So what have they been doing to nuke the csam images, editing the database directly?
Often just nuking all image uploads made during a certain time period. Which is why old image threads in Lemmy have time periods littered with broken images.
I don’t understand why Lemmy needs to have a built-in image server at all. Reddit didn’t have one for the longest time and it was fine. Sure, I don’t think anyone would be particularly happy with going back to Imgur etc., but it doesn’t seem worth the trouble.
Often they delete all images during the time frame of a CSAM attack, as that has been the only real feasible way to ensure images weren’t left behind. Though I think a few images have started using AI detection methods to remove images like that automatically (read up on that here and here), also Pict-rs now has a Log linking uploaded images to the user, so now images can be purged with the users.
How exactly does Lemmy remain in compliance with laws regarding, for example, a user’s right to have all data associated with their account deleted (right to erasure, etc), or ensure that it is only kept for a time period reasonable while the user is actively using your services (data protection retention periods, etc)?
It’s not a big deal for me, just strange to think Lemmy of all places would be built to be so anti user’s data rights. The user is ultimately the one that decides what is done with their information/property, after all.
redacted
Or do.
This got me curious on how many images are on all Lemmy instances combined and how much storage it all takes up.
I hate to use it, but this is why I still find imgur useful. It works.
Some stuff on Lemmy just doesn’t have a robust feature set yet. Especially around content moderation.
Damnit. I wish I known that an hour ago. I guess my butthole pic will live on with the internet for an eternity.
It really is a nice butthole
“That’s America’s butthole.”
Yea i remember coming across this issue on git the devs were being angry at the poor lad.
How dare you make us follow the rules!
What ?
He was telling the devs to follow the gdpr and they said “nah it’s not a priority”.
Oh yeah i remember that too in the end the devs seem to be bullying him and just assigned him on the project and i don’t think the guy even knows tge language he needs to write (forgot which one ruby or rust is my guess).
That’s scary. I must be certain to not mix up my dick pics with my memes.
Might be worth heeding with anything else sensitive too. Like bank details, emails etc. Dont dox yourself.
How hard can it be to fix?
Well, the first thing a server does with your image is to send it to a lot of other, completely unrelated servers.
That’s not quite true - images are only shared if you attach the image to federated content, such as a post or comment. Then yes other instances will cache the image.
If you never do that, and just upload an image accidentally like OP then it will not be federated AFAIK.
