Yeah I mean I was around for that. What you quoted is what I’m saying:
They also log and monitor the IPs and the emails used to sign up on their instance
None of that is unique to hexbear. Anyone visiting the URL in the OP will have their IP logged, there’s no way to tell if the traffic originates from someone clicking that link here*. And no way for them to link your IP with the fact that you’re a hexbear user unless you’re naive enough to sign up for a lemmy world account and post correlating info to a hexbear account.
What is unique to hexbear (sort of, I’m sure they hate the grad too) is the vendetta they hold against us, so even though it’s probably a PITA to correlate these things you can be confident that they’re petty enough to do that.
Fuck lemmy world and good on ya for posting a lemmy.ml link to the federated thread.
* unless your browser’s adding headers to note what site you’re clicking that link on, which uh stop using chrome I guess
unless your browser’s adding headers to note what site you’re clicking that link on, which uh stop using chrome I guess
As far as I know, all major browsers (Firefox, Safari, Chrome) at least send the host you came from in the referrer header (like “https://hexbear.net”)
Edit: This is true only if the site you’re on doesn’t set a different referrer policy! And Lemmy does set a safer referrer policy, see below
You’re right! I’m on Firefox and I just figured out how to test it and it seems Lemmy’s web UI thing sets the referrer policy to same-origin which means no referrer information is sent when navigating to a different domain.
But my copy of Firefox’s default referrer policy is set to strict-origin-when-cross-origin so it would have sent “https://hexbear.net” if the referrer policy was not set.
My bad, I should have checked first to be sure. I would hate to be a web developer lol
Friendly reminder that the lemmy.world admins doxxed one of their users they thought was me. They also log and monitor the IPs and the emails used to sign up on their instance as well as use a discord bot to log all posts/comments made to lemmy.world. Don’t make accounts on their instance!
Non-LW link, since they log Hexbear IP addresses: https://lemmy.ml/comment/7570861
what lol
Answered here
o7
Log Hexbear IP addresses? Context?
they probably log all IPs and OP just phrased it weird? doesn’t make sense otherwise.
No, the LW admins doxxed a lemmy.world user in the admin chat, claiming they had discovered the alt of Hexbear admin CARCOSA. Answered here
Yeah I mean I was around for that. What you quoted is what I’m saying:
None of that is unique to hexbear. Anyone visiting the URL in the OP will have their IP logged, there’s no way to tell if the traffic originates from someone clicking that link here*. And no way for them to link your IP with the fact that you’re a hexbear user unless you’re naive enough to sign up for a lemmy world account and post correlating info to a hexbear account.
What is unique to hexbear (sort of, I’m sure they hate the grad too) is the vendetta they hold against us, so even though it’s probably a PITA to correlate these things you can be confident that they’re petty enough to do that.
Fuck lemmy world and good on ya for posting a lemmy.ml link to the federated thread.
* unless your browser’s adding headers to note what site you’re clicking that link on, which uh stop using chrome I guess
As far as I know, all major browsers (Firefox, Safari, Chrome) at least send the host you came from in the referrer header (like “https://hexbear.net”)
Edit: This is true only if the site you’re on doesn’t set a different referrer policy! And Lemmy does set a safer referrer policy, see below
Weird, I tested it by clicking the lemmy.ml link and didn’t see a referer header in the request headers.
You’re right! I’m on Firefox and I just figured out how to test it and it seems Lemmy’s web UI thing sets the referrer policy to
same-origin
which means no referrer information is sent when navigating to a different domain.But my copy of Firefox’s default referrer policy is set to
strict-origin-when-cross-origin
so it would have sent “https://hexbear.net” if the referrer policy was not set.My bad, I should have checked first to be sure. I would hate to be a web developer lol
Just a nightmare interaction of various RFCs and their consequences.
Opened this on my lemmy.ml account and saw people had replied to me claiming I was lying about being trans since I last opened that account
I would also like some explanation that sounds wild
Is it referrer header stuff? Death to HTTP
They log it all to a discord server
From our top active admin, @CARCOSA@hexbear.net:
More details in this post
Wtf
Thanks for the warning
Is this humor?
No. Explained here
I meant the linked post not the logging ip thing