this post was submitted on 04 Jul 2023
1355 points (97.0% liked)

You Should Know

33420 readers
371 users here now

YSK - for all the things that can make your life easier!

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)


Rule 1- All posts must begin with YSK.

All posts must begin with YSK. If you're a Mastodon user, then include YSK after @youshouldknow. This is a community to share tips and tricks that will help you improve your life.



Rule 2- Your post body text must include the reason "Why" YSK:

**In your post's text body, you must include the reason "Why" YSK: It’s helpful for readability, and informs readers about the importance of the content. **



Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.



Rule 4- No self promotion or upvote-farming of any kind.

That's it.



Rule 5- No baiting or sealioning or promoting an agenda.

Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.



Rule 6- Regarding non-YSK posts.

Provided it is about the community itself, you may post non-YSK posts using the [META] tag on your post title.



Rule 7- You can't harass or disturb other members.

If you harass or discriminate against any individual member, you will be removed.

If you are a member, sympathizer or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people and you were provably vocal about your hate, then you will be banned on sight.

For further explanation, clarification and feedback about this rule, you may follow this link.



Rule 8- All comments should try to stay relevant to their parent content.



Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.



Rule 10- The majority of bots aren't allowed to participate here.

Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.



Partnered Communities:

You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.

Community Moderation

For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.

Credits

Our icon(masterpiece) was made by @clen15!

founded 2 years ago
MODERATORS
 

Edit: obligatory explanation (thanks mods for squaring me away)...

What you see via the UI isn't "all that exists". Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see "under the hood". Any instance admin, proper or rogue, gets a ton of information that users won't normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: Obligatory RIP my inbox.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 501 points 1 year ago* (last edited 1 year ago) (21 children)

To anyone surprised at this: welcome to the fediverse, please treat everyhing you do or say as public.

The way to achieve privacy around here is by following the long forgotten arts of the old internet before Facebook was a thing: use a Nick name and don't tell strangers on the internet your real identity.

Your home instance will act as a proxy and only they have access to your email and IP address. That does stay private.

So, as long as you trust your home instance to not leak or disclose your connection or sign up data (which would be illegal in EU countries), just sign up with an alias.

A very positive aspects of this is that it should allow us to detect voting manipulation by correlating the activity of certain potentially malicious actors. If Lemmy instances take vote manipulation seriously and do their best to block bots this has the chance to make Lemmy / Kbin much more transparent and credible than Reddit ever was.

[–] [email protected] 139 points 1 year ago* (last edited 1 year ago) (7 children)

Lol. kids these days would psot their bank info online if the banks didn't prevent them from doing so.

[–] [email protected] 99 points 1 year ago (10 children)

You say that like A/S/L wasn't a thing back in the day.

[–] [email protected] 76 points 1 year ago (3 children)

19/f/Cali was the only acceptable response

[–] [email protected] 39 points 1 year ago (2 children)
load more comments (2 replies)
load more comments (2 replies)
load more comments (9 replies)
[–] [email protected] 25 points 1 year ago (1 children)

I don't want to shame anyone, but I've had people sign up give me their full DoB and offering to show me their ID. I know of people who disclose their id to get access to nsfw discord communities.

load more comments (1 replies)
load more comments (5 replies)
load more comments (20 replies)
[–] [email protected] 113 points 1 year ago* (last edited 1 year ago) (16 children)

To illustrate op's point I'm going to spin up an instance, federate with everyone, and not tell anyone what that instance is.

Then I'm going to feed all that data into my new website, called Open Lemmy Stats, where anyone can query the user data ive accumulated. The homepage will be ripe with insights, leaderboards and all kinds of data on prolific users.

Additionally, I'll display a snapshot/profile of a random user by feeding that users data to GPT4 to make inferences about the user's political affiliations and display the results.

Worst of all, I'm not going to out my instance for everyone to know it as the one to defederate. In fact I'm spinning up a few instances that will host innocuous communities that I plan to mod and support to give my instances cover for their true purpose: redundant fediverse datastreams for my site, Open Lemmy Stats.

I'll also have a store where anyone can buy my collected fediverse data for a handsome sum.

Just kidding I'm not doing any of this. But someone absolutely will or already is.

[–] [email protected] 32 points 1 year ago* (last edited 1 year ago) (1 children)

You know, I came in here with the mindset that the topic of discussion here isn't a bad thing; I'm largely pro information-should-be-open-and-available. But you've argued a very solid point, and I've changed my mind on the issue. I appreciate you sharing this perspective!

load more comments (1 replies)
load more comments (15 replies)
[–] [email protected] 111 points 1 year ago (10 children)

There's something amusing about people feeling violated by their activity being made public, but not necessarily by corporations hoarding and capitalizing on that activity & data. I mean, one of them is out in the open. The other is pure abuse.

[–] [email protected] 41 points 1 year ago (2 children)
load more comments (2 replies)
[–] [email protected] 28 points 1 year ago (3 children)

Ah, the old ~~Reddit~~ Lemmy switcharoo.

