this post was submitted on 22 Jun 2023
100 points (100.0% liked)

Lemmy

496 readers
1 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.

founded 4 years ago
MODERATORS
 

Hey folks! Just realized something that makes Lemmy different from Reddit. Because of the federation, your votes are not technically anonymous on Lemmy. At least, I think.

Although there’s no UI to look at a user’s voting history yet, one could conceivably be built by an instance. Perhaps coincidentally, I hear there’s instances out there populated by mostly bots?

top 50 comments
sorted by: hot top controversial new old
[–] UrbenLegend@lemmy.ml 49 points 1 year ago (4 children)

From a technical standpoint, it's not different from Reddit. The only difference here is that normal people can host their own instances, whereas Reddit is only hosted by the company and they can keep it under wraps.

[–] o_o@programming.dev 21 points 1 year ago (4 children)

Agreed from a technical standpoint.

But the implications are still interesting. One might (big might) trust Reddit as an organization not to use this data for evil, but with federation, there’s nothing stopping an instance from simply releasing all users’ voting history to be public.

Of course, my instance didn’t even ask for an email to sign up, so my entire account is anonymous that way.

I wonder if there are technical ways to federate votes anonymously?

[–] UrbenLegend@lemmy.ml 13 points 1 year ago (1 children)

Yeah, I wonder how you can federate anonymously while still maintaining defenses against vote manipulation.

[–] Zagorath@aussie.zone 4 points 1 year ago (3 children)

I think you could probably do something like have the votes be reported in aggregate by the instance.

Any individual instance admin could use defences against vote manipulation by their own users, and other instances' admins could use defences against one particular instance being widely used for vote manipulation.

[–] UrbenLegend@lemmy.ml 3 points 1 year ago

I know some privacy oriented services (Brave Browser comes to mind) aggregate telemetry data like that to preserve privacy. Perhaps something like that is possible for Lemmy as well.

load more comments (2 replies)
[–] JackbyDev@programming.dev 8 points 1 year ago (3 children)

Maybe you could hash the user and post together somehow this way it is hashed but also unique per post. If you only hashed the username then the entirety of the user's voting history would be known if the hash was reverted.

[–] o_o@programming.dev 8 points 1 year ago (1 children)

Could be hashed and salted, with a random salt.

The trouble is, then, that it’s harder to disallow users from voting multiple times if the voting user isn’t on the post’s home instance.

[–] CarbonIceDragon@pawb.social 5 points 1 year ago (1 children)

Couldn't someone vote multiple times anyway by just having a bunch of different accounts?

[–] o_o@programming.dev 4 points 1 year ago

Yes, true, the current system does allow that. But the current system also doesn’t allow users to accidentally vote twice (and it remembers your vote)— this is the feature I think would be more challenging to implement if we were to hash & salt the user's ID.

[–] kevincox@lemmy.ml 4 points 1 year ago (2 children)

Hashing can't effectively protect known values. If you want to know if someone voted for a post you can just hash their username and post ID. This is trivial and cheap.

If you want to know who voted on a post you just find every username you can find and hash it. It isn't super cheap but isn't very expensive either. There are only 8G people on the planet, many bitcoin rigs can calculate this in seconds. Sure, you can use a more expensive hash and there may be more accounts than people but it will remain feasible.

This is the same reason you can't hash phone numbers in a meaningful way.

The best option is probably just for the instance to report counts and you just have to trust it. If it is noticed that an instance seems to be inflating votes you stop counting its votes. People can work together to create blocklists for known cheating instances. Your instance would still know this but at least it is within your trust, not federated publicly.

load more comments (2 replies)
load more comments (1 replies)
[–] WalrusDragonOnABike@kbin.social 8 points 1 year ago* (last edited 1 year ago)

but with federation, there’s nothing stopping an instance from simply releasing all users’ voting history to be public.

Which kbin.social does.

[–] CorrodedCranium@lemmy.fmhy.ml 3 points 1 year ago (1 children)

But the implications are still interesting. One might (big might) trust Reddit as an organization not to use this data for evil, but with federation, there’s nothing stopping an instance from simply releasing all users’ voting history to be public.

Another potential privacy issue is that deleted content stays server and I believe it's similar with posted images.

[–] o_o@programming.dev 4 points 1 year ago (6 children)

I think this issue is overblown. Instances of Lemmy might run modified code and choose to save things that the user intended to delete, of course, but the default setup of Lemmy seems reasonable to me in terms of how it treats deletion.

