of a top secret spy satellite program meant to track UFOs.
The fact I said that in a comment on Lemmy doesn’t make it true.
Right, if you go to the police and confess to the murder of someone who vanished you are going to be in trouble. But we are talking about some reddit comments “confessing” to downloading something illegally. I could have been more specific with the example though.
I would expect that to be true as well.
For some reason I can’t really explain anymore, I was thinking of a situation where the confession is made, and reiterated at every step in the prosecutorial process, without any other evidence (for or against) being available for the process.
Also keep in mind that at least in Germany the act of just downloading something is not illegal. Only the uploading/seeding of content is. So just admitting to having downloaded something is not admitting to a crime at all.
Bit of a leap there. I’m talking about confessing to murdering someone on reddit for instance cause that is what we are talking about: comments made years ago on reddit. Yeah, sure, maybe someone will tell the cops and they will have to investigate you based on your comment about murdering someone, but then what? Sure, it will have consequences for me, but they cannot convict me based of a single comment and nothing else. How the hell is that going to hold up in any court?
And now think back on what we are actually talking about: comments admitting to having illegally downloaded some content. I would assume they won’t even try to start investigating that. Like how on earth are you going to get proof of that?
They would never get a conviction on the statement alone though. What it probably would do, is lead to them turning over every stone in your life to find proof. They’d do that because it’s enough to arouse suspicion but not enough to get you convicted in any way.
Alright buddy, that’s a horrendous example. You’re comparing MURDER to downloading End Game…
Here’s the real comp, go into the police station with a grin and say I just littered 3 towns away in a park, I threw a candy wrapper on the floor, it even has my fingerprint! But you’ll never catch me coppers!
They’d shrug and ask you to leave. No-one is starting a manhunt.
Now is a good time to remind users that you are placing some trust in the instance that you use. Lemmy is not anonymous. It is pseudo-anonymous. Your instance can do pretty much anything with your account up to and including turning your account into a sock puppet, and they know exactly where you’re connecting from.
With that said, it’s a lot better than most social media today that actively tries to violate your privacy at every turn.
To add to this: some instances require your email address, and others don’t.
Obviously there are plenty of other ways you won’t be really anonymous, but if it’s important to you, one step in mitigating issues is not to have an email associated with your account.
I’ve been partial to https://mailinator.com, but some services are getting wise to it (and blocking *@mailinator.com addresses). Thanks for sharing an alternative!
Your instance could (edit: theoretically, if they’re running custom Lemmy code) track you by your browser fingerprint (screen size, installed fonts, plugins, etc.). Others could keep a profile on you based on what you comment/post/upvote and when.
So if I’m on an app instead of a browser, that app developer would have to provide info on me too?
As for what I comment/post/upvote, that’s not really what I’m asking about as that’s a profile on what I do, not who I am from an identifiable point of view (correct me if I’m wrong)
Depending on the content you post though, it could hypothetically be traced to you. Potentially even mundane things like mentions of geographic locations, word choices, common phrases you use, common topics – all of those could be considered at least partly identifying in the right contexts (assuming someone was looking for it and already had info about some particular cue that indicates you).
The point is: you can’t really be too careful, and realistically should assume there is always a way someone (including yourself) could be jeopardizing your privacy, if not overtly (by some kind of software or network tracking) then by holes in operational security.
This is part of why I signed up through FMHY. If anybody is going to try to protect my privacy it is probably going to be the very actively pro-piracy group.
On a similar note how safe is it to use private torrents such as IPTorrents? They obs keep a log of users and upload/download stats and probably the torrents downloaded and ip addresses. Surely rights holders would be better off going after this data no?
All they have to do is get an account and sit there seeding their own movies, then keep a log of the IP addresses of the people they connect to. That’s how most P2P enforcement is done.
Problem is that anyone with enough knowledge to get private torrent access also knows enough to use a seedbox or VPN. The whole business case for a VPN revolves around not giving out IP addresses so that’s generally a dead end for copyright holders.
