You can see who upvoted and downvoted a post by viewing it in friendica.
-
Bummer.
It depends what your threat model is. Admins being dickheads about who downvoted what was the main issue at the time so I made it about choosing which admins to trust.
If future Lemmy versions show votes to mods (not just admins) then Pandora's box would be well and truly open so we'd need to rethink this.
Yeah I guess for me I don't really trust any admins. At the end of the day that's a permanent database of user activity which could be passed along to anyone, so ideally the minimum threat surface would be that it exists only on the home instance.
Also, I kind of just don't get the point of obfuscating for some and not others unless there are some politics going on behind the scenes, which just gives me even more cause for concern. I think this is a killer feature for piefed and really addresses a major concern I have with Lemmy so it is just disheartening to hear that the functionality has been nerfed for seemingly no good reason.
-
Yeah I guess for me I don't really trust any admins. At the end of the day that's a permanent database of user activity which could be passed along to anyone, so ideally the minimum threat surface would be that it exists only on the home instance.
Also, I kind of just don't get the point of obfuscating for some and not others unless there are some politics going on behind the scenes, which just gives me even more cause for concern. I think this is a killer feature for piefed and really addresses a major concern I have with Lemmy so it is just disheartening to hear that the functionality has been nerfed for seemingly no good reason.
I hear ya. There was quite a bit of back-and-forth about it and we ended up with a compromise. It would be good to have more configurability of this to suit different preferences.
There's a niche out there for a max-privacy instance. No server logs, no email verification, automatic deletion of old content. And if it was running PieFed, no trusted instances set.
Not a niche I want to pursue but someone could.
-
I understand that if you are exploring on all and so, sometimes some communities you couldn't care less appear on the feed, it's happens all the time to me with sports news and related, but I just block them and move on.
Yeah, that's what I do as well. Seems much nicer than hurting their community by just randomly downvoting everything I don't want to see.
-
I hear ya. There was quite a bit of back-and-forth about it and we ended up with a compromise. It would be good to have more configurability of this to suit different preferences.
There's a niche out there for a max-privacy instance. No server logs, no email verification, automatic deletion of old content. And if it was running PieFed, no trusted instances set.
Not a niche I want to pursue but someone could.
Do you have a link to any discussions on this? I have browsed local posts on piefed.social but can't find it. I'd be curious to see more context in support of the trusted instance concept.
-
Do you have a link to any discussions on this? I have browsed local posts on piefed.social but can't find it. I'd be curious to see more context in support of the trusted instance concept.
Check this out for general background discussion https://piefed.social/post/205362. The idea to differentiate by trusted instances was mine and not discussed there. Pretty sure there was some discussion about it in the Matrix channel which is lost to time.
During the recent roadmap planning one of the potential units of work was to sort all this out https://piefed.social/post/411591 but it didn't garner significant interest and didn't make it through to the final version of the roadmap.
-
Check this out for general background discussion https://piefed.social/post/205362. The idea to differentiate by trusted instances was mine and not discussed there. Pretty sure there was some discussion about it in the Matrix channel which is lost to time.
During the recent roadmap planning one of the potential units of work was to sort all this out https://piefed.social/post/411591 but it didn't garner significant interest and didn't make it through to the final version of the roadmap.
Hah, I am all over that first thread already. Also in that second thread. This discussion is getting pretty out of band at this point, but I've actually thought about proper cryptographic solutions to this problem, but it would require modifying activity pub itself. Which is why I'm very much in favor of voting agent anarchy to force the issue.
-
Oh I see, you were talking about a hypothetical where all instances hide their votes and so no one knows who is voting on anything.
My assumption was that these vote records would remain transparent on most instances because the instances that hide their votes just get defederated, because those are always going to be instances where trolls hide.
Yeah, let's make things less abstract and talk about real examples.
piefed.social is not sending the real voters out. You think that alone should be grounds to get lemmy.ml (your instance) to defederate them. Am I understanding you correctly?
-
Yeah, let's make things less abstract and talk about real examples.
piefed.social is not sending the real voters out. You think that alone should be grounds to get lemmy.ml (your instance) to defederate them. Am I understanding you correctly?
Oh no, I think defederation is only necessary when an instance becomes a problem. Until piefed.social becomes a haven for trolls to manipulate vote counts (which might never happen) then it's fine.
But if a dozen anonymized piefed.social votes start downvoting everything I say because they're monitoring my account then their admins would need to do something about it. If they didn't, I'd want defederation.
-
Use https://tesseract.dubvee.org/home/all/scaled to show downvotes
Assess whether banning makes sense for someone who only downvotes content
I've gone to my community and to specific posts, but can't work out how to show downvotes. Can you shed a little light on how to see them please?
-
Upvotes seem to just federate as likes and dislikes.
Who cares? If your upvote or downvote or any other activity you deliberately perform on a public platform is something you're embarrassed about and wouldn't be willing to do in a face to face engagement you probably shouldn't be doing it.
-
Who cares? If your upvote or downvote or any other activity you deliberately perform on a public platform is something you're embarrassed about and wouldn't be willing to do in a face to face engagement you probably shouldn't be doing it.
I agree, and if you absolutely must, then maybe make an alt?
The main problem is most people assume their votes are private, as they are private on reddit.
-
How can I see this in the community I mod?
You can use the Tesseract Lemmy frontend to view votes in your communities. However it will only work on instances on version 0.19.8 or greater, so if your mod accounts are on an instance like that it won't give you the option or let you see them.
-
Proxying is a separate option from caching. I think it was added in 0.19.5
Oh I didn't know that, that's good. Though I think the point still stands since it's not a guarantee instance admins will use it (unless it's a default).
-
I didn't say it was private, I said it wasn't public, there's a difference. If you asked me what number I was thinking of I'd tell you, but that's not the same thing as the number I'm thinking of being public information. ActivityPub is, at its core, about consent. We have consented to having our data be sent to any person able to serve 200 responses on an inbox endpoint by using instances with open federation. We could, if that makes us uncomfortable, moved to a closed federation system where we only accept request from an allowlisted set of instances.
I think you're misunderstanding just like the Mastodon users who think every tool should be opt-in. The consent piece IS moving to a closed system with whitelisted federation. If you're giving data out publicly with no restrictions but trying to put stipulations on how it's used, it's the same as trying to enforce control through robots.txt, which is by the way a standard protocol.
So if you're going to whine about votes being shown, you should be using a whitelist to block those actors from seeing it, and should be using authorized fetch to limit access to those whitelisted instances specifically, otherwise this is every stupid argument about "why robots.txt should be respected".
-
The comparison doesn't work because both Lemmy and Mbin are implementing the same standard, while robots.txt is mostly an honour system.
idk, the label is also an honor system, if it can be just ignored like robots.txt.
-
This is nothing new. Fire up any ActivityPub server and you can see everything over the wire. As a Lemmy admin of my server of just me, I can also see it in the UI.
Wouldn't you be able to see it by
curling the outboxes? -
idk, the label is also an honor system, if it can be just ignored like robots.txt.
I didn't explain what I meant very well. To scrape a website you don't need to understand robots.txt, implementing robots.txt is something you do to be a good netizen. But to get like info from Lemmy, implementing ActivityPub is a requirement.
Now I'll admit, it's not a great system and I do wish we had something better, but I also don't think "this isn't a good way to communicate preferences" is a good reason to ignore them.
-
System shared this topic
