this post was submitted on 19 Aug 2024
686 points (97.5% liked)

Fediverse

27788 readers
362 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 1 year ago
MODERATORS
ruud@lemmy.world
Xylinna@lemmy.world
MrCenny@lemmy.world
TragicNotCute@lemmy.world
automodbeta@lemmy.world
686
Lemmy votes ARE public, should they be anonymous? (discuss.tchncs.de)
submitted 3 weeks ago by lalo@discuss.tchncs.de to c/fediverse@lemmy.world
262 comments fedilink hide all child comments
 

Currently, almost anyone in the Fediverse can see Lemmys votes. Lemmy admins can see votes, as well as mods. Only regular Lemmy users can't. Should the Lemmy devs create a way to make the votes anonymous?

There is a discussion going on right now considering "making the Lemmy votes public" but I think that premisse is just wrong. The votes are public already, they're just hidden from Lemmy users. Anyone from a kbin/mbin/fedia instance can check out the votes if they are so inclined.

The users right now may fall into a false sense of privacy when voting because the votes are hidden from Lemmy users. If you want to vote something and not show up on the vote list, please create another account to support that type of content and don't tell anyone.

you are viewing a single comment's thread
view the rest of the comments
[–] GoodEye8@lemm.ee 4 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

We could split the difference and users could get auto-notified if their vote was viewed and by whom. That way it’s a two-way street. The mod/admin can see your votes, the users know that their vote was accessed by that mod.

It would be pointless to do. Anyone can view your votes without notifying you. Just set up your own instance, download the data (that you need to do anyway because of how activitypub works) and then just open up the database with a different software to access the data. No notification can be sent because the application doesn't know the data was accessed.

Second choice would be that all users are anonymized by a hash so that bad vote actors can be removed via their hash being associated with malicious or other bad acting, but to discover who individuals are the admin would have to do the legwork of follonf multiple posts/ comments to associate the hash.

This opens a door to vote manipulation. If you can't verify users someone can send random hashes.

Otherwise hide the votes if trust of anonymity is paramount.

The votes still exist in the activitypub. They're already publicly available, the question is how accessible they should be because right now if you want to track downvotes you need to put in some effort. Upvotes you can already easily check from any mbin instance

[–] IlovePizza@lemmy.world 1 points 3 weeks ago

Couldn't malicious instances use random users aswell? What if there's some sort of user manifest that shows all users an anonymous hashes belonging to that instance? That way you could check there are the same number of both.