Eh, you shouldn’t get hit with anything serious unless you’re hosting a server that’s seeding tons of content. The worst I’ve seen people who occasionally pirate getting is a ‘stop being a pirate, asshole!’ letter from Disney or something. I tried cyberghost for a while and it was such trash that I wish I hadn’t wasted money on it, I’ve just not bothered with VPNs since.
Agree with cyberghost being absolute garbage. I got a letter like that for downloading a Megamind cam once. Ironically it was to cut out a piece of the movie to show my friend to recommend he go watch the movie.
I recommend people use a VPN even when using private torrents. Mostly because aren’t really private, they are semi-public but kept behind some sort of application gate-keeping process. Do you trust every single user on these sites all the time? Are they actually vetting new applicants? Do they audit users at all?
Generally unless you personally trust every single user it just takes one bad actor to log IPs and start sharing that information somewhere else to compromise the privacy of the entire userbase.
If I were to torrent I could see myself using a seedbox for the downloading and uploading but sure I would be lax when it came to visiting the torrent site so my ip address would likely be captured…
;-)
Exposing your public IP to the website itself is not typically as much of a risk. Bad actors would have to get law enforcement to force the website owners to turn over visitor and activity logs to prove that your public IP visited a site and downloaded a torrent. But if that same IP never downloaded or uploaded content using that torrent, then there is no real evidence of actual media sharing.
That makes sense but leads me to another question… How do site like IP torrents track the user upload / download ratio? Say if I were to log in and use my home internet connection to download a torrent file from there and then use a seedbox to do the download the contents? It can’t be IP based as the IP’s would be different; is each torrent file downloaded different for each user?
My experience with private torrents is a little out of date but you might be right, that could cause problems with how your seed ratio is reported for trackers.
Just went down a rabbit hole… Turns out IPTorrents give a different torrent file for each user so it’s independent of IP address. It’s the torrent client that reports back the down and upload volumes. Now need to see if this info could be used by the rights holders for claims…
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
⚓ A community devoted to in-depth debate on topics concerning digital piracy, ethical problems, and legal advancements.
In a way this does make me slightpy concerned about Lemmy servers, Reddit has a team of lawyers and tonnes of funds behind it to fight pointless demands like these
A lot of server owners won’t and will be much easier to coax into giving up information about it’s users
deleted by creator
Both IVPN and Mullvad have just removed port forwarding. I hear the options now are proton (which I hear may not have port forwarding on linux yet, but say they will) and AirVPN.
deleted by creator
Alternatively, run TOR and a VPN while downloading. The speed will suck, but you should be way harder to track
deleted by creator
While it can be abused, it can also not be abused, surprisingly enough. I don’t want a secondary cheap vpn for DOWNLOADING, I happen to SEED, you leech, and also use slsk which means I now can’t connect to anyone who also can’t forward their ports because they also use one of your cheap VPNs with no port forwarding for DOWNLOADING.
You are condescending, have added no new info, and you’re clearly just a leech, I’m pretty done with this conversation, sorry “pal.”
deleted by creator
Wah wah wah, I called some guy out for being a leech and he is now mad at me, whatever will I do?!
Go “danger” your own colon, I’m done talking to you.
deleted by creator
The thing is, chasing individual instances is a game of whack-a-mole, with a lot of downside and not a lot of upside. Established companies follow laws and regulations because they are easy targets, with local assets, offices, and public figures that are worth serving/seizing and can be compelled to comply to court orders. How TF you going to enforce a court order in a country that doesn’t recognize your jurisdiction or laws?
The other thing thing is, if you run an instance with moderation rules that skirt the law, you are incentivised not to log personal information and disseminate it because a) that makes you a target, and b) you’ll get called out by your own users for logging and leaking IPs, and people will just move to a different server.
It seems pretty obvious to me that you should assume at all times when you are online that you are basically in a public space, like in a public cafe: People can see you, even if the fact that they are not paying close attention to you creates the illusion of privacy. If you start doing something to stand out, people will start to pay attention to you, and it’s all visible to see unless you actively take precautions to hide your identity. That starts–but doesn’t end–with not browsing piracy on main.
Why not just scrape it? 4head
I wonder if there’s a Lemmy out there with Tor access. It shouldn’t be too hard and it would solve the IP address leak risk for servers like dbzer0.com.
