473

Discord defends itself against efforts to stop piracy on its platform by saying no to more invasive data collection. Even though Discord isn’t exactly known for privacy, this is a great move for its users. What are your thoughts?

you are viewing a single comment's thread
view the rest of the comments
[-] ItsComplicated@sh.itjust.works 215 points 2 months ago

If they did not collect any information, they would not have any information to give when they are served a subpoena.

[-] Aatube@kbin.melroy.org 28 points 2 months ago

How else would they store and sync the information?

[-] Grunt4019@lemm.ee 61 points 2 months ago

Encrypt it end to end with them not having the keys

[-] Aatube@kbin.melroy.org 24 points 2 months ago

They do have to retrieve old messages when new users join though. I’m sure the government can force them to lett them in a server and unlock the roles

[-] stoy@lemmy.zip 5 points 2 months ago

Why?

Why is channel history needed for new users?

Back in the IRC days you joined a channel that was just empty, if you wanted the history you had to run an IRC client continously, I remember running screen irssi on a separate computer and sshing into the server, reconnecting the screen with irssi in it.

If you want the history automatically, you can't expect privacy.

[-] Chadus_Maximus@lemm.ee 31 points 2 months ago

90% of the reason I even have discord is because people much smarter than me use it to share information. Nobody uses other areas suited for sharing information anymore. It's either Reddit or discord.

[-] JustARaccoon@lemmy.world 21 points 2 months ago

Because a lot of people go to discord servers to access existing information?

[-] stoy@lemmy.zip 9 points 2 months ago

That is a good point, I have never done that, and to me it is just a chat system....

[-] deathbird@mander.xyz 7 points 2 months ago

Far more than should tbh. Too many little game mods will have a Discord for questions and reporting issues rather than using their GitHub or a forum.

[-] JustARaccoon@lemmy.world 8 points 2 months ago

Oh I agree, it's very much a "forcing a round peg into a square hole" situation, but I doubt discord will make any changes to push back against it

[-] deathbird@mander.xyz 1 points 2 months ago

Oh I don't think it's a problem for Discord, but when it comes to software projects specifically I find the reliance on Discord frustrating because of its non-public orientation. If I'm having an issue I'd far rather search for a solution on a public wiki, bug report system, or forum than sign up for one more Discord server.

[-] RogueBanana@lemmy.zip 1 points 2 months ago

Why would they care what you use it for as long as you use them and give them money

[-] JustARaccoon@lemmy.world 1 points 2 months ago

Because now you're using discord for more things? You're giving them more data? What's not to like

[-] RogueBanana@lemmy.zip 2 points 2 months ago

Doubt that they are scrapping the data themselves at this point in time. They care more about the user count as their major revenue seems focused on selling nitro and whatever shit they are putting up in their shop. Not in anyway saying that it is secure obviously and they might choose to sell data like reddit but gotta sick with the more plausible scenarios.

[-] JustARaccoon@lemmy.world 1 points 2 months ago

Well who knows, they do offer AI summaries now so they're at least using the data for something,who says they won't use it for other things in the future

[-] RogueBanana@lemmy.zip 1 points 2 months ago

Didn't know that was a thing but I am on a Linux fork so haven't seen that yet.

[-] JustARaccoon@lemmy.world 1 points 2 months ago

They've only enabled it on a few servers but you can force enable it via vencord plugins

[-] GamingChairModel@lemmy.world 6 points 2 months ago

At the same time, expecting privacy in a room where a bunch of strangers hang out is already unreasonable. If everyone already in the channel can log the chats, for example by idling in the channel, then adding E2E on top of that is probably a false sense of security.

[-] vithigar@lemmy.ca 5 points 2 months ago

I remember running screen irssi on a separate computer and sshing into the server, reconnecting the screen with irssi in it.

I still do that today.

[-] sugar_in_your_tea@sh.itjust.works 3 points 2 months ago

If you want the history automatically, you can’t expect privacy.

That's not true, you can pull the history from other users who happen to be online.

[-] Aatube@kbin.melroy.org 2 points 2 months ago

The feds can also pull such history when they join the server

[-] sugar_in_your_tea@sh.itjust.works 1 points 2 months ago

Sure, and the users of the channel could decide whether to share that history with new users or not. My point is that if you don't have messages on the server, the service can't help here, and it's up to the users of the channel to set their own policies. If the data is stored on the server, the service could be legally obligated to provide that data.

[-] rooster_butt@lemm.ee 2 points 2 months ago

I have an issue with something I'm using and there is a discord server I will join it. I then search my issue and its usually been adressed in the past. Without history I would be forced to ask the question that has probably been answered many times in the past.

[-] stoy@lemmy.zip 0 points 2 months ago

I had no idea you could do that, sweet!

[-] fruitycoder@sh.itjust.works 3 points 2 months ago

Keep the data but encrypted. Let users send links that contain the pki info to decrypt the messages. Have that pki info generated client side.

Discord would only need to shuffle data, provide authentication, and provide the web app data down to the client. But every bit of user shared and generated content would be encrypted to them.

[-] Aatube@kbin.melroy.org 4 points 2 months ago

Like I said, Discord can still be compelled to let feds join the server, thus receiving the PKIs.

[-] fruitycoder@sh.itjust.works 2 points 2 months ago

If the the pki is generated by users client side by a secret discord doesn't control it wouldn't be an issue.

[-] Aatube@kbin.melroy.org 1 points 2 months ago

Either you share the message history to new users (which includes feds) or you don't have any history. I don't understand what you mean

[-] fruitycoder@sh.itjust.works 2 points 2 months ago

The server provides the data to authenticated users and helps facilitate pki between the clients.

If someone is added by the server to have access to the data but wasn't given a key capable of decryption by an actual user they wouldn't have actual access, just encrypted data.

[-] sugar_in_your_tea@sh.itjust.works 8 points 2 months ago

Sync from another online user. If each message is signed by the author, there's a built-in protection against tampering.

It's really not hard, they just have to care enough to build it that way.

[-] Aatube@kbin.melroy.org 1 points 2 months ago

Can't feds also sync them from other users?

[-] sugar_in_your_tea@sh.itjust.works 5 points 2 months ago

Sure, if they're granted access to the channel. But that access would come from users of the channel, not the service itself, and if the service doesn't store the keys (i.e. you need at least one user online to get access), the service can't really help the feds.

And whether to provide access to history for new users can absolutely be a setting on the channel. I'm just saying that having the messages only on the clients doesn't preclude sharing those messages with a newcomer.

[-] Tattorack@lemmy.world 2 points 2 months ago

Collecting information, on the context of third parties. Obviously they have information, otherwise the whole system wouldn't work.

this post was submitted on 16 Oct 2024
473 points (99.0% liked)

Technology

60148 readers
2039 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS