Fair, I’ll take your point as it does sounds reasonable to me as well. But I don’t believe the point is to get people to visit the links, the vast majority aren’t and those who did report there is nothing on the other end. So, go figure.
As for obtaining IP- I’ve no idea on how that works, so I can’t present you with a counterargument. There are posts discussing that already, has anyone brought that up there?
If the image in the message is hosted on a server operated by the one sending the message, then the sender’s server will have a log showing the IP address of the person viewing the image. Just by opening the message, the sender will know the IP of the person reading it.
However, hundreds of people received the message. So in order to tell which IP comes from which user, the URL of the image sent to each person needs to be unique. It can be as simple as putting their mame in the querystring, like http://image.server/girl.jpg?u=CrayonRosary%40lemmy.world
The web log will show that specific URL being requested by my IP address. Every user will receive an image with a URL unique to them.
It could also be more subtle like using a random looking ID and saving username/ID pairs in a table. Like http://image.server/girl.jpg?27639927. And then some table has that number associated to my username. The attacker builds the table as they send each message.
I got one of these messages. I should check if the URL is something like this.
Luckily the attacker can’t get my personal IP address because I use NordVPN, the sponsor of this comment. Whether I’m browsing on public Wi-Fi, or trying to avoid deanonymization attacks like this one, NordVPN ensures my personal data stays private and secure. So if you want to stay safe online, go to NordVPN.com/MyTotallyRealPromoCode and get an exclusive deal today!
/s But I do use a VPN. 😄
(I must have deleted the message. I can’t find it.)
Fair, I’ll take your point as it does sounds reasonable to me as well. But I don’t believe the point is to get people to visit the links, the vast majority aren’t and those who did report there is nothing on the other end. So, go figure.
As for obtaining IP- I’ve no idea on how that works, so I can’t present you with a counterargument. There are posts discussing that already, has anyone brought that up there?
Lemmy images are just links, so when the image is being displayed it will send a request, which always give your ip address.
If the image in the message is hosted on a server operated by the one sending the message, then the sender’s server will have a log showing the IP address of the person viewing the image. Just by opening the message, the sender will know the IP of the person reading it.
However, hundreds of people received the message. So in order to tell which IP comes from which user, the URL of the image sent to each person needs to be unique. It can be as simple as putting their mame in the querystring, like
http://image.server/girl.jpg?u=CrayonRosary%40lemmy.worldThe web log will show that specific URL being requested by my IP address. Every user will receive an image with a URL unique to them.
It could also be more subtle like using a random looking ID and saving username/ID pairs in a table. Like
http://image.server/girl.jpg?27639927. And then some table has that number associated to my username. The attacker builds the table as they send each message.I got one of these messages. I should check if the URL is something like this.
Luckily the attacker can’t get my personal IP address because I use NordVPN, the sponsor of this comment. Whether I’m browsing on public Wi-Fi, or trying to avoid deanonymization attacks like this one, NordVPN ensures my personal data stays private and secure. So if you want to stay safe online, go to NordVPN.com/MyTotallyRealPromoCode and get an exclusive deal today!
/s But I do use a VPN. 😄
(I must have deleted the message. I can’t find it.)
Since you have a VPN I nominate you to engage with her and find out what she wants.
Ironically, the one time I tried Matrix, I was immediately banned after sending my first message, presumably because I’m on a VPN.