Edit: obligatory explanation (thanks mods for squaring me away)…

What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

You are viewing a single thread.
View all comments
135 points
*

Not to sound harsh or anything, but those of you saying that it’s okay that all this data is public are insane. This completely goes against the entire philosophy of the Fediverse and FOSS in general. The reason we all are fleeing from Big Tech is because they collect so much data on us. At least, they keep it hidden from public view. This is a major issue in my opinion, and needs to be addressed ASAP before we can claim to have superior platforms on the Fediverse. Why can’t this data at least be encrypted?

permalink
report
reply
14 points

I don’t think it’s possible to encrypt the data.

Say we have a rogue user that sends to the server multiple upvote requests for the same comment, how can the server reject the subsequent requests? After all, we can’t let a user upvote a post or comment multiple times.

If that data is encrypted, the server cannot tell whether the user has upvoted a comment before.

permalink
report
parent
reply
8 points

Well, I am not a developer in this field, so I don’t know what’s possible, and what’s not. All I know is that this needs to be fixed one way or another, or this whole platform will fail. If our information is all available publicly, we will be better off just using Facebook/Reddit/Twitter - at least these platforms don’t leave our data out in public view. We need to stop saying what’s not possible, and instead talk about what is possible.

permalink
report
parent
reply
7 points
*
Deleted by creator
permalink
report
parent
reply
5 points
*

I don’t see a problem with leaving data out in public view. Hiding behind anonymity has already turned most of the internet into a dumpster fire. Maybe we’ll see less trolls and hate publicly blasted with impunity from this. It will also put ‘keeping private shit private’ in the forefront of people’s minds. What personal data are you worried about revealing on a glorified chat forum that you aren’t directly responsible for publishing? edit: before this data was available mostly to the provider and anyone willing to pay for it. At least this way the data might become so publicly available it becomes worthless and the market dries up.

permalink
report
parent
reply
2 points

Maybe there is a way to keep you votes hidden but there sure is no way to keep your posts hidden. The whole point of federation is to distribute your post to the other instances. You want eat your cake and have it too. You want to post publicly but stay in control of the message. You are not better off using BigTech because there someone can scrape your data as well. And you don’t even know to how many parties your data is sent without your knowledge. There is no privacy in social media.

permalink
report
parent
reply
5 points
*

Surely the server should be able to identity users “under the hood” without having to publicly announce everything to everyone? I’m not a programmer myself so correct me if I’m wrong, but isn’t preventing unauthorized or otherwise unwelcome actions while permitting intended ones without having to announce it most of what the programming controlling a server DOES?

Surely it should be possible to write code to tell whether someone has already upvoted something and then blocking further upvote requests for that specific thing without letting all the admins of lemmygrad and lemmynsfw, for example, snoop on all users?

PS: my apologies for calling you Shirley twice, u/orangeboats. I’m sure your name is just Shirley, not Shirley Shirley.

permalink
report
parent
reply
2 points

Yeah exactly. And I am not an expert in this field either, but of course there’s a solution, one way or another. The purpose of my above comment was simply just to call out the mindset of a lot of the people on here, whom obviously have no clue about FOSS and privacy, but simply just came over from Reddit. We are at war against Big Tech these days. Our privacy is at risk and our data is being used for population control. It is vital that we have projects like the Fediverse that can counter this, but we will only be successful and win this war if we can implement some true privacy.

permalink
report
parent
reply
7 points

There might be possible technical solutions to this using hashing. Hashing is like encryption in that the original cannot be extracted, but the hashed result is unique.

For example, a solution would be to have a VOTES table with an indexed column that is a hash of a combination of the user ID, post ID, (and perhaps another “salt”, not sure). When a vote is made, the VOTES table is checked that the record (vote) does not already exist, gets an insert, and then a COUNTER is triggered for the actual vote count. (COUNTER is a db command that simply updates a counter). The hash would prevent multiple votes from the same user (as the salted hash is unique), and it would also prevent identifying who the user is from the table.

permalink
report
parent
reply
2 points

Yeah, I admit that sounds reasonable.

