this post was submitted on 19 Aug 2024
693 points (97.7% liked)

Fediverse

28465 readers
696 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to [email protected]!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 1 year ago
MODERATORS
 

Currently, almost anyone in the Fediverse can see Lemmys votes. Lemmy admins can see votes, as well as mods. Only regular Lemmy users can't. Should the Lemmy devs create a way to make the votes anonymous?

There is a discussion going on right now considering "making the Lemmy votes public" but I think that premisse is just wrong. The votes are public already, they're just hidden from Lemmy users. Anyone from a kbin/mbin/fedia instance can check out the votes if they are so inclined.

The users right now may fall into a false sense of privacy when voting because the votes are hidden from Lemmy users. If you want to vote something and not show up on the vote list, please create another account to support that type of content and don't tell anyone.

you are viewing a single comment's thread
view the rest of the comments
[–] Socsa 6 points 3 months ago (1 children)

Agreed. 10/10.

And you don't even need real crypto here to start. The home instance can just send vote actions as fixed unique tokens. The way the trust framework currently works, this is literally a drop-in replacement and introduces no new spam/brigade vulns which don't already exist from a rogue instance. It would be imperfect, and may still make it possible to correlate and infer vote patterns for a sufficiently motivated adve, but it would raise the bar for protecting user telemetry by a huge factor with very minimal effort. I'm honestly a bit surprised it hasn't been done already.

[–] [email protected] 1 points 3 months ago (1 children)

introduces no new spam/brigade vulns which don’t already exist from a rogue instance

It does though. Now a rogue instance would have to have "believable" profiles for the accounts that vote, because an instance of just "lurkers" who seem to suspiciously vote is a pretty big signal of vote manipulation. If you only see a random identifier (or not even that, just a tally of votes) it'd be impossible to tell if it's truly the instance's users just passionate about something or actual vote manipulation.

In other words it would at least make the problem way worse.

[–] Socsa 2 points 3 months ago (1 children)

The rogue instance would still need fake users though. It would be very easy to see if you are getting votes from 300 unique tokens, but the instance only has 100 users.

Also the method I am proposing would simply be transparent in terms of user management, so if you are running core Lemmy, the only way to generate voting tokens would be to generate users.

[–] [email protected] 2 points 3 months ago

I guess that's true. Then you could just ask the instance admins to check their users' voting patterns / deanonymize them / whatever, and if they don't comply defederate them.