*removed externally hosted image*

  • Forcen@lemmy.one
    ·
    1 year ago

    Easiest way to stop this from happening is to use ublock origin to block all third party request on your instance.

    One way to do this is via dynamic filtering. This is for advanced users so be sure to read the info page: https://github.com/gorhill/uBlock/wiki/Dynamic-filtering

    (Consider backing up your ublock settings before doing this)

    If you are using lemmy.ml your rule would be this:

    lemmy.ml * 3p block

    if you're using another instance then change the domain or use both rules cause you might end up visiting the others as well. Note that adding this rule wont work unless enable advanced features in ublock origin.

    EDIT: THIS MIGHT BREAK THINGS ON YOUR INSTANCE, its recommended to learn how to use dynamic filtering to unbreak it: https://github.com/gorhill/uBlock/wiki/Dynamic-filtering:-quick-guide If it breaks stuff just remove that rule.

    You could also block it using static filters but I can't remember how to do that exactly, if you know please reply below.

  • mub@lemmy.ml
    ·
    1 year ago

    All these people correcting the result effectively giving useful data to improve data collection and detection methods.

  • TriLinder@lemmy.ml
    ·
    1 year ago

    This is possible because Lemmy doesn't proxy external images but instead loads them directly. While not all that bad, this could be used for Spy pixels by nefarious posters and commenters.

    Note, that the only thing that I willingly log is the "hit count" visible in the image, and I have no intention to misuse the data.

    • targetx@programming.dev
      ·
      1 year ago

      Nice example!

      I think proxying everything through lemmy would have a pretty big bandwidth/scalability impact. I expect the lemmy clients dont send any unique user info on these image requests so not sure how useful it would be as a spy pixel? Maybe I'm missing something :-)

  • edric@lemm.ee
    ·
    1 year ago
    • Mlem - knows exactly that it’s Mlem.
    • Memmy - sees Mobile Safari webkit.
    • Voyager - same as Memmy.
    • Thunder - just sees Mobile Client.
  • judas@lemmy.ca
    ·
    1 year ago

    Man, I remember I scared the crap out of trolls on Reddit when we started arguing over DM, and I added a link to a meme that tracked their IP and system info (without them knowing ofc). Let's just say they went AFK quickly after that. Good times!

  • tjaden@lemmy.sdf.org
    ·
    1 year ago

    Jokes on you! I use a Firefox extension that spoofs my browser profile. https://addons.mozilla.org/en-US/firefox/addon/chameleon-ext/