Would federating work properly with an instance on i2p or tor?
If with properly you include insane amount of waiting for requests and timing out then yes
Also, would you want it to?
Also a valid point
@prole @ReCursing In most cases, the Tor instance wants to federate with clearnet instances. Clearnet instances might want to opt-in to federating with Tor instances - no child porn, but reading news about piracy is legal.
@ReCursing @Fonz @skullgiver see this reply I just wrote: https://social.immibis.com/notice/AXSgn5KUrJhQrsadaC
yes. I have a Diaspora, another Fediverse platforms, account on diasp.org that I hav only ever accessed via their hidden tor service http://diasporg5tj4xz5mxkd5qnrppo7tbb6ynk2gtmjw5lmz6mtbesj3k6id.onion and their i2p connection http://diasporg.i2p , and i have no issue federating with friends that only use normie instances like Friendica. I have heard there are some maston imstances that support tor hidden service to. Maybe kolektiva.social?
Probably if all instances were using Tor, but it would be very slow
It’s not Lemmy, but there’s Dread, which is very similar to this for Tor.
Good to hear that’s still up! I remember when some dude got that up and running shortly after the darknetmarkets sub was closed down.
This was something I suggested for this instance, since there is even a guide for hosting an onion service: https://lemmy.dbzer0.com/post/135234
Maybe /u/db0 will have more time after the spam settles down, but it seems he’s got a lot on his plate at the moment between being an admin and doing AI stuff.
@skullgiver @Fonz It is possible; you have to set it up yourself and you won’t federate with many places.
Hosting Lemmy or Mastodon on Tor or I2P isn’t hard; you just host it, and link your Tor/I2P daemon to it same as any other website. But you have to be aware you’ll be cut off from the majority of other instances. You’ll be running standalone.
I am not sure about Lemmy, but Pleroma supports feeding all your federation traffic through a proxy; you can use one called fedproxy to split out your I2P federation traffic through your I2P daemon, and likewise for Tor. I am not currently running this on my server. It should still work for other fedisoftware than Pleroma. https://docs.akkoma.dev/stable/configuration/i2p/
You’re right that federation will be an issue. Maybe a Cloudflare tunnel squeezed through a Tor exit node for the clearnet domain and Tor for the rest? I’m not sure if you can use multiple domains like that but ActivityPub should support it.
I don’t know if Lemmy disables/doesn’t include proxy support by default, but there are tools like
graftcpto force traffic through proxies in that case.Alternatively, you could hack together a DNS server that resolves *.onion to 127.6.6.6, where you put up a proxy that just feeds directly into Tor. This will break for HTTPS sites but Onion services rarely have HTTPS anyway.
@skullgiver Yes, there are many ways to make sure your server connects to Tor and I2P sites. But that’s what the guy who ISN’T running a Tor/I2P site has to do, to federate with the Tor/I2P site. If you’re running the Tor/I2P site you can’t really do much on your side to enable federation.
Cloudflare won’t help because you need inbound connections. Some VPNs support *transient* port mapping designed for BitTorrent, but good luck trying to claim a stable port number for any significant length of time, never mind port 443 (which I’m sure is outside of the allocation range anyway). You’d have more luck trying to find a VPS provider crazy enough to let you pay anonymously with cryptocurrency with just a pinky promise that you’re not hosting child porn. Or just don’t federate.
Cloudflare has a tunnel daemon that allows you to server a website from a network that doesn’t allow any incoming connections. It’s something between a VPN and a proxy and it should work fine, even from Tor exit nodes. Other services offer similar products.
You don’t even need port 443, though most clients will probably break if you pick another port. You can host a Lemmy server on port 13847 if you want, as long as you make sure federating traffic includes the port number on outgoing traffic.
Getting two hostnames to reach the same server would be the biggest challenge, I think. I have seen some indications in the Lemmy database that may suggest the possibility of multi domain setups, but there’s a good chance this is a remnant of an old design decision that has long since been abandoned.
I mean you can very much onion route to a regular server, if it allows connections from Tor.
