The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
Rule 1- All posts must begin with YSK.
All posts must begin with YSK. If you're a Mastodon user, then include YSK after @youshouldknow. This is a community to share tips and tricks that will help you improve your life.
Rule 2- Your post body text must include the reason "Why" YSK:
**In your post's text body, you must include the reason "Why" YSK: It’s helpful for readability, and informs readers about the importance of the content. **
Rule 3- Do not seek mental, medical and professional help here.
Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.
Rule 4- No self promotion or upvote-farming of any kind.
That's it.
Rule 5- No baiting or sealioning or promoting an agenda.
Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.
Rule 6- Regarding non-YSK posts.
Provided it is about the community itself, you may post non-YSK posts using the [META] tag on your post title.
Rule 7- You can't harass or disturb other members.
If you harass or discriminate against any individual member, you will be removed.
If you are a member, sympathizer or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people and you were provably vocal about your hate, then you will be banned on sight.
For further explanation, clarification and feedback about this rule, you may follow this link.
Rule 8- All comments should try to stay relevant to their parent content.
Rule 9- Reposts from other platforms are not allowed.
Let everyone have their own content.
Rule 10- The majority of bots aren't allowed to participate here.
Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.
You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.
For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.
Our icon(masterpiece) was made by @clen15!
Edit: obligatory explanation (thanks mods for squaring me away)...
What you see via the UI isn't "all that exists". Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see "under the hood". Any instance admin, proper or rogue, gets a ton of information that users won't normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.
Edit: Obligatory RIP my inbox.
Is the poster's IP address, system, or other system identifier/location, tracked?
If I have users giantshortfacedbear and throwaway123. Then it could be inferred or impled that they are same person if there are from the same IP or phone.
Even more reason to set up my own instance. Guess I'll try and figure all that out tonight.
I don't think that this will help.
The reason this is easily accessible is because this data needs to be federated across the network.
It's not just upvotes and downvotes. Instance admin also knows your email and can store your password in plaintext if they want to. It's up to user to decide whether to trust the instance admin
I think you need to clarify how they can see the password. It’s not stored in plaintext, but when the user logs in, the server administrator can see the password in the HTTP post data if they log it in the lemmy sourcecode. All apps are subject to this and it’s why to have to trust the instance owner.
Bad post. Ofc the person running the server can see who votes. Your original post made it seem like anyone has access to this data.
Well, that's probably a wrong kind of 'open' to what FOSS means by 'open' yet I'm not convinced. With the whole 'anybody can make an instance and collect all the data they wan't it's kind of awkward and messy. How much of the said data you can obscure/encode without losing the openness between instances?
Because if one instance can't verify actions of another then you have an issue dealing with bots and overall the platform becomes way more obscure and less reliable as a source of information.
And like if the buttons themselves had an ability to openly show who upvoted/downvoted a post - how much of a difference would've been here? I don't feel like it's such a concern.
The point about deletion/edits - it's not about removing your info from the internet, it's about correcting what's wrong for the sake of providing correct. If it's on the internet once it's there forever. I don't see people complaining about weyback archive doing their thing. Yet it's doing exactly the same thing possibility of which upsets so many people here.
If you monkey brain posted you home address and where the keys are - it's on you, not on the internet for storing the info.
The only real point I see here is corporations/governments scraping all this data for their use. Yet as long as they can federate there's nothing much to do and if you try to restrict federation then it's just a bunch of forums with extra features.
I think this is great. Same idea as cryptocurrency blockchains. PUBLIC ledgers mofos.
Reddit always had this too though. In every app I used there was an "up voted" and "down voted" tab when I would look at someone's profile
Maybe it was an api thing?
Uh...duh? Why would you think this info wouldn't be available to admins and also....who cares?
What does this mean for admins regarding GDPR? Is lemmy still not GDPR complient? Are there options in place if users request their data?
An issue has already been raised: https://github.com/LemmyNet/lemmy-ui/issues/1347
Yea is good to know. I knew that early bc someone said that someone else accosted them after they reduced/downvoted one of their posts
I would hope this would be obvious to anyone. If your client can highlight which posts you have upvoted in the web and app UI then the fact that your user specifically upvoted that post must be recoverable from the instance server and thus must be recoverable by the instance admins. I would not expect anything different.
Sounds like a "non-issue" to me, really. That's kind of the point with the fediverse. If I run an instance, I have access to its database and, thus, everything stored in it. That was the case with old PHPBB forums, admins could see everything.
The questions is what ends up stored from outside my own instance. I haven't looked at the source, but I would hazard a guess that it's mostly some json blobs and/or pointers to users/instances.
I don't think that's a non-issue. If you host an instance an can see everything on it, that's one thing, but if everyone with an instance can see these things from all other instances, that's a different story. That way literally everyone can see all your up and downvotes. That's not the end of the world but that's definitely an issue imo. I can already see people getting canceled not because of an old tweet but because they upvoted something controversial years ago lol.