Currently it keeps deleted posts forever to allow users to un-delete if they choose, but deleting your account clears everything. And I believe there’s work in progress to discard deleted posts after 30 days. Details here: https://github.com/LemmyNet/lemmy/issues/2977

[–] CorrodedCranium@lemmy.fmhy.ml 3 points 1 year ago* (last edited 1 year ago)

Thank you for pointing this out. I was looking into privacy in relation to Lemmy and came across this post where I got the wrong idea I guess. I couldn't find much else online at the time

And I believe there’s work in progress to discard deleted posts after 30 days.

That would be a nice addition

load more comments (5 replies)
[–] briongloid@aussie.zone 11 points 1 year ago (2 children)

In fact, Reddit has suspended people for upvoting before.

[–] ScrumblesPAbernathy@readit.buzz 10 points 1 year ago (1 children)

True, but in Unidan's defense, it was a jackdaw, not a crow.

[–] tgxn@lemmy.tgxn.net 2 points 1 year ago (1 children)

We need Unidan back now more than ever 🤗🐦‍⬛

[–] zksmk@sopuli.xyz 2 points 1 year ago
[–] UrbenLegend@lemmy.ml 9 points 1 year ago

You're kidding surely. That's actually awful. Any source for this? Would love to read more about it.

load more comments (2 replies)
[–] StingJay@lemmy.ml 17 points 1 year ago (2 children)

This would be interesting to see if certain articles were pushed up or down by bot accounts.

This could be anywhere from news articles being buried/promoted or by hidden advertising within a post.

[–] o_o@programming.dev 7 points 1 year ago (1 children)

True! Also instances could each do their own brand of “vote manipulation mitigation” by counting or ignoring different sources of votes.

Other cool features come to mind, like having a separate vote count for voters from the local instance.

[–] UrbenLegend@lemmy.ml 2 points 1 year ago

Other cool features come to mind, like having a separate vote count for voters from the local instance.

That'd be cool. Like a big colorful number representing the total votes and then a smaller number right below that in parenthesis and a gray color to indicate local instance votes.

[–] blivet@kbin.social 2 points 1 year ago (1 children)

How do you identify a bot account?

[–] Geometric7792@kbin.social 4 points 1 year ago (1 children)

If they vote in a way I don't like, they're a bot. If they don't vote in a way that I like, also a bot. In fact, if they vote at all, probably a bot

load more comments (1 replies)
[–] interdimensionalmeme@lemmy.ml 17 points 1 year ago (2 children)

Yes, I thought that was implied. Voting is part of moderation. All moderation must be radically transparent. Your voting history is the weight of your credibility and reputation on Lemmy.

[–] ablackcatstail@goblackcat.net 6 points 1 year ago (1 children)

@interdimensionalmeme @o_o Agreed! Your voting history will help others gauge how objective (or not) you are.

load more comments (1 replies)
[–] hare_ware@pawb.social 6 points 1 year ago (2 children)

It also discourages people from upvoting more controversial topics, for better or for worse.

I just hope it doesn't turn into Twitter's culture of ruining people's lives by showing they liked a sus tweet 5 years ago, LMAO.

[–] joonazan@discuss.tchncs.de 4 points 1 year ago (1 children)

It would be nice if we could upvote interesting posts rather that posts that we agree with.

[–] hare_ware@pawb.social 2 points 1 year ago

Isn't that what upvotes are supposed to be for? Just not how people actually use them...

load more comments (1 replies)
[–] rglullis@communick.news 16 points 1 year ago

When us older folks say "Anything you put on the public internet should be considered public and recorded forever", it's because of that.

[–] vriska@l.60228.dev 11 points 1 year ago (2 children)

On the other hand, I don't really trust Reddit with my upvotes/downvotes all that much more than random users, so I already refrain from voting on content I wouldn't want to be associated with....

Of course, Reddit can still see what posts I view, while that isn't the case for Lemmy (at least since I self-host an instance).

load more comments (2 replies)
[–] atocci@kbin.social 8 points 1 year ago (3 children)

They're definitely not anonymous, and Kbin actually does have the UI to show who is upvoting and downvoting any post if you view it on there.

[–] BasicWhiteGirl@kbin.social 2 points 1 year ago (1 children)

I love it. I've already used that feature to block someone who was stalking my posts and downvoting them. Then I got curious and checked out a bunch of posts on the front page that had downvotes but didnt really warrant them. I found there were about 5 accounts who were heavy downvoters for apparently no reason. They also got blocked.

