I woke up today, to a public comment in a Lemmy community asking a series of tagged accounts why they had downvoted certain posts
I thought that reactions to posts and comments are anonymous and now I don’t really know what to feel about Lemmy any more.
In this case I had downvoted a poster because of its design, but was confronted publicly for being racist because the person assumed that I downvoted the message on the poster
EDIT: changed the title from “How” to “Why” because it broke rule nr 5 about it being a support question
I just block anyone who confronts me about why I voted a certain way. “Because I felt like it, fuck off cunt” is my go-to justification.
The protocol is ActivityPub not ActivityPriv
I’m pretty sure the Pub doesn’t stand for Public, but rather Publish.
You are right but you can’t exactly publish something and expect it to be private
And what does publishing something do? Does it make it widely available to the public?
WHAT
If you want to maintain some sort of privacy when voting on any platform in the Fediverse:
Create an alt account, do not make any posts/comments with it, only use it for voting.Otherwise we would need an instance that generates a bunch of voting accounts. Then, when you vote on something, the instance randomly assigns that vote to one of their voting accounts and sends out that vote information to other instances. Then only the Admins of your home instance would be able to view your voting history.
also don’t do this because fuck that
It’s to guard against bot accounts. I’d much rather have that instead of the clearly manipulated comment sections on Reddit. The pro-israel posting and down voting went away almost overnight when we got broader access and a few mods got called out about it. Go look at a comment section about it that hits all on Reddit, there’s clearly artificial voting going on.
It’s still not that hard to mess around but I’ll take what I can get, and I guess it does keep the racists away, even if it’s sometimes a false positive like in your case.
I agree that it is good with transparency, but then this should also be freely available on the Lemmy platform, and even the clients, in the same way as modlogs list what is going on.
I knew that admins could somehow go into the database and check who has done what, but I assumed that this was only the admin, and maybe even that the info was encrypted. It’s alright with me that it’s not, but then why not display it on each post and comment, with a list of interactions to it.
In this case, it’s this post:
https://quokk.au/comment/3048088Although, the comment where people were being called out, may have been removed (not sure if it’s because I have blocked the user, or they have blocked me)
I fully agree it should be transparent instead of a kind of trick you learn eventually. Won’t happen anytime soon though, the Lemmy devs are against the notion. They actually block lemvotes on their instance which is a bit ironic because they insta ban people for down voting a lot from what I understand.
Community moderators can also directly see who upvotes or downvotes posts and comments on their community.
It’s not just through lemvotes.
So you can block them. Karma points on the fediverse practically mean nothing as it does not borrow the functionality as they would on Reddit where if you’re downvoted enough times, you will be prevented from posting as frequently. I guess some people, 3 years later, did not get the memo still when they think it’s so rebellious and cool to parade downvotes on someone. It just makes you look petty and childish, really.
As other comments have said its by design. But there is a quirk if they used lemvotes to determine who the down voters were: it doesn’t seem to pick up downvotes by mbin users. For example, according to lemvotes I’ve never downvoted anything. This is demonstrably false :)
deleted by creator
The Fediverse is open, everything you do on here is fully public.
It’s why I prefer it over reddit, where who knows what really happens with all the vote manipulation and brigading.
To answer your question, it is all listed alongside upvotes on the posts if using mbin.
Depends on the instance, mine is an mbin instance but the upvotes and downvotes are hidden.
I remember coming across a site where you could put in a Fediverse URL and it would tell you who had upvoted and downvoted it, presumably it had an instance in the background that was tracking all that.
Edit: lemvotes.org, linked below by another comment.
Edit: lemvotes.org, linked below by another comment.
Aw, shoot. It doesn’t seem to work for PieFed. For example, here’s a link straight to the original instance and thread: https://piefed.social/c/historyart/p/1701717/
Changing that “p” to “post” didn’t seem to work, either.
I would like to see the ratio of up/down, because that’s IMO much more informative, if you allow votes at all. Personally I think votes just triggers some dopamine crap and is totally useless most of the times (exceptions are serious places where responsible people downvote wrong information for example)
I would like to see the ratio of up/down
That’s typically enabled/disabled in the settings of the client.
Fiddled around a bit and found a setting for that, or so it seems, gotta go collect some downvotes to try it out 😁
Thanks!
