Bonum Certa Men Certa

Fallacy About Privacy in Geminispace

Video download link | md5sum c58217da5962643b47fbfc156ab92c65 Gemini is Not for Privacy Creative Commons Attribution-No Derivative Works 4.0

Summary: gemini:// offers as much privacy as https://, but it's widely known that because of how the Web technically works the latter does not ensure IP addresses do not leak to all sorts of sites (or data brokers); while moving away from http:// did in fact limit the visibility/exposure to one's ISP/s (unless they buy data 'downstream') the lingering issue is that unless one uses anonymity-preserving software (such as Tor) one's movements in cyberspace are still clear for many parties to see; Gemini resolves or tries to tackle only the problem of cross-site linking/embedding/scripting

TO avoid busting any bubbles in the future, based on a false expectation or baseless hopes, Gemini is in general not a privacy tool. It does address a plethora of issues plaguing the World Wide Web, but neither the Web nor Gemini should be treated as privacy protection tools. Even if you outsource to the Linux Foundation (Let's Encrypt), in which case privacy is eroded even further.



In the video above I show Billsmugs' capsule, which boasts an extensive photography collection, albeit also tracks access with caveats stated clearly upfront. To quote:

This Gemini capsule does not log IP addresses or use any fingerprinting techniques to identify users across visits. When you connect to the server for the first time, your IP address will be mapped to a sequential ID (in memory). This mapping will be forgotten one hour after the last request from the IP is received. If, during this hour, you request the standard robots.txt file, your session will be marked as a bot - this is just to give a (very very rough) method of tracking human vs robot visitors, all requests will be treated the same.

In other words, a "session" in the list below represents a single IP address making requests with less than one hour between them.

If the server process is stopped or restarted unexpectedly (or is under very high load), some stats may be delayed or lost.

"Bad requests" are any requests that result in a 59 status code being returned. These are things like malformed URLs, attempted directory traversal attacks, misguided http requests etc. These indicate either a bug (in the server or the client) or malicious traffic. If I receive an exceptionally large number of these (and they aren't caused by bugs in the server code) then I may decide to start logging the source IPs specifically for these requests (with a view to blocking or rate-limiting repeat offenders). Hopefully that won't be necessary!


In our case, logs are only used for DDOS protection and mitigation (some days we get over 30,000 requests, most of them from bots). The code we developed for it is Free software and AGPLv3-licensed (in our Git repository).

Recent Techrights' Posts

Open Source Initiative (OSI) Resists Software Freedom, Even by Attacking Its Own
The OSI is compromised
 
Links 28/08/2025: Chatbots Distorting/Fabricating History and Also Driving Suicide
Links for the day
Gemini Links 28/08/2025: Back in Japan and Why "Hacker News" Sucks
Links for the day
A Much-Needed Wake-up Call to Users of Wordpress.com, Blogspot, Substack and All Those Other Outsourced (and Centralised) Platforms
There are several lessons in there
The UEFI 9/11 - Part II - Campaign of Censorship and Defamation Against Critics
In dictatorships, humour serves an important role. It's tragic.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, August 27, 2025
IRC logs for Wednesday, August 27, 2025
Slopwatch: linuxsecurity.com, Slopfarms in Google News, and More
Some readers of ours end up sending us links that are from slopfarms, not realising those are slopfarms
Gemini Links 27/08/2025: Katrina Memories and Google Versus Software Freedom
Links for the day
Links 27/08/2025: Police Against Media Freedom in the UK, Energy-Hungry Countries Targeted by China
Links for the day
Microsoft Windows Fell to All-Time Lows in Egypt This Summer, Vista 11 Adoption Decreases While GNU/Linux Increases
Vista 11 is going down rather than up
Links 27/08/2025: Microsoft Demoralises Staff With Slop Demands, Leaving Mastodon Explained
Links for the day
12 Hours Ago The Register MS Published a Fake (Paid-for) Article, But This One for a Change Did Not Promote a Ponzi Scheme
There are also Free software alternatives, but they don't pay The Register MS for "synthetic" so-called 'journalism'
More People Need to Call Out and Put a Stop to Serial Sloppers
Unless slopfarms are stopped, people will read and share Microsoft propaganda made by chatbots
Gemini Links 27/08/2025: Headphones and Tartarus
Links for the day
Morale at Microsoft is Terrible (Proprietary Plagiarism Machines Have No Future, LLM Slop is a Bubble)
The slop sceptics/critics are going to have lots of "told you so" moments
GNOME "governance issues, staff reduction, etc." amidst Albanian whistleblowing and women trafficking
Notice the connection to Software Freedom Conservancy (SFC) and GNOME
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, August 26, 2025
IRC logs for Tuesday, August 26, 2025
Richard Stallman (RMS) Was Right About "Sideloading" in 1996
We now have computers that treat booting GNU/Linux like an act of "Sideloading"
Panama: Windows Down From 97% "Market Share" to Less Than 30%
In 2009, Windows was measured at 97.24% (compared to 62.32% right now or less than 30% if one also counts Android)
The UEFI 9/11 - Part I - Introduction to Impending Catastrophe (Microsoft Preventing People From Booting Non-Windows Systems)
eight-part series
Why Techrights is Slow Today (Bot Floods)
We don't know if those bots are connected to LLMs (we have not checked), but that is a possibility
Slopwatch: DDoS Slop, LinuxBSDos.com Spam, and Slopfarms in Google News, Including webpronews.com
Among the news we also found fakes, albeit not so much today
Links 26/08/2025: "Ballooning Debt" in France and "Transnational Repression in the UK"
Links for the day
Gemini Links 26/08/2025: Listening to Alcest and Google Doing Evil (Users Installing Software is "Sideloading" and Prohibited)
Links for the day
Links 26/08/2025: DNS Tampering and TikTok Layoffs
Links for the day
Microsoft's Windows "Market Share" Overestimated
Microsoft's income sources are shrinking
We Shall See...
My wife and I are hardly the first victims of Brett Wilson LLP
This New Determination on a Case Echoes the Modus Operandi of Microsoft's Serial Strangler vs Techrights (Its Online Decision/Judgment Says Truth and Public Interest Defend the Publisher)
Noel Anthony Clarke hopefully has enough money left to pay his victims, which include the publishers
Going Offline
There was life before the Net
The Register MS Has Apparently Shut Down Its Office
It is basically a fake address on the face of it
There Are Also Expectations of IBM Layoffs Very Soon With "Narrative Control."
Some of them mention Red Hat and how IBM failed to achieve anything substantial with that acquisition
After at Least Two Rounds of Mass Layoffs in August Microsoft Said to Have "September Layoff Confirmed - Performance Based"
Those "M5 level meetings" sound plausible
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, August 25, 2025
IRC logs for Monday, August 25, 2025