More Privacy Options

Last week a new user joined my Diaspora instance. I was excited, he made a #newhere post and I commented that I was glad to see him. We were NOT connected yet. He noted that it was awesome that we had the exact same birthday. I checked…we do…but, why is he able to see that? I tried to find a privacy setting to hide it from certain aspects, but that option just isn’t there. I ended up having to remove the birthdate entirely, because it wouldn’t even give me the option to just list my birthday and not birth year.

Anyways, I’d like to ask for privacy options per aspect for each and every item in my profile, including profile pictures. Is this something we can implement? I know it’s a big step, and I don’t mean to ask too much, but privacy should be critical to everyone, especially in a decentralized social media community.

I want to reiterate again though, I freaking LOVE Diaspora*, this software is amazing, and you guys have done an absolutely PHENOMENAL job!

You can make your extended profile either public or limited in your profile settings. Default is limited. If it’s visible to somebody you don’t share with, you set it to public at some point.
There’s no option to make it visible to only some aspects.
The setting is at /profile/edit

Besides, you do have the option to fill only the day and the month but not the year in your birthday

The only things that always are public are:

• You first name and last name
• Your diaspora* id (username@yourpod.tld)
• Your avatar
• The 5 tags that describe you

And:

• Your name and ID can be anything you like, not identifiable with your real-life persona;
• You don’t have to add an avatar;
• You don’t have to add any tags.

So it’s possible to remain very private.

Regardless, I think each and every option should be able to be controlled for optimal privacy. And my profile IS set to limited, yet users could still see my full birth date. And when I tried to set it to only month and day, it wouldn’t let me. I stand by my initial request, each profile option should have the ability to set it to privacy for specific aspects. There’s no reason not to allow for this kind of privacy, let’s be real. To not do it just doesn’t seem right and the only reason why this request shouldn’t be taken seriously is because people just don’t want to do the work to make it happen. If I were a hacker who wanted to steal people’s identities, Diaspora would be a freaking field day, hands down. The lack of actual privacy options with this software is insane.

I certainly don’t disagree with your proposal. I made the same proposal to have each element of the profile configurable to one or a range of aspects or public a few years ago. I was just pointing out that it’s not necessary to give any personal information at all in your account or profile. Diaspora does allow you to be private; what it doesn’t give you is the option to share some personal information through your profile with some people you’re sharing with but not with others. While that would be a nice addition, it’s not a privacy breach or anything like that because (a) you don’t have to add any personal information to your profile (I don’t), and (b) it’s clear that a limited profile is available to everyone in your aspects.

There’s no objection to introducing these configurations; it’s simply a matter of prioritising. The core devs focus on architectural/stability and security issues, and volunteer devs will always work on what they personally want to work on. If someone finds this important enough to work on it, that’ll be great and it’ll be available to users (assuming they’re successful in building it).

So I’d like to see a more configurable profile, but I don’t see it as essential or consider it evidence of ‘insane’ lack of privacy options. Sure, a determined hacker could get into any system, not matter how much development and security resources that system has, but let’s not get in to that discussion as that’s a different issue from privacy leaks in ordinary usage.

Diaspora lacks refinements, but to me these are icing on the cake that would be lovely to have rather than essential to workable privacy.

I just wanted to reproduce the case described here, so I registered an account on diaspsocial.com and wrote a #newhere posting. Then I wanted to check if I can see @shawneric s profile but even when I search for shawneric@diaspsocial.com I cannot find it. Did you mistype your diaspora*-id in your discourse-profile?

Here is a small theory what I think what happened: You somehow accidentally shared with that person. Maybe by setting up a “follows on register”-function-thingy many admins use to force their users follow 'em. Or by the always-share-back -option everyone can use.

I am not the guy who randomly recommends other software, but I think Friendica has such a feature to have a public profile and a profile for every aspect (and a default profile for new aspects). Yea, you said you love diaspora* but maybe it’s worth to take a look.

I am this fella: https://diaspsocial.com/people/ac2300609d0801360a26723c9195e6fe

But no, unfortunately that’s not the case. This guy and myself were not friends in any way, at all, period. Yet he could still see my birthdate. I have since removed my birthdate entirely from my profile, so if you look me up, you won’t see it anyway.

goob, I certainly meant no disrespect to you, and I was not upset at all ; however, I disagree with the notion of ‘a determined hacker…’. Security is part of my actual job description. I have been in the security IT field for over a decade now and can confirm that yes, any system can be broken into if someone wants to bad enough, but that’s not an excuse for us to make information so readily available.

Here’s an example (not with Diaspora, but with Facebook…which by the way, has significantly more privacy features than Diaspora does). Someone followed me on mastodon and as a test, I looked up his name, only his name, on facebook. The first match was him, matching the profile picture. From his facebook profile, which everything was left public, I was able to figure out where he was from, what his current job and employer was, where he went to school. Not that I needed that up information, but it would then be even easier to just go to spokeo[.]com and search for him there to confirm and find his real address, and therefore his recommended travel location to work.

This example can go on for hours and the amount of damage I could do to this person with the information he’s made publically available could absolutely devestate his life. Here’s the point I’m trying to make:

As I said earlier, he did not utilize the privacy settings and features given to him and left everything public. That’s a fail on him, not facebook. But over here, the privacy settings we have are incredibly limited. There are some, yes, but there are many others that would be vital to our users’ individual privacy. If someone on Diaspora got hacked, it wouldn’t be because they failed to utilize the privacy options given to them, it would be because the system failed them by not giving them the privacy settings they needed.

As I said before, there wasn’t an option to set my birthdate to private, so I removed it entirely, that was THE only option, and that’s unacceptable. I would absolutely LOVE to develop these features into a reality, but I’m simply not a coder, admittedly at my own detriment. Not for a lack of trying with serious attempts, I just do not hold the aptitude for coding and scripting. But if you need me to setup a server for you and secure it, I’m game