Images do not get mirrored from one Lemmy instance to another. Understandably so. But there is a harmful side effect: if SourceNode is behind an access-restricted walled-garden and an image from that node is cross-posted to a DestinationNode that is not inside the same access-restricted walled-garden, then some readers on DestinationNode see posts where the image is inaccessible.
All variants of walled gardens are can trigger this problem but the most common is Cloudflare. So posts that contain images coming from instances like sh.itjust.works and lemmy.world are exclusive and do not include all people who infosec.pub includes.
How can this be fixed?
- infosec.pub could defederate from all Cloudflare nodes. This would prevent CF pawns from pushing exclusive content onto infosec.pub, but infosec.pub users could probably still post links to the exclusive venues.
- infosec.pub could block just cross-posts from CF nodes that contain images.
- infosec.pub could mirror images when the image is in a known exclusive walled garden.
- infosec.pub could accept posts that contain images in walled gardens and then immediately hide those posts. Perhaps a bot could populate a community designated for exclusive walled gardens with links to hidden posts so users not excluded by the walled garden can still reach the content.
Some of those options might require changes to lemmy code.
Ideally there would be a service that expands on what downinspector.com does. Something that tries to access an URL from various kinds of IPs (CGNAT, Tor, VPNs, public libraries, various regions) to establish whether or not the file is reachable by all people. Then ideally lemmy could be coded to treat links based on whether exclusivity is detected.
In principle this would be in the domain of the #OONI project. But I doubt they have anything like this. E.g. OONI tracks whether a country blocks a domain (https://explorer.ooni.org/domains), but not whether a domain blocks a country.