Unfortunately Tor means it’s very hard to IP ban abusers, so a lot of services automatically ban common Tor exit nodes.
That’s a good point. You’d probably need to go invite-only for the Tor side of things (Beehaw style) for Tor instances to kick out the black markets/pedo networks. I don’t think Lemmy can do that (federate with all clearnet servers, whitelist for Onion services, require validation for Tor+Tor exit node user registrations).
I think you can throw something together with a reverse proxy setup (refuse federation from .onion sites that aren’t on the whitelist, disable access to the registration API), but there are probably issues I’m missing here.
This is basically true. You need to have certain DNS configurations you cannot afford on Tor hidden services to federate, and while you still could be listening on a Tor hidden service, clearnet servers would still need to reach you to federate.
On top of that, even if you somehow manage to do that, either youre federation trafic goes through Tor (lmao how to DDoS Tor in 1 step), or It doesn’t and all servers can see your public IP, which deafeats the purpose.
Lemmy federation traffic can be measured in kilobytes per second, I doubt you’ll take down Tor. Tor works at speeds closer to one or two megabytes per second these days. The latency will be abysmal, so you’ll effectively be slowloris-ing every server you federate with, but I don’t see why it shouldn’t work from a technical point of view.
Good to hear that’s still up! I remember when some dude got that up and running shortly after the darknetmarkets sub was closed down.
Imagine when film companies pay Google for access to pirate’s gmail registrations. I’m glad I switched to Protonmail years ago. Any of these “free” services will sell your information for the right price.
2011?? seems like an awfully long time for them to still care.
deleted by creator
Been teaching my kid this. Do what you’re expected to do, follow directions from teachers and parents, so that when you do something you’re not supposed to and if you get caught, they won’t even believe you did it. Hide in plain site and cover your tracks by thinking of what you’d look for trying to catch someone.
It’s like people are forgetting that piracy is actually illegal.
They’re just lying about pirating to look cool.
I highly doubt there are any actual pirates on here, it’s just users being edgy. A bunch of dorks that don’t even own a boat role playing badass pirates.
Does a canoe count?
I’d like to be that variety of pirate, at least in the older style. Not so much a modern nautical pirate though.
Being a pirate back in the day was also less pleasant than creative media has led us to believe, I’m afraid
What is illegal for Americans is not illegal everywhere.
Now I’m not morally against piracy, pirate away. It’s just illegal.
I think many people just couldn’t care less about pirating and believe the companies can’t figure out who they are. For example, I discuss pirating stuff pretty openly on my reddit account. But every single comment I make, I consciously make sure to not reveal enough for people to dox me.
I also don’t have Facebook which is how most people figure out identities.
“Hmm, they’re an underwater welder from a specific small town and they have three sons. Well this is the only Facebook profile that matches that so I bet it’s this person” type of thing.
You are only truly anonymous if you always use a VPN or Tor. If not, Reddit has your IP and the ISP knows who is behind the IP. If LE knocks at Reddit’s door with a warrant, they will give them your IP, with which they go to the ISP to get your name.
You would be suprised of how much less info than that is needed to ID a person. There are studies about ID’ing people via their favorites and last-watched lists on netflix.
Not evidence of a crime.
I came to confess. I was the 2nd gunman on the grassy knoll.
Liar, I shot first. You were third
I think a lot of it is to do with the actual chance that the individual is going to get charged with it, big companies generally go after the Distributors and not the individuals regarding it. Plus staying online that you did something doesn’t prove that you actually did it so they would still have to get solid evidence that you actually did it which costs money A lot of times more money than they would have lost from the pirating activity in the first place which is why a lot of them just settle for sending a dmca to the ISP and the ISP for as it saying LOL you better not be doing this
Silly nonsense. Just cause I said I downloaded something isn’t proof I did it. If I said I murdered someone you still have to proof I did it especially if there is no god damn body. In other words: they have to link my comments to a download I did via vpn years ago. Yeah, good luck losers.
If they have no proof prior, they will absolutely wreck you with a comment like that linked to an account you own. That’s a confession, which you made, it is idiotic as you gained nothing admitting to it.
Only because many people don’t care, doesn’t mean it doesn’t matter.
