goob, I certainly meant no disrespect to you, and I was not upset at all ; however, I disagree with the notion of ‘a determined hacker…’. Security is part of my actual job description. I have been in the security IT field for over a decade now and can confirm that yes, any system can be broken into if someone wants to bad enough, but that’s not an excuse for us to make information so readily available.
Here’s an example (not with Diaspora, but with Facebook…which by the way, has significantly more privacy features than Diaspora does). Someone followed me on mastodon and as a test, I looked up his name, only his name, on facebook. The first match was him, matching the profile picture. From his facebook profile, which everything was left public, I was able to figure out where he was from, what his current job and employer was, where he went to school. Not that I needed that up information, but it would then be even easier to just go to spokeo[.]com and search for him there to confirm and find his real address, and therefore his recommended travel location to work.
This example can go on for hours and the amount of damage I could do to this person with the information he’s made publically available could absolutely devestate his life. Here’s the point I’m trying to make:
As I said earlier, he did not utilize the privacy settings and features given to him and left everything public. That’s a fail on him, not facebook. But over here, the privacy settings we have are incredibly limited. There are some, yes, but there are many others that would be vital to our users’ individual privacy. If someone on Diaspora got hacked, it wouldn’t be because they failed to utilize the privacy options given to them, it would be because the system failed them by not giving them the privacy settings they needed.
As I said before, there wasn’t an option to set my birthdate to private, so I removed it entirely, that was THE only option, and that’s unacceptable. I would absolutely LOVE to develop these features into a reality, but I’m simply not a coder, admittedly at my own detriment. Not for a lack of trying with serious attempts, I just do not hold the aptitude for coding and scripting. But if you need me to setup a server for you and secure it, I’m game