Every time when a YouTube video is embedded in Lemmy, a bot appears, suggesting to use Front-end Piped (or another) instead of YT, which is certainly recommended, due to YouTube’s inherent privacy concerns.
However, then it is not understandable, why in the case of images Imgur links are happily allowed, which is infinitely worse in terms of privacy, which shares user and usage data with the worst existing advertising companies, which makes it in little less than spyware.
As a suggestion I present 2 alternatives, which in addition to, as EU products, strictly adhere to the GDPR standard and even more.
As the main FileCoffee service, this, apart from images, supports ALL types of files, whether multimedia, video, documents, presentations or texts. Supports 15 MB/file and with optional registration to also use it as a personal host (100% free with mail, password) up to 30 MB/file, encrypted. Inclusions script one click for ShareX on Windows or MagicCap on Linux or Mac
The second is vgy.me, also privacy oriented, but supports only images, encryption, 20 MB/image, EXIF Data are removed, API for web pages.
I think it shouldn’t be managed on lemmy side but on the users’ side, e.g. on your device/browser. Libredirect can automatically redirect to those sites, not on just lemmy, but everywhere on the internet: https://libredirect.github.io/
Another problem is these alternative frontends relatively frequently disappear. If you post a link to a random instance, it’s quite possible that 5 years later the instance will be down, and the link won’t work at all. Libredirect addon updates the urls of working instances, so it will work later. There is even a button in the addon to switch to another instance, so you can find the best available site.
Edit: I misunderstood what are these sites, they are not imgur frontends but separate image host websites, so this comment is just about the first paragraph.
FileCoffee and vgy.me are not frontends, they are independent European cloudservices since several years, FileCoffee since 2018, nothing to do with imgur. But yes, I think that this also should be managed by the Lemmy admins. Anyway its also an advice to all users with this alternatives to avoid this imgurcrap
Ah, ok, I misunderstood, because you started with the piped bot, and that’s totally different from this services. So you are not writing about imgur frontends, but for uploaders to upload their images elsewhere. Sorry for the misunderstanding, I just don’t like that bot.
But for embedding images, your privacy scan is not relevant, it’s just the home page of imgur you scanned. If you share the direct link to the image, no tracker downloaded, only the image. Just rightclick on the image and ‘Copy image link’. If you paste this link to this privacy inspector it says no trackers, as it’s not a webpage, just an image. They will know your ip and useragent, but that’s all, no extra tracking:
Of course it’s better to support more privacy respecting services, and thank you for the recommendations, but it’s not as big issue as it sounds. It doesn’t affect the viewers of the images just the uploaders.
Vgy delete the EXIF data, Imgur dont and know in any moment where its images are. It’s not only the homepage of Imgur, it’s among others the tracking pixel from facebook and the keylogging of TowerData which came with the sharelink which they know and the image. See the complete list of the companies which receive data from Imgur. It’s one of the worst list I’ve ever seen. Thanks, even better GDrive. Blacklight can only scan websites, not files, for these you need other tools to analyze it.
while I like and personal use frontends, it happens quite often that instances disappear after a while, especially those from non-popular domains. One benign scenario in 5 years is that they just don’t work, eg domains expire or abandoned.
But another possible scenario in 5 years of these invalid links is that they can be hijacked by malicious actors, to use as honeypots and what-not. For example, random person searching for a review in 5 years time may stump upon them.
Are there ways to safeguard against this? Or is this not a concern at all?
Plus, front-ends or alternatives, these instances (eg lemmy itself) many times have weird names. It is often off-putting to see new weird ones and to ponder whether they are trustworthy, especially if there keeps to be new ones every few months.
I think we’re told to be wary of weird-looking links as a general internet starter pack, in our jobs, … And the frontends/alternatives links can often be at odds with this mentality. Whenever I share an invidious link, eg yewtube, to my friends, they are usually worried and uneasy, even after I try to explain.