A comment on social media is not a confession.
Bold statement, i can find countless cases where a confession posted on social media was used as evidence.
Also it’s no proof that any piracy took place. It would be a different thing altogether if they already had evidence and you confessed to it, but as is, not everything said on the internet is true. Here, my “confession”
The fact I said that in a comment on Lemmy doesn’t make it true.
…Did you see any alien friends during your raid?
Depends. Are you with the US gov?
I… don’t think that’s true.
I’d expect to get convicted if I make a (reasonable) confession of murdering someone who vanished, even if there is no single other bit of evidence.
You won’t. It happens all the time. Youd be amazed how many people try to claim credit for crimes they didn’t commit.
Right, if you go to the police and confess to the murder of someone who vanished you are going to be in trouble. But we are talking about some reddit comments “confessing” to downloading something illegally. I could have been more specific with the example though.
Not if you made that confession outside of any prosecution process and then withdrew it saying you were just making shit up, I wouldn’t think.
I would expect that to be true as well.
For some reason I can’t really explain anymore, I was thinking of a situation where the confession is made, and reiterated at every step in the prosecutorial process, without any other evidence (for or against) being available for the process.
Actually no. Pretending to have committed a crime is a crime itself. At least here in Germany.
Also: saying you committed a crime is basically the same as a confession and can definitely be used against you
The lawsuit does not involve Germany in the slightest
Sure, but it could still have an Impact on Germany since the copyright law is pretty similar
Gotta listen to some Götz Widmann haha.
Also keep in mind that at least in Germany the act of just downloading something is not illegal. Only the uploading/seeding of content is. So just admitting to having downloaded something is not admitting to a crime at all.
No, downloading is illegal too. It’s just the uploading/seeding that gets actively enforced since it’s a more serious crime
deleted by creator
Bit of a leap there. I’m talking about confessing to murdering someone on reddit for instance cause that is what we are talking about: comments made years ago on reddit. Yeah, sure, maybe someone will tell the cops and they will have to investigate you based on your comment about murdering someone, but then what? Sure, it will have consequences for me, but they cannot convict me based of a single comment and nothing else. How the hell is that going to hold up in any court?
And now think back on what we are actually talking about: comments admitting to having illegally downloaded some content. I would assume they won’t even try to start investigating that. Like how on earth are you going to get proof of that?
They would never get a conviction on the statement alone though. What it probably would do, is lead to them turning over every stone in your life to find proof. They’d do that because it’s enough to arouse suspicion but not enough to get you convicted in any way.
Alright buddy, that’s a horrendous example. You’re comparing MURDER to downloading End Game…
Here’s the real comp, go into the police station with a grin and say I just littered 3 towns away in a park, I threw a candy wrapper on the floor, it even has my fingerprint! But you’ll never catch me coppers!
They’d shrug and ask you to leave. No-one is starting a manhunt.
Now is a good time to remind users that you are placing some trust in the instance that you use. Lemmy is not anonymous. It is pseudo-anonymous. Your instance can do pretty much anything with your account up to and including turning your account into a sock puppet, and they know exactly where you’re connecting from.
With that said, it’s a lot better than most social media today that actively tries to violate your privacy at every turn.
To add to this: some instances require your email address, and others don’t.
Obviously there are plenty of other ways you won’t be really anonymous, but if it’s important to you, one step in mitigating issues is not to have an email associated with your account.
What about using something like a protonmail address for all social media email?
A good strategy, but still less secure by definition than no email at all.
Iirc proton mail has a backdoor. Though they likely won’t be used outside of ‘nať-sećurity interests’.
Guys, this is fact, also downvotes aren’t private.
You can always use https://10minutesemail.net/ for the required email. No muss no fuss
I’ve been partial to https://mailinator.com, but some services are getting wise to it (and blocking *@mailinator.com addresses). Thanks for sharing an alternative!
You may know the answer to this. If I’ve signed up with no email, and whilst on a secure VPN, how are they going to track me?
Your instance could (edit: theoretically, if they’re running custom Lemmy code) track you by your browser fingerprint (screen size, installed fonts, plugins, etc.). Others could keep a profile on you based on what you comment/post/upvote and when.
