As far as I understand it all activity originates from the home instance, where users are interacting with federated copies of posts. The unique user token from a well behaving instance follows the user across the fediverse, allowing bulk moderation for voting patterns using that token. The only difference is that it is not explicitly tied to a given user string. That means moderation for vote manipulation gets tracked via a user's vote token, and moderation for trolling/spam/rule violations happens via their display name. It may be possible that a user is banned from voting but not commenting and vice versa. It's is a fairly minor change in moderation workflow, which brings a significant enhancement to user privacy.
Socsa
joined 1 year ago
But not my votes.
In this case, it could also be a very expensive hairpiece.
This can't be real
For starters datamining my voting patterns for building a deeper interest profile. It should be pretty obvious how this works in terms of user fingerprinting, and the ultimate monetization of Lemmy data. It would be super naive to think that Lemmy will be the one web space immune to this kind of thing. I guarantee you meta already has an army of silent instances doing this.
Worst case scenario, legit state actors use it to target deanonymization attacks at dissidents. I would not be shocked if the ...usual suspects... Are engaged in this kind of thing.
Lemmy downvotes really have no consequences though, besides user ego.
And that is still possible with pseudonymous tokens votes. You just end up banning tokens for malicious voting activity, and users for malicious posting activity. It's at best a very mild adjustment to moderation workflows.
The current trust model already relies on a user's home instance accurately reporting user activity and not injecting fake activity. Hiding real user votes behind pseudonymous tokens doesn't change that at all.
As far as I can tell, the activity ranking algorithms don't actually differentiate between up and down votes anyway. All votes are considered engagement.
Even for delusional tech bro bullshit, the idea that public voting on an anonymous forum will do anything other than create drama is pretty fucking detached from reality.
On Lemmy the concern isn't even mod abuse - it's just how much user telemetry is pushed around in plaintext which makes me uncomfortable. I'm sure there are already instances which do nothing but listen to AP traffic actively building activity and interest profiles on Lemmy users. Say what you will, but at least on reddit they have to buy that shit. And if such a rogue admin is even a little bit enterprising, there are a bunch of potential IP deanonymization attacks possible by serving up content targeted to specific users during specific times of day. And probably a bunch of other shady shit I haven't thought of.
Honestly it's more than a bit suspicious to me that AP and Lemmy has put seemingly zero effort into mitigating this sort of thing.
It honestly just opens up a whole shitty can of worms. Are admins ready to weigh in every time someone fakes a vote history screenshot showing that so and so up voted a bomb threat before the post got removed?
Yes, that is why I am arguing in favor of an additional layer of pseudonymous voting.