Yeah I mean I was around for that. What you quoted is what I'm saying:
They also log and monitor the IPs and the emails used to sign up on their instance
None of that is unique to hexbear. Anyone visiting the URL in the OP will have their IP logged, there's no way to tell if the traffic originates from someone clicking that link here*. And no way for them to link your IP with the fact that you're a hexbear user unless you're naive enough to sign up for a lemmy world account and post correlating info to a hexbear account.
What is unique to hexbear (sort of, I'm sure they hate the grad too) is the vendetta they hold against us, so even though it's probably a PITA to correlate these things you can be confident that they're petty enough to do that.
Fuck lemmy world and good on ya for posting a lemmy.ml link to the federated thread.
* unless your browser's adding headers to note what site you're clicking that link on, which uh stop using chrome I guess
unless your browser's adding headers to note what site you're clicking that link on, which uh stop using chrome I guess
As far as I know, all major browsers (Firefox, Safari, Chrome) at least send the host you came from in the referrer header (like "https://hexbear.net")
Edit: This is true only if the site you're on doesn't set a different referrer policy! And Lemmy does set a safer referrer policy, see below
You're right! I'm on Firefox and I just figured out how to test it and it seems Lemmy's web UI thing sets the referrer policy to same-origin which means no referrer information is sent when navigating to a different domain.
But my copy of Firefox's default referrer policy is set to strict-origin-when-cross-origin so it would have sent "https://hexbear.net" if the referrer policy was not set.
My bad, I should have checked first to be sure. I would hate to be a web developer lol
No, the LW admins doxxed a lemmy.world user in the admin chat, claiming they had discovered the alt of Hexbear admin CARCOSA. Answered here
Yeah I mean I was around for that. What you quoted is what I'm saying:
None of that is unique to hexbear. Anyone visiting the URL in the OP will have their IP logged, there's no way to tell if the traffic originates from someone clicking that link here*. And no way for them to link your IP with the fact that you're a hexbear user unless you're naive enough to sign up for a lemmy world account and post correlating info to a hexbear account.
What is unique to hexbear (sort of, I'm sure they hate the grad too) is the vendetta they hold against us, so even though it's probably a PITA to correlate these things you can be confident that they're petty enough to do that.
Fuck lemmy world and good on ya for posting a lemmy.ml link to the federated thread.
* unless your browser's adding headers to note what site you're clicking that link on, which uh stop using chrome I guess
As far as I know, all major browsers (Firefox, Safari, Chrome) at least send the host you came from in the referrer header (like "https://hexbear.net")
Edit: This is true only if the site you're on doesn't set a different referrer policy! And Lemmy does set a safer referrer policy, see below
Weird, I tested it by clicking the lemmy.ml link and didn't see a referer header in the request headers.
You're right! I'm on Firefox and I just figured out how to test it and it seems Lemmy's web UI thing sets the referrer policy to
same-originwhich means no referrer information is sent when navigating to a different domain.But my copy of Firefox's default referrer policy is set to
strict-origin-when-cross-originso it would have sent "https://hexbear.net" if the referrer policy was not set.My bad, I should have checked first to be sure. I would hate to be a web developer lol
Just a nightmare interaction of various RFCs and their consequences.