From a privacy standpoint, i guess. I want to support open scrobbling with listenbrainz and the account isn’t directly linked to a real acc. Why shouldn’t I/ why don’t you?

  • drkt@feddit.dk
    link
    fedilink
    arrow-up
    0
    ·
    11 months ago

    What threat model includes “malicious actor can see my taste in music”?

    • Social engineering. The more information they have about you, the easier you are to immitate.

      The threat isn’t in any one piece of information about you; it’s in the corpus of knowledge, the profile they can build. Your tastes in music - at the granularity of not only what you listen to, but how much, and at what times - can help narrow down:

      • how old you are
      • where (in the world, and maybe to the time zone) you live
      • your mother tongue
      • probably your socio-economic status

      These are just the things I can tyink of off the top of my head, and I’m not in infosec.

      • drkt@feddit.dk
        link
        fedilink
        arrow-up
        0
        ·
        11 months ago

        They’re gonna datamine way more than that on the fediverse but yeah sure.

        • Depends on how much you let them link it back to you, but you’re absolutely right: social media is a privacy nightmare. It can be mitigated; pick a Lemmy instance that doesn’t require an email, and don’t give out any identifying information, or just lurk. Many of us have multiple accounts on different servers, with carefully segregated personas. You do what you can; OP asked why (or why not) scrob. I see no reason to give out that information, only to give a company more information they can sell.