You can see who upvoted and downvoted a post by viewing it in friendica.
-
but then malicious servers can lie about numbers of votes.
They already can do that by pretending to have users they don't have. It's definitely a quick way to get defederated.
-
Petty mods or users would abuse this
-
Hash them with the post ID appended, so a user can't be identified across posts
-
i think we should be accounting for it if we don't wanna get swallowed by shitty interests tbh
-
It's already possible to see if you really want to look. Friendica is just another way.
-
Like, of course; tho any sort of "accounting" should IMO start from the base that the intent of this entire thing is to publicly share public information.
-
This is one of the reasons why I'd love to see a more expanded method of reacting to content rather than simply upvoting or dowvoting; something like, say, user-side thread or post tagging, with things like "verified", "clickbait", and mood reacts like "happy" vs "sad", and usefulness reacts like "solved, thanks" vs "closed as duplicate", etc. We need more and better axes.
(Axises? Axeses?
Asses?) -
Interesting idea, but how do you decide on what the universally-agreed on reactions are? Have too many and they may as well just be comments!
-
That's almost as bad as using robots.txt to claim sites are private and secure and just whining that people/bots should respect it.
You should assume voter data is fully public and fully open. It otherwise is in the federated ecosystem.
-
It's not good practice. Really one shouldn't be assuming anything is private or some entitlement to privacy on a service where all content you post is made publicly available to any and all linked instances. They miss the point of a federated public forum. If one wants privacy, data must be kept locally only. That's why Lemmy has local-only communities, the "private" community aspect that many people want just won't be federated, because you can't make something like this private otherwise.
-
The comparison doesn't work because both Lemmy and Mbin are implementing the same standard, while robots.txt is mostly an honour system.
-
I know, but most people don't.
-
Except ActivityPub data is by in large already not private, it is handed out to any tom dick and harry who run a server and have subscribed to actors on this one, and most of the time, it doesn't even really require extra authorization. That is fundamentally how ActivityPub and federation work, but you can't have any expectation of privacy in this system when it comes to the content shared. Expecting it to be private because it's labeled is as dumb as expecting your website not to get scraped because you said so in robots.txt.
-
I know, it's a really big problem here and on the Fediverse in general because people get so outraged and entitled over something that just is the way things are, this wouldn't work any other way.
-
Mods can already see voting data, at least through the API on the latest version of Lemmy.
-
And it wouldn't be caught quickly or maybe even ever if they opted to use hashes instead of just showing who voted and when.
-
Information not being private isn't the same thing as information being public.
I'm not sure that is a realistic expectation these days.
-
Exactly, that's why I said for ones that aren't cached. They can be cached, but it's not a guarantee they will be.
-
You can usually use another instance that shows names if you have an account there, it'll show at least the federated stuff.
-
I didn't say it was private, I said it wasn't public, there's a difference. If you asked me what number I was thinking of I'd tell you, but that's not the same thing as the number I'm thinking of being public information. ActivityPub is, at its core, about consent. We have consented to having our data be sent to any person able to serve 200 responses on an inbox endpoint by using instances with open federation. We could, if that makes us uncomfortable, moved to a closed federation system where we only accept request from an allowlisted set of instances.