You are probably seeing two very different vocal minorities, and conflating the two.

Also, there's a very clear difference in expectations between posting/commenting and upvoting. I blame the UI. We naturally expect public actions to be easily visible. The lack of universal accessibilty to the public data makes people unaware that the data is public. Lemmy UIs, including apps, need to make this information (a list of upvoting users) universally publicly accessible before people will change their expectations.

load more comments (3 replies)
load more comments (8 replies)
[–] [email protected] 111 points 1 year ago* (last edited 1 year ago) (2 children)

Activities are public and easily viewable on kbin. It's been interesting. Seems mostly positive other than people harassing those who down-vote them demanding explanations.

[–] [email protected] 102 points 1 year ago (2 children)

Knowing they're visible on kbin made me realize that most Lemmy users probably weren't aware, as it's non-obvious.

[–] [email protected] 31 points 1 year ago (6 children)

Yea, good call. I wonder if kbin makes them viewable because the activity pub protocol does not allow them to be easily hidden.

[–] [email protected] 50 points 1 year ago (5 children)

Seems to be Ernest's attitude about that sort of thing, he doesn't like to hide things from the average user that someone more technically inclined would still be able to access

[–] [email protected] 29 points 1 year ago (3 children)

And I like it. It’s pretty earnest :)

load more comments (3 replies)
load more comments (4 replies)
load more comments (5 replies)
[–] [email protected] 30 points 1 year ago (3 children)

Yeah, I had a good natured discussion with a Lemmy user on feddit.uk the other day where they were still inexplicably downvoting my responses each time, despite us both being polite and constructive.

It made me realise that a) they use the downvote button quite differently to how I use it and b) they probably didn't know that I, as a kbinaut, could literally see they were the one downvoting.

load more comments (3 replies)
[–] [email protected] 23 points 1 year ago (4 children)

One thing I really like is that it makes it easy to identify users to block. If there's a post stating that "Nazis are bad" and it has ten downvotes, it's very easy to use that to block future content from trolls and people I'm not interested in hearing from.

load more comments (4 replies)
[–] [email protected] 75 points 1 year ago (17 children)

I downvoted the beans and I don't care who knows about it. I'd do it again.

This is useful to know though, thanks. I guess assume everything is public short of your password (unless your admin is particularly nefarious and has altered the code to store passwords in plaintext for some reason).

load more comments (17 replies)
[–] [email protected] 68 points 1 year ago* (last edited 1 year ago) (15 children)

Edit: Obligatory RIP my inbox.

Can we leave this kinda stuff behind? It is NOT obligatory.

[–] [email protected] 31 points 1 year ago (8 children)

I’m going to start throwing “edit: thanks for the gold kind stranger!” on the end of my comments just to induce some nostalgic cringe.

load more comments (8 replies)
load more comments (14 replies)
[–] [email protected] 68 points 1 year ago* (last edited 1 year ago) (6 children)

Isn't that kind of the point? You don't get very far hiding in a social setting. You're on a public website talking to other people. Your posts should be public, comments, etc. At least people should treat all websites or apps they didn't develop personally like they're public. I mean you don't really have a right to privacy in public.

And I'm not trying to say this with some malicious tone or anything but it's just my view on it.

[–] [email protected] 58 points 1 year ago (7 children)

Posts and comments is one thing... It's inherently public. But I think being able to see up and down vote publically is a tough pill. If you don't realize your votes can be seen you risk your vote being held against you. If you do know it disincentivizes you to use the vote system to protect yourself from something that should be rather benign.

load more comments (7 replies)
[–] [email protected] 23 points 1 year ago (2 children)

Still unexpected. And that's the problem.

Comments are obviously public because I can read them. But there is no "upvoted by xx people (and downvoted by xx)" link I can click to see the list of people who interacted this way with the post. It's only with API calls or similar that I can access the information.

load more comments (2 replies)
load more comments (4 replies)
[–] [email protected] 60 points 1 year ago (22 children)

Nothing private in fediverse except when you are selfhosting yourself.

[–] [email protected] 63 points 1 year ago (2 children)

and not interacting with anyone else.

load more comments (2 replies)
load more comments (21 replies)
[–] [email protected] 49 points 1 year ago (6 children)

Good. If I downvote something its for a reason, and I don't care who knows.

[–] [email protected] 19 points 1 year ago (2 children)

In fact, I'm tempted to say I WANT people to know I'm not the one downvoting them when I disagree.

load more comments (2 replies)
load more comments (5 replies)
[–] [email protected] 47 points 1 year ago* (last edited 1 year ago) (9 children)

Reading these comments, seeing so many excuses, sarcastic responses, and handwaving, makes me realize a great deal of users really need to develop some imagination.

