you should assume that to sufficiently motivated megacorps, palantir, and the u.s. federal government, your best attempts at online anonymity can probably be circumvented by one failure point or another. i've taken relative pains to separate my username from my real life, and i know it's still not really meaningfully anonymous if the right company wants to figure it out. if they want ya, they got ya. everyone should post accordingly.
this post was submitted on 25 Feb 2026
59 points (100.0% liked)
Chapotraphouse
14288 readers
822 users here now
Banned? DM Wmill to appeal.
No anti-nautilism posts. See: Eco-fascism Primer
Slop posts go in c/slop. Don't post low-hanging fruit here.
founded 5 years ago
MODERATORS
There isn't that much traffic on hexbear. ISP could pretty easily time TCP connections to Hexbear with when accounts post stuff.
I always figure theres little point having better opsec than me org (we use google lol 💀)
yes this is known, and not even that new. they way you type here can be linked to the same patterns elsewhere.
and lemmy is a very public forum. some time ago there was news facebook was scraping us, and there is probably more of them doing it.
private encrypted and secure messaging exists for now, but not here and not like this.
Was that about Threads adding activitypub?
luckily, most good instances defederated from meta.
unluckily, spinning something covert up or scraping the fediverse other ways is perfectly doable.
it leaked they were scraping some instances, but iirc not exactly how they were doing it.
this applies to everything you write though so i dunno how safe we are tbh.
Even if it’s possible, don’t make it easy. Too many people post here hyper specific details like “my grandfather with has an adopted daughter from Bangladesh who became a rural doctor”
Don’t make things too personal here, even if most of us are friendly
Salt your posts with disinformation as well. Mention things about yourself that aren't true.
This is the way. I do it by having bad takes on purpose.
Stylometric surveillance is already here and does not depend on the target telling the same story twice. I'm not even sure LLMs help the surveillors, but as a community we should investigate more into adversarial stylometry.
I wondered about this and had an idea for a (similar but worse) pipeline, very interesting paper.
Wonder when this will be on github and every nerd has a copy running on their computer.
The Gestapo 3.0 will be crowfunded by the worst people you know
How is it possible to validate the results?
The paper has several different datasets and explains how they got them, but for their test data they already knew the link existed. I think this one is probably the most relevant for actual attacks. They split accounts, giving a one year gap in their post history to simulate an abandoned account etc and added some fake profiles that didn't have a match.
If you mean running this yourself, you can't, they didn't post prompts or anything. Just an overview of their pipeline. Sorry at first I thought you meant how could they validate that the users were the same person.
Oh I see, they stripped the usernames and matched the comments. I thought they were claiming to have matched usernames to legal identities.
They did that too, with hackernews and linkedin accounts, as well as some anthropic interviewees. I'm less sure how impressive that is, because the accounts were linked by the owner. So they obviously don't care about opsec, so they're probably less careful then they otherwise would be. The paper isn't a super hard read if you're interested. Guess we'll all have to see how well this works in practice.
:shocked-pikachu:
That just means we gotta start talking like LLMs so it gets matched to millions of other accounts, no?