[–] atocci@kbin.social 2 points 1 year ago (2 children)

I agree, I think it's useful! I also blocked a person yesterday who was downvote stalking me, they clearly didn't want to see the things I was posting anyway.

load more comments (2 replies)
load more comments (2 replies)
[–] Mirror_I_rorrIMG@kbin.social 8 points 1 year ago (6 children)

Im sorry for the stupid question but can someone explain the difference between lemmy and Kbin?

I just recently created a kbin account and downloaded the kbin app but see a lot about lemmy on here. Is kbin a subset of lemmy? If I want a wider variety of content would I go to lemmy or kbin?

Again, sorry for the stupid question.

[–] o_o@programming.dev 9 points 1 year ago

Not a stupid question at all!

Lemmy and Kbin are two different systems that talk to each other. Like how Gmail and Outlook are two different systems, but you can still send emails between them.

So you can make posts over there on Kbin and I can upvote them from over here on Lemmy.

Make sense?

[–] zerot@kbin.social 3 points 1 year ago

Most Lemmy instances and kbin are connected/federated to each other meaning that the content is available to both. For example, the thread you currently are replying to is on the Lemmy.ml instance. So in general you don't need to worry if the content is on a Lemmy instance or on kbin. You will see it anyway. So you can just pick the instance you like the UI best and use that.

There is a small caveat, in that a magazine/community will only start federating/being visible on a remote instance after someone visits that community for the first time. E.g if someone creates a new community on kbin, then it is only visible on kbin until someone goes to newcommunity@kbin.social on their instance. And also other way around. If someone makes a new community on Lemmy.world you won't see it on kbin until you it someone else goes to newcommunity@lemmy.world on kbin.

load more comments (4 replies)
[–] AgreeableLandscape@lemmy.ml 3 points 1 year ago* (last edited 1 year ago)

Because in order to federate, user data needs to be shared, including the username. It prevents double votes from the same account and also allows votes to be rescinded at the user's discretion, at which point the instance will send effectively an undo signal for the activity.

The first rule of the Fediverse is to make sure you're perfectly okay with the entire internet seeing your account activity, including votes and favourites. If you're unsure or are worried you might regret it, best not to post it at all. This is equally true on all social media but the way the Fediverse works just makes it more obvious.

[–] albinanigans@kbin.social 3 points 1 year ago

Fine by me. I'll stand by my votes!

Has also been handy for a makeshift bookmark, so I can return to the stuff I liked.

[–] corytheboyd@kbin.social 2 points 1 year ago (3 children)

I didn’t know, that’s awesome! Downvote shouldn’t be the “fuck you I disagree” button, save that garbage for Twitter and Reddit. Downvote is there for democratically killing malevolent bullshit. Expose the names!

[–] John937@kbin.social 8 points 1 year ago* (last edited 1 year ago) (2 children)

It's sometimes hard to separate those feelings

Maybe a 3 button setup

  • Agreed and acceptable content
  • Disagree and acceptable content
  • Bad content

Default Rankings are based on minimum bad-content/maximum agreed count
And controversial ranking is based on minimum bad-content/maximum good-content count (agree+disagree)

This way even comments that people disagree with can be exposed so long as it's still good content

Brigadiers who blindly vote everything bad content to maliciously influence rankings can be identified and removed for manipulation, while people who vehemently disgree with an idea can still have that outlet without influencing the community/magazine haphazardly

[–] socsa@lemmy.ml 5 points 1 year ago

Yeah I never understood to pearl clutching about downvotes. It just reeks of "everyone who drives faster than me is a lunatic, everyone who drives slower than me is a granny" mentality.

[–] CoderKat@kbin.social 3 points 1 year ago* (last edited 1 year ago)

Sometimes reporting technically covers the last one. But usually not. Not all subs have rules against bigotry, trolling, dog whistles, general assholery, etc. I strongly hold it's important that downvoting is an option to deal with these kinda things. It's a way to show everyone that the comment isn't acceptable.

Plus even when reporting is an option, it may not be fast enough. Can't really automate removals, either, as people will abuse that.

Arguably "disagree but acceptable" should just not upvote. In a certain sense, that's already a middle option.

[–] socsa@lemmy.ml 5 points 1 year ago

Fuck you, I disagree.

Is that better?

[–] MagicalVagina@kbin.social 4 points 1 year ago (1 children)

In term of privacy this is pretty bad though. From the upvotes/downvotes activity you can very easily build a whole graph of stuff you like/dislike. For advertisers that's juicy data.

load more comments (1 replies)
load more comments
view more: next ›