wants to ban any regular porn if it doesn’t come from a “trusted source” and wants people to ID themselves with their government IDs if they are deemed “too young looking” by the moderation.

So that admin wants to actually make sure that there is only legal and ethical content on their platform? How is that “abuse”? How else are they supposed to protect themselves against legal accusations that they are hosting illegal porn? The admins here aren’t working for multimillion dollar corporations, it’s probably just a matter of time until corpo social media starts targeting popular instances by exactly this kind of legal action…

ADMIN/MOD ABUSE: Redditors are no strangers to mods/admins nuking comments, astroturfing, signal boosting/silencing, and so on. Doesn’t that problem just become worse in a federated system? As an example, a subreddit mod may ban users for whatever reason, but a lemmy instance admin could drag all their communities into their own drama if they choose to defederate, no? Losing access to entire instances instead of just one community/subreddit based on a power-tripping admin seems a big flaw. Am I missing something?

Yes and no. There are certainly concerns with “little dictators” hosting instances or individuals with an agenda manipulating content on their instance. The difference to a site like reddit or twitter is that this power and influence stops at the instance border, nobody controls lemmy, so people can always migrate to another instance if something like this happens.

And with reddit, admins don’t just control individual subreddits. There are of course admins that control all of reddit.

REPOSTING/X-POSTING: Reddit was already just the same tweets posted to like forty different subreddits, recycled weekly. On lemmy, there are now a handful of instances that contain virtually the same communities too. The lemmy.world/c/memes and lemm.ee/c/memes communities will post virtually the same content. And that’s just one. Aren’t feeds going to be overrun by duplicate posts in /All?

This is just an normal characteristic of decentralized services in general and I think it will resolve itself over time. There are of course also many different websites that host similar content and there are similar subreddits that host similar content. Over time, one will establish itself and become the main community.

I have no clue about this… are there extra security or privacy issues with something like lemmy?

Information tends to be more transparent and open on the fediverse. Stuff you post on lemmy is not private. Your personal information you provide when signing-up is of course readable by the person who hosts the instance or people who have admin access. However, at the moment at least, lemmy instances are not run for profit and don’t use/sell your data for profit.

There are privacy concerns, there are always privacy concerns. It’s important to teach users how to protect themselvs by consciously controlling what information they reveal about themselves. This is much more important and effective than trying to control what others might do with your information.

This kinda goes without saying, but a small instance will already struggle to host even their own local users as traffic increases.

Here I have to speculate because I just don’t know enough about the technical side of it. At the moment, most issues seem to be cause by software bugs, not by too much traffic or hardware performance.

Handling high amounts of traffic and activity is always tricky. I believe scalability will probably be an issue that will arise, maybe sooner than later, but I don’t think it’s an unsolvable issue.

You are only going to see how truthful the platform is when the owners get a court demand or law enforcement at their doors.

Wait, so you expect a site admin to openly resist a court order and/or law enforcement when illegal activity takes place? And what does that have to do with “honesty”? There is a reason why servers like this have rules such as “don’t request or link to specific pirated titles”. It’s because they don’t want to get in trouble with the law… And for good reason, they aren’t superman after all, they cannot fight the law…

And surely we can agree that there are cases where providing law enforcement with information on illegal activity is not only the legal thing to do, but also the moral thing to do.

Yep, anytime anyone accesses anything on the internet, there are certain privacy concerns to be had. They are generally not an issue if you aren’t being reckless, but there is still always a risk.

If you are worried about anyone knowing your IP, the only way to avoid that is to not access the internet at all. The IP address is the address which is used to send you data, which is a necessity if you want to access anything. When you access a website for example, you are asking the web server to send you a webpage which you then see on your screen, otherwise you could not see it. In order for the server to send you that webpage, it needs your IP.

It’s as if you asked “If I order a package online, do they know my address?”. Well yes, they have to know your address, otherwise they cannot send you the package.

building trust with a host.

This is indeed one of the risks with lemmy and other federated, decentralized and self-hosted services. Those services are generally hosted by hobbyists, not by companies, which seemingly makes it a bit harder to evaluate if you can trust a given server or not.

But it’s worth it to keep in mind that even though companies generally have a lot more resources to take care of security, there are still a lot of examples where they simply don’t do that, for example to cut cost. You also have no idea who works as an admin at “socialmediacompany x”. For example, there are a lot of admins working at twitter or reddit who you have never heard about (and never will hear about) who probably have access to your data.

And companies often just sell your data, an issue that you probably don’t have to worry with lemmy anytime soon (hopefully).

The way I deal with that and why I don’t worry very much about lemmy is to take care about what information I share. I don’t care that a server admin could theoretically find out which country I’m from through my IP. I don’t post sensitive information and I don’t send sensitive direct messages. I use throw away e-mail addresses. I also don’t plan on reading illegal content. And I don’t feel attached to a specific server/lemmy instance, I don’t care if my account is lost.

Am I sharing my IP address/ location with my host instance?

Yes. If you connect to any server whatsoever, the server will have to know your IP, otherwise it can not send any data to you and the whole connection cannot be established. With your IP, one can figure out your (rough) location.

is there a log of my view history

As far as I can tell, yes. There is the option “show read posts” in your option menu which hides posts you have already read. In order for this to work, your read history has to be saved somewhere.

are there general privacy concerns that I am not thinking of?

There are always privacy concerns when accessing/using any service or server on the internet, at the end of the day it comes down to protecting yourself and using services you trust.

A potentially specific issue with federated, decentralized and self-hosted services such as lemmy is that the people who are running the servers are mostly hobbyists. Most will probably also work in IT professionally, but in general, people who host lemmy are doing it in their spare time at their own cost. This could potentially mean that they have less resources to secure their servers and the data on it than a multi-million dollar company.

Another thing to keep in mind on lemmy is that private/direct messages are not encrypted, which means that server admins can read your direct messages (there is a warning about this when you write a direct message).

I do not want to be in a position where a Government creates an instance, and allows them to monitor.

I’m not quite sure if I understand your worry here correctly. In general, most of the content that is posted on lemmy is publicly available anyway, so they wouldn’t even need an account to get that information, let alone their own instance.

And if governments have an issue with a user where they want information on a user, they can just contact the site admin and demand the information from them. So if you are planning on posting stuff that is considered illegal where you are from or if you are planning to access content that is considered illegal, Lemmy is probably a bad place to do that