Although that still leaves the question of “is it scalable/performant?” on the table… Lemmy already suffers a lot from server overloading, adding cryptographic hashing (anything less than that is not going to ensure uniqueness/true anonymity) to each act of voting surely isn’t going to help.

permalink
report
parent
reply
1 point

I really don’t even think the votes table would need to itself be federated; it could just be on the user’s instance. Upvote/downvote would be a call, but it should really only require the post or comment ID and voter instance. If an instance spams votes, those upvotes/downvotes could be deleted and the instance defederated

permalink
report
parent
reply
1 point

Still you can easily and quickly check if a user has voted on a particular post. While your method makes the tracking process quite a bit slower, it doesn’t make it unrealistic. There just aren’t that many users and posts as is the case with passwords. Still 100% better than the current approach, I hope this gets implemented.

permalink
report
parent
reply
36 points
*

Agreed, I am incredibly confused by what seems to be the majority reaction to this.

I’ve never been particularly involved with the FOSS community, though I do use a few FOSS apps and generally appreciate their view on what FOSS means. I also strongly appreciate data privacy, and it was my observation that the FOSS community was (generally) relatively the same way. So to see this reaction is very surprising. It’s quite literally the same terrible argument of “Why fear it if you have nothing to hide” used against multiple data privacy concerns throughout the years.

I think the worst are the bad faith “But Reddit…!” arguments. For one, we’re not on Reddit anymore, this is about Lemmy’s issues that can be corrected. And for two, whilst Reddit potentially outsourcing that data to the highest bidder is far from ideal, at the very least the data wasn’t outright PUBLIC to anyone who wishes to set up a simple server.

permalink
report
parent
reply
13 points

Exactly. When data like that is public, I can guarantee you 10000% that Big Tech and governments are harvesting ALL of it as we speak. If this issue is not resolved and TRUE privacy is not implemented sooner rather than later, Lemmy will not succeed in the Fediverse, period.

permalink
report
parent
reply
9 points

If you want privacy you need to use an encrypted chat. You can’t have privacy in a public space. That is like stand in the middle of a market place, screaming out your thoughts and then being upset that someone writes them down. It sure would be nice if our data wasn’t harvested, but that is not the world we live in. So if you want to say something in private you need to choose a private platform. Otherwise assume that Big Tech and World Governments are listening.

permalink
report
parent
reply
14 points

You say these issues can be corrected but I am not sure they can. ActivityPub is a protocol managed by the W3C. So to have different behavior You’d have to change the specification there. That is possible but it will take some time. Still you’d need a way to make votes not bound to a user and still hard to spoof. That sounds hard. Apart from that upvotes and downvotes are not really the most interesting datapoints you can gather. You can still collect posts. These can’t be obfuscated. There is simply no way to have an open network where you can share data between servers where you can make sure that no one harvests the data. It is simply not possible. As soon as it is public it is public. This has nothing to do with FOSS. If you have a solution you can implement it. That is what it means. If you have one then go ahead.

permalink
report
parent
reply
6 points
*

You’d have to change the specification there. That is possible but it will take some time.

Then they should do so, these issues need to be fixed ASAP.

Still you’d need a way to make votes not bound to a user and still hard to spoof.

Obfuscating user IDs via a hash or something would seem like the way to make it work. I’m not a professional programmer, I only know a little bit of python, so I have no idea if I’m talking nonsense on that front. And whilst still not an ideal solution, but sharing non-private votes with your own instance admin and have them share only the total vote count with other instances is another solution. That way you need only trust your instance admin, which is choosable and can also be yourself.

That is what it means. If you have one then go ahead.