This is not about privacy. It's about data that can easily be used for targeting and profiling users, and how that creates countless avenues for targeted harassment and wide scale retaliation. It's about all of the innumerable ways public vote information can and will be abused to manipulate scoring across the site with targeted/automated shadow banning and shared blocklists. Raise your hand if you trust every single admin to never abuse such a tool to curate the outward appearance of an instance to fit a narrative.

For a different example: I could say something about how great Nazis are right now, and have a bot programmed to read every single person that downvoted me, add those names to a shared blocklist, and viola, I've made myself and all my alts invisible to the people that would challenge me on a massive scale.

I promise you this is going to be a big issue as tools for this site get more sophisticated over time.

load more comments (9 replies)
[–] [email protected] 46 points 1 year ago* (last edited 1 year ago) (26 children)

Not to sound harsh or anything, but those of you saying that it's okay that all this data is public are insane. This completely goes against the entire philosophy of the Fediverse and FOSS in general. The reason we all are fleeing from Big Tech is because they collect so much data on us. At least, they keep it hidden from public view. This is a major issue in my opinion, and needs to be addressed ASAP before we can claim to have superior platforms on the Fediverse. Why can't this data at least be encrypted?

load more comments (26 replies)
[–] [email protected] 41 points 1 year ago (3 children)

For me, it makes so much sense. Likes and dislikes, besides serving as a means of sorting posts and comments, also serve as a shortcut for leaving a comment saying, "This^" or "I disagree."

[–] [email protected] 36 points 1 year ago (5 children)

I think the issue is just that having votes publicly accessible can lead to harassment. Sometimes I want to downvote bigots or idiots and not want the possibility of them engaging with me.

load more comments (5 replies)
load more comments (2 replies)
[–] [email protected] 39 points 1 year ago (5 children)

So everyone knows I upvote my own posts? This is an outrage.

load more comments (5 replies)
[–] [email protected] 39 points 1 year ago (3 children)

Can someone explain why r/privacy is so up in arms about this? Seems fairly obvious that my actions in the public domain are public, but they’re all “Lemmy doesn’t care about your privacy”. Why?

https://www.reddit.com/r/privacy/comments/144clka/warning_lemmy_federated_reddit_clone_doesnt_care/?utm_source=share&utm_medium=ios_app&utm_name=ioscss&utm_content=1&utm_term=1

[–] [email protected] 51 points 1 year ago (6 children)

I wouldn't say Lemmy doesn't care about your privacy, but probably they didn't have enough traffic before the death of Reddit to really prioritize it. I myself have security concerns, particularly with the storage of account data on servers that who knows where they are hosted or what the security is. But I would say Lemmy instances are much more likely to be targetted for attacks by malicious hackers than Reddit, because most instances are likely hosted on far less secure machines than Reddit servers.

load more comments (6 replies)
load more comments (2 replies)
[–] [email protected] 39 points 1 year ago* (last edited 1 year ago) (7 children)

Suppose there is someone who wants to maintain their anonymity and privacy on Lemmy so that it couldn't be tied to their real identity, what do you think is the best way to do that?

Hmm, I, famous Hollywood actress Margot Robbie and star of "Barbie", sure am stumped.

load more comments (7 replies)
[–] [email protected] 37 points 1 year ago (26 children)

I'mma be honest, this might be the worst part of lemmy. NSFW, gray area topics, sports discussion, all that becomes completely radioactive.

[–] [email protected] 24 points 1 year ago

I think its a massive improvement. Reddit did next to nothing about astro-turfing and vote manipulation. Lemmy gives people the tools needed to detect inorganic content.

load more comments (25 replies)
[–] [email protected] 35 points 1 year ago (1 children)

Now we know who are the people stalling the liftoff of the bean's meme to the stratosphere.

load more comments (1 replies)
[–] gravitas_deficiency 32 points 1 year ago (9 children)

Woah woah woah. Hold the phone. You’re telling me that things that I post… on the internet… are… PUBLIC???

load more comments (9 replies)
[–] [email protected] 29 points 1 year ago (1 children)

Hello there, and welcome to our community! I hope you like it in here.

Could you please include some body text as to why should people know this, and how would that help them? It’s our second rule. Thank you :)

[–] [email protected] 26 points 1 year ago

Done. Thanks for setting me straight and the very polite manner of reminding me to RTFM.

[–] [email protected] 29 points 1 year ago (11 children)

People raise a good point that in countries where political dissent can actually be dangerous, this would very much dissuade people from voting on things they believe in, or even coming anywhere near Lemmy period.

A better approach I think would be to have the user's host instance save their votes (the database obviously needs to remember what you voted on), but when federating those votes with other instances just hand over a cumulative total, e.g., "here on vlemmy.net we have +18 votes for this comment", which the other instances can then add. There's no need to send user information with that data.

load more comments (11 replies)
[–] [email protected] 20 points 1 year ago (7 children)

I only downvote awful/hateful comments so I usually stand by what I strike down. I can understand why this may concern others though.

load more comments (7 replies)
load more comments
view more: next ›