Technology @beehaw.org Jeze3D.exe v0.0.6 @lemmy.world 1y ago

Use Kbin at your own risk. Can’t delete account.

I signed up kbin.social but have since decided to go all in on Lemmy. I’ve tried all day to delete my account on kbin but it won’t let me. Once I click the delete confirmation pop up it simply reloads the feed and keeps your account.

Be warned. Currently you have no control over your data there. I think that settles it for me. I won’t be using that service again.

44 comments

Bit of an overreaction, it's just that kbin is experiencing a lot of server issues and is insanely slow lately. Your request will probably go through later.
- 100% this. I’ll bet you’ll find a bunch of failed requests in the inspector. Things are being hugged to death right now.
I’m willing to let them slide. Kbin and Lemmy are getting power slammed right now. Requests from clients aren’t going through properly and everything is being held together with duct tape and prayers.

If you find something weird, see if there is community / magazine that makes sense to report the bug to. I don’t think there is any ill intent happening right now. Shits just cracking under the extreme traffic load.
You don't control the data either way. Federation and deletion are in conflict. Even if you deleted the account, there is no guarantee it would be deleted from other servers that the data was copied to. (And to be clear, Lemmy has exactly the same issue.)
- GDPR and CCPA lawyers when reading this comment.
  
  https://tenor.com/view/waterboy-rubbing-nipples-gif-11600510
  
  I mean, you can't unsend an email either.
  
  Gdpr is not that easy, and the right to be forgotten is certainly more complicated than people are making it out to be. Public facing forum posts have even less protection, for fairly obvious reasons. Now if Lemmy instances were sharing your account information and not deleting that, it gets murkier.
  
  Lemmy should probably keep gdpr and ccpa in mind but public facing forum comments are early qualified under the right to be forgotten unless they meet certain criteria.
  
  Not quite, stackoverflow doesn't delete your content if you file a GDPR request. Not all data is personal data.
  
  Do these regulations even apply in this case? Lemmy is non-commercial and it’s a distributed. Who would the regulators even go after?
Have you tried to contact the admins? Their servers are under immense load, it could be a problem related to that.
- But then we couldn't bait
- There is only one admin and it is also the only kbin developer.
  
  Kbin is not ready, I'm sad to say.
  
  As I understand it, it's still a prototype, the dev didn't expect at all people would use it, that's why it's not ready yet for mass-adoption, tho I like how it's made, it has great potential IMO, it just needs time to get out of prototype phase.
Bud what makes you think you have any control of your data on any instance?
I can't log in. I think it's just a server problem. You can't delete your account if the server can't be reached. Give it time.
@Jezebelley Kbin.social shows a small banner after requesting deletion. Whilst it is very unnoticeable, I believe it means the instance admin will have to manually remove content for now.
- Thank you! I just noticed that. They have to manually delete the account as it just submits a request. Are you kidding me? What an inefficient system.
  
  kbin is fairly new and just has one developer working on it, who's also the sole admin of an instance that's constantly under heavy load.
  
  A little wait will not hurt you.
I'm sure it'd just a bug and will be fixed soon. Have you tried contacting the mods?
One thing that definitely worries me with federation in general is the barrier to entry to hosting an instance is low, by design. On one hand this is great, but on the other hand it means just about anyone can spin up an instance and collect usernames, passwords, emails, etc. from anyone who signs up

I know this is obviously no better than an single giant corporation who can do that. But it's interesting to think about.
- I am once again reminded of the always relevant XKCD .
  
  I do see and understand the concern, and honestly, I don't see a way around it. At some point, you have to supply some information to access services, especially if you want any sort of customization to your experience. I guess if you are really concerned about it, don't use that email/password/username combo anywhere else.
  
  People should be using a password manager in 2023. No password reuse if you automatically generate new 20+ character passwords for each website or service you use.
- Remember folks, use a password manager and get it to create a random strong password for every site you use
- I believe the passwords are stored as hashes, not sent directly to the server, at least I certainly hope so.
  
  They're sent directly to the server and stored as hashes. There's nothing stopping someone from logging the plaintext password, or removing the hash mechanism, though. Make sure to follow best practices and use a unique password on every website.
I'd imagine the servers were just overloaded. I'd give it some time and try again.
Not sure about kbin but sign-up/account management on lemmy is kinda broken as well. For example lemmy.ml doesn't allow new users to sign up and when you try its just infinite loading with no visible response. Or on beehaw.org where you have to sign up and pray that you're accepted cause otherwise you're just ghosted. Edit: also there's no way to migrate to another instance There's a long way ahead in terms of UX

44 comments