
One Canuck built the #ttrpg tag and the #mecha tag. And that was me.
Cohost Cultural Institution: @Making-up-Mech-Pilots
Priv: @Scampriv
I thought the image was all black but no, it turns out I'm just like, the third pixel
GET https://draw.vulpine.dev/ 500 (INTERNAL SERVER ERROR) Image (async)
isn't this proof-of-concept that someone could use a tracking image here to get IP addresses?
Using any hosting service to host an image could allow for that really. That said, I don't have any details to show who is who with each IP address in anything that is logged and nor do I care to know anyway.
yeah, good point. hmhmhmhmhm now my privacy nerditude is fighting with my dear-god-please-no-more-Big-Tech-that-HAS-to-host-everything-itself
that’s exactly what this is. when users can post images hosted off-site, they can essentially run their own analytics on posts, capturing IPs, device info, and locales. thankfully the info isn’t directly linked to any one user.
OP clearly isn’t doing anything malicious here, but it makes me a bit uneasy knowing anyone could do this.
this is exactly why a lot of e-mail clients prompt before loading external content, so you can consent to their pixel trackers being used. this is also why i always browse cohost with a VPN lol
I think the occasional malicious user running their own analytics on assets embedded in their posts is significantly less harmful than a social media platform doing so on all posts all the time
I am not clever enough to know why this isn't working for me; I think I have my adblocker off on cohost? EDIT Okay now I think it loaded
My dumb ass thought- "Oh it's one of those interactive Chosts, so I gotta shake the photo till it develops" and started scrolling up and down rapidly.