You can see who upvoted and downvoted a post by viewing it in friendica.
-
Upvotes seem to just federate as likes and dislikes.
-
System shared this topic on
-
Upvotes seem to just federate as likes and dislikes.
I was thinking that it would make sense to federate upvotes, but with the hash of your username instead of your actual handle. Would this work?
-
I was thinking that it would make sense to federate upvotes, but with the hash of your username instead of your actual handle. Would this work?
How long until it gets abused, and trolls start brigading though instances that hide their votes?
-
I was thinking that it would make sense to federate upvotes, but with the hash of your username instead of your actual handle. Would this work?
The userbase is small enough that hashing would be easy cracked by a determined person. Even with salting, iterating through the entire userbase and hashing each username+salt to check for a match would probably not take long
-
I was thinking that it would make sense to federate upvotes, but with the hash of your username instead of your actual handle. Would this work?
Just make a rainbow table and get the usernames back.
-
Upvotes seem to just federate as likes and dislikes.
I'm not sure about the downvotes part (i failed to recreate this lmao) but you can already view upvotes with mbin. Piefed solves this problem with a option to make your votes private (but from my tests it didn't work? weird)
-
The userbase is small enough that hashing would be easy cracked by a determined person. Even with salting, iterating through the entire userbase and hashing each username+salt to check for a match would probably not take long
Replace "hashing" with "encrypted" (perhaps just using a symmetric key that the admin sets up) and then it gets impossible to know for any outsiders who is the real user behind the vote.
I for one just wish people understood once and for all that anything you do on social media is public.
If you are not comfortable backing up your opinion or action, then don't do it.
-
I'm not sure about the downvotes part (i failed to recreate this lmao) but you can already view upvotes with mbin. Piefed solves this problem with a option to make your votes private (but from my tests it didn't work? weird)
IIRC, piefed's private votes are disabled for "trusted" instances. You can see which instances are trusted here.
-
Upvotes seem to just federate as likes and dislikes.
Or you can be an instance admin.
In the next lemmy version (1.0.0), mods will also be able to view votes in their communities. -
IIRC, piefed's private votes are disabled for "trusted" instances. You can see which instances are trusted here.
Ah, well that sucks
i thought it just used a different strategy to do so if it was trusted, not outright disable it.Will correct it, thanks
-
I was thinking that it would make sense to federate upvotes, but with the hash of your username instead of your actual handle. Would this work?
One of the advantages of votes being public is that it keeps instance owners honest and, perhaps more importantly, means they know other instance owners are honest.
If they weren't public it would be easy to modify your lemmy instance to send 10 votes with fake hashes for every real vote. There would be constant accusations of brigading and faking votes.
-
Upvotes seem to just federate as likes and dislikes.
There's no way that isn't going to be abused. Some marketing or tracking agency will setup a fediverse server and just collect all data like this for free. Or worse, take advantage of a friendica instance to bombard it with requests for data collection purposes.
-
Or you can be an instance admin.
In the next lemmy version (1.0.0), mods will also be able to view votes in their communities.mods will also be able to view votes in their communities.
You can already do this using tesseract, by the way (not tesseract.dubvee.org, strangely?)
On t.lemmy.dbzer0.com i can see both upvotes and downvotes (for all my modded comms):
-
How long until it gets abused, and trolls start brigading though instances that hide their votes?
Nothing stops defederation, though.
-
mods will also be able to view votes in their communities.
You can already do this using tesseract, by the way (not tesseract.dubvee.org, strangely?)
On t.lemmy.dbzer0.com i can see both upvotes and downvotes (for all my modded comms):
I guess the feature was already merged in one of the past Lemmy versions then?
-
I guess the feature was already merged in one of the past Lemmy versions then?
I think it's been implemented this whole time, but it's just that the default lemmy-ui doesn't show it
-
Nothing stops defederation, though.
That creates an incentive for trolls to create accounts at the popular instances using this mechanism in order to destroy their reputation.
-
That creates an incentive for trolls to create accounts at the popular instances using this mechanism in order to destroy their reputation.
But they can just be banned from those instances?
-
Replace "hashing" with "encrypted" (perhaps just using a symmetric key that the admin sets up) and then it gets impossible to know for any outsiders who is the real user behind the vote.
I for one just wish people understood once and for all that anything you do on social media is public.
If you are not comfortable backing up your opinion or action, then don't do it.
Assuming each user will always encrypt to the same value, this still loses to statistical attacks.
As a simple example, users are e.g. more likely to vote on threads they comment in. With data reaching back far enough, people who exhibit "normal" behavior will be identified with high certainty.
-
IIRC, piefed's private votes are disabled for "trusted" instances. You can see which instances are trusted here.
Damn, so this is how I find out we're least trustworthy part of the commonwealth.
