this post was submitted on 19 Aug 2024
688 points (97.5% liked)

Fediverse

28499 readers
304 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 2 years ago
MODERATORS
 

Currently, almost anyone in the Fediverse can see Lemmys votes. Lemmy admins can see votes, as well as mods. Only regular Lemmy users can't. Should the Lemmy devs create a way to make the votes anonymous?

There is a discussion going on right now considering "making the Lemmy votes public" but I think that premisse is just wrong. The votes are public already, they're just hidden from Lemmy users. Anyone from a kbin/mbin/fedia instance can check out the votes if they are so inclined.

The users right now may fall into a false sense of privacy when voting because the votes are hidden from Lemmy users. If you want to vote something and not show up on the vote list, please create another account to support that type of content and don't tell anyone.

you are viewing a single comment's thread
view the rest of the comments
[–] TechLich@lemmy.world 12 points 3 months ago (1 children)

How about pseudonymous as a compromise? Votes could be publicly federated but tied to some uuid instead of the username. That way you still have the same anti spam ability (can see that a user upvoted these things from this instance at this time) but can't tie it directly to comments or actual user accounts without some extra osint.

It might be theoretically possible to correlate the uuids with an account's activity and dox the user in some cases, especially with some instances having a single user, but it would be very difficult or impossible to do on larger instances and would add an extra layer. Single user instances would be kind of impossible to make totally private anyway because they can be identified by instance.

[–] amju_wolf@pawb.social 1 points 3 months ago (2 children)

Votes could be publicly federated but tied to some uuid instead of the username. That way you still have the same anti spam ability (can see that a user upvoted these things from this instance at this time) but can’t tie it directly to comments or actual user accounts without some extra osint.

The issue with that is with malicious instances that could engage with vote manipulation by just generating new IDs and voting for whatever they want. If you can't look back at the profile and determine whether it's a real, non-spam account, it's a pretty big issue unfortunately.

You also have an issue where someone could potentially vote with "your" ID without any way to detect that it's not actually "you" who sent the vote.

[–] Pika@sh.itjust.works 2 points 3 months ago

they could do similar to another platform had done, which is tie voting to a shadow account that only the instance admin team can link to a user, this allows for moderation while providing the ability for obscurity.

I still disagree it should be public in the first place, but I know it's a hard requirement for federation so it's unlikely to become more concealed

[–] TechLich@lemmy.world 1 points 3 months ago

Yeah, that's fair enough, though I'm not sure it's very different from malicious instances creating normal user accounts?

You can see when users from an instance are all suspiciously voting the same way at the same time regardless of whether they are usernames or IDs.

There's lots of legitimate users that only vote but never post so doing it based on that doesn't seem very effective?

The second problem is solved using public key cryptography, the same way that you can't impersonate someone else's username to post comments. Votes and comments are digitally signed (There would need to be a different public key for voting to maintain pseudonymity though).