Screen size?! I’ll just buy another monitor then.
So if I’m on an app instead of a browser, that app developer would have to provide info on me too?
As for what I comment/post/upvote, that’s not really what I’m asking about as that’s a profile on what I do, not who I am from an identifiable point of view (correct me if I’m wrong)
Depending on the content you post though, it could hypothetically be traced to you. Potentially even mundane things like mentions of geographic locations, word choices, common phrases you use, common topics – all of those could be considered at least partly identifying in the right contexts (assuming someone was looking for it and already had info about some particular cue that indicates you).
The point is: you can’t really be too careful, and realistically should assume there is always a way someone (including yourself) could be jeopardizing your privacy, if not overtly (by some kind of software or network tracking) then by holes in operational security.
This is part of why I signed up through FMHY. If anybody is going to try to protect my privacy it is probably going to be the very actively pro-piracy group.
Makes me want to screen record DRM protected stuff and redistribute it right now :)
Yeah this is the kind of crap that encourages people to pirate simply to spite them.
On a similar note how safe is it to use private torrents such as IPTorrents? They obs keep a log of users and upload/download stats and probably the torrents downloaded and ip addresses. Surely rights holders would be better off going after this data no?
All they have to do is get an account and sit there seeding their own movies, then keep a log of the IP addresses of the people they connect to. That’s how most P2P enforcement is done.
Problem is that anyone with enough knowledge to get private torrent access also knows enough to use a seedbox or VPN. The whole business case for a VPN revolves around not giving out IP addresses so that’s generally a dead end for copyright holders.
Eh, you shouldn’t get hit with anything serious unless you’re hosting a server that’s seeding tons of content. The worst I’ve seen people who occasionally pirate getting is a ‘stop being a pirate, asshole!’ letter from Disney or something. I tried cyberghost for a while and it was such trash that I wish I hadn’t wasted money on it, I’ve just not bothered with VPNs since.
Agree with cyberghost being absolute garbage. I got a letter like that for downloading a Megamind cam once. Ironically it was to cut out a piece of the movie to show my friend to recommend he go watch the movie.
FYI, this was done a few years ago. I think the lawyers behind it just got out of prison.
I recommend people use a VPN even when using private torrents. Mostly because aren’t really private, they are semi-public but kept behind some sort of application gate-keeping process. Do you trust every single user on these sites all the time? Are they actually vetting new applicants? Do they audit users at all?
Generally unless you personally trust every single user it just takes one bad actor to log IPs and start sharing that information somewhere else to compromise the privacy of the entire userbase.
If I were to torrent I could see myself using a seedbox for the downloading and uploading but sure I would be lax when it came to visiting the torrent site so my ip address would likely be captured… ;-)
Exposing your public IP to the website itself is not typically as much of a risk. Bad actors would have to get law enforcement to force the website owners to turn over visitor and activity logs to prove that your public IP visited a site and downloaded a torrent. But if that same IP never downloaded or uploaded content using that torrent, then there is no real evidence of actual media sharing.
That makes sense but leads me to another question… How do site like IP torrents track the user upload / download ratio? Say if I were to log in and use my home internet connection to download a torrent file from there and then use a seedbox to do the download the contents? It can’t be IP based as the IP’s would be different; is each torrent file downloaded different for each user?
My experience with private torrents is a little out of date but you might be right, that could cause problems with how your seed ratio is reported for trackers.
Just went down a rabbit hole… Turns out IPTorrents give a different torrent file for each user so it’s independent of IP address. It’s the torrent client that reports back the down and upload volumes. Now need to see if this info could be used by the rights holders for claims…
And why are they demanding it? Just scrape it like the rest of us.
the one positive part of the reddit api changes 🤣
Laughs in GDPR deletion request
2011!?!? Lmfao
Statute of limitations??
Only on criminal law.
So piracy is a civil crime, not a criminal one? Awww 😩 All this time I thought I was cooler than I really am. (Sad arrr noises)
Well, Reddit isn’t in my good books right now, but I hope they fight this fight hard, and I hope they win. Good Luck Reddit
removed by mod