Putting the onus on me is a shitty thing to do. I’m not the one running this site in any capacity, but this is an issue that many users are unhappy with. If the issue with the site won’t or even can’t be fixed, then I will simply not use the site. I don’t know how many people feel the same on that front, but I’d imagine there’s quite a few.

permalink
report
parent
reply
1 point

You call us insane but you don’t want to be harsh? I wonder what would you call people that are not panicking at even a possibility that anything personal becomes public if you were trying to be harsh.

On a more serious note, I am happy that people like you exist that care about privacy as it benefits everyone overall I guess. But you have to remember that some people, like me, don’t have issues with having their opinions and even some personal data public as long as we are aware that this is the case (which is how I treat all the social media).

For instance, durning my Reddit 7-year tenure I always wrote my comments in a way that if suddenly my employers or friend brought it up, I would not be ashamed of what I wrote.

I am not saying it’s not good to think and discuss about things like that but I would appreciate if you didn’t call people insane that have a very different attitude to you if it comes to internet privacy.

Some people freak out about internet privacy, GMO, sweeteners causing cancer, etc. There are others that don’t.

permalink
report
parent
reply
7 points

I don’t think you’re been harsh lol, the right to secrete ballot is literally in the universal declaration of human rights.

Open ballot is a well known method for intimidating and blackmailing participants, it’s absolutely crazy that Fedivese operates this way. But even worse, seeing so many people here supports it.

permalink
report
parent
reply
10 points

I think you make a valid point about Lemmy, but “hidden from public”? Big tech literally sells your data for profit.

permalink
report
parent
reply
0 points

This completely goes against the entire philosophy of the Fediverse

Care to elaborate on that? As far as I know this is built in to all the ActivityPub applications.

permalink
report
parent
reply
1 point

What information is stored/publicly accessible for our accounts?

I don’t see it being a problem that your votes are public so long as there’s no way to tie the account to you irl. Like, so long as the instance (? I’m very new here I don’t really understand the data structure) doesn’t store your IP address or anything does it matter?

Like yeah you can see that u/randomdickhead (again, not familiar with naming conventions) upvote some weird shit but so long as that’s where the bill ends that user could just make another account aaaaaaaaaaand… No issue?

If I have the wrong idea please let me know I’m genuinely confused about this

permalink
report
parent
reply
1 point

I agree as in “we need to assure anonymity” although I find complete transperency better than corporate overlords deciding what happens with your data

now atleast you know that everyone that does want to know the information is going to get it [so you can behave yourself ;) ]

permalink
report
parent
reply

You Should Know

!youshouldknow@lemmy.world

Create post

YSK - for all the things that can make your life easier!

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)


Rule 1- All posts must begin with YSK.

All posts must begin with YSK. If you’re a Mastodon user, then include YSK after @youshouldknow. This is a community to share tips and tricks that will help you improve your life.



Rule 2- Your post body text must include the reason "Why" YSK:

**In your post’s text body, you must include the reason “Why” YSK: It’s helpful for readability, and informs readers about the importance of the content. **



Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.



Rule 4- No self promotion or upvote-farming of any kind.

That’s it.



Rule 5- No baiting or sealioning or promoting an agenda.

Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.



Rule 6- Regarding non-YSK posts.

Provided it is about the community itself, you may post non-YSK posts using the [META] tag on your post title.



Rule 7- You can't harass or disturb other members.

If you harass or discriminate against any individual member, you will be removed.

If you are a member, sympathizer or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people and you were provably vocal about your hate, then you will be banned on sight.

For further explanation, clarification and feedback about this rule, you may follow this link.



Rule 8- All comments should try to stay relevant to their parent content.

Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.



Rule 10- The majority of bots aren't allowed to participate here.

Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.



Partnered Communities:

You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.

Community Moderation

For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.

Credits

Our icon(masterpiece) was made by @clen15!

Community stats

  • 4.8K

    Monthly active users

  • 390

    Posts

  • 16K

    Comments