this post was submitted on 14 Oct 2024
137 points (97.9% liked)

Privacy

31992 readers
368 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] recklessengagement@lemmy.world 43 points 1 month ago (2 children)

Someone feel free to jump in and audit my take:

The Internet Archive is not a company, does not sell me anything, and is merely providing a public service.

The service has nothing to do with my health or wellbeing. It is not marketed as being privacy forward. Hell, the whole purpose of the project is to make data publically accessable.

Therefore, exposing email addresses... I kinda don't care?

Of course, it would be way better if they just used generic login numbers etc instead, but... I feel like this is the equivalent of my library card number getting leaked, and these headlines are treating it like Equifax just leaked my SSN again.

[–] PoorPocketsMcNewHold@lemmy.ml 4 points 1 month ago* (last edited 1 month ago)

Exactly. I was surprised to see my unique named throw-away email being found in the leak, despite having changed it to an uniquely generated throw-away account alias in the year prior. But i don't mind that much.

However, bad security practices must still be pointed out regardless of it being applied to something important or large. I do still can criticize my friend decision to expose his local server at home, unsecured, even if in the grand matter of things, it is unlikely it will be exploited or impact him in any way.

Now, the only issue having my throw-away address, is that i will have to throw it away once i start receiving spam on it. As far i know, the pirated database wasn't shared nor necessarily conserved outside of prooving the original ~~clowns~~ hacktivists group involvment, outside of confirmed security analyst.

[–] megaman@discuss.tchncs.de 1 points 1 month ago

This article isnt about how emails associated with logins got released in a breach, but that documents that are uploaded to the archive are stamped with the email address of the account that uploaded it and that can be viewed by anyone who downloads the document.

So in standard, everyday use of the site, email addresses are being revealed and are associated with the actions of that person. Like if I upload a copy of the manual for my washing machine or something, which is a more benign example, my email is linked to that document now.

Then combine this with (1) the internet archive says in multiple spots that they dont reveal this info anywhere, and (2) the issue has been raised to the organization, and it becomes more of a specific negligence from them.