Yes, the information is sent to your instance, and then is being censored by your instance. It’s personal choice for the instance and it’s support. But your instance must either be commonly supporting you not seeing it, or dictating you aren’t seeing it.
Kind of like the championship football game played in the U.S. today before the Superbowl, where Fox edited out access to seeing people paying tribute to the man murdered by ice.
Sometimes it’s good to have information, sometimes people think it is not
I’m also on fedia and I can see who upvoted and boosted a comment / thread / post.
Fedia.io is also an mbin instance, you are speaking about the same thing.
Exactly. I enabled displaying the domains of every user, so I noticed that FaceDeer is on the same instance as I am and so wanted to point out this odd difference.
I was sceptic of the open concept at first. But now I find it appealing, because comment and post history are also public. If people wanted, they could probably extract my living place, job, sexual preferences and political opinions from my comment history of 1,000 comments. So why hide the up- and down votes?
This is the point though. Its it’s hidden by the platform, I feel like exposing it in public is against the sentiment
If voting was public through Lemmy and its clients, it would be more open and not only partly anonymous
I had assumed that if voting activity was meant to be public, there would have been a feed like the mod logs, for each users activity
That’s true, but I think this is more of a development thing than an actual aim of Lemmy. Due to the nature of federation, everything must be open. As the Software is strongly inspired by Reddit, transparent votes is something that is technically exposed via the API but not yet implemented in the UI. But I think any app developer could integrate this into their app if they liked. It seems like Mbin chose a different path way.
In general, there is no congruent sentiment in Lemmy development, but I agree there should be one or it should be discussed with the community. Have you looked if there is an already ongoing discussion on git?
I care more about PieFed, but I don’t know how they look on the topic though.
I just think it should be more obviously transparent, rather than the UI pretending it has no attribution.
I recall some proposal about adding the info to the UI and objections due to privacy concerns, which is just pretending something is private.
Thanks! That’s is very helpful and also concerning
Not sure how I feel about this
Feel this! ⬇️😆
I think you missed the point of this - I don’t mind down votes.
I am just surprised that (some) users will actively use third party software to identify who made them, and then confront them publicly
I love it. It’s awesome. Also the Lemmy modlog. I love how open everything is!
Why is that concerning? The whole system was meant to be transparent
Not the OP, but i find it concerning because this enables creating a very detailed profile of a users interests, political alignment, medical issues, sexual orientation etc. Even if they never post anything! We should all know by now that there are bad actors actively using this kind of data in the worst ways imaginable. In the US this can already have life threatening consequences (ICE raids etc…)
This is not a good privacy oriented design and it exposes users in a dangerous way.
EDIT: About lemvotes.org. I like this site because it makes it obvious how dangerous this really is. For example I accidentally upvoted a really disgusting NSFW post misclicking on my phone. This will forever be visible to the world. I’m a documented pervert now. Good job.
just upvote and downvote a bunch of random things then your profile has been salted.
Piefed alliviates some of these issues.
i find it concerning because this enables creating a very detailed profile of a users interests, political alignment, medical issues, sexual orientation etc. Even if they never post anything!
So don’t interact. What you read isn’t stored, but if you interact, it should be public.
For example I accidentally upvoted a really disgusting NSFW post misclicking on my phone.
I agree that it’s dumb you don’t have a “my votes” page where you can remove that. But you can go to said post and just remove your vote.
So in a niche community we are now promoting that people don’t interact with said community if they care about their privacy at all?
Not at all. I’m saying you should interact and stand behind your interactions.
For example, you downvoted my post, which is fine. You also replied, which is also fine. Why is it bad that one isn’t on your profile (but it is public) and the other is openly visible in a list on your profile?
Interactions are by default public, otherwise there’s no point to interacting. I’d go one further and say that having the voting information public but not visible by default is by far the worst option.
I constantly misvote by doing a gesture not exactly right on my phone. I wouldn’t judge anyone by their votes.
To be fair OP isn’t the only one that finds it concerning. Kbin/Mbin had tons of complaints about its public voting until the Mbin devs decided to cave and hide downvotes. Piefed also tried to implement private voting before, but gave up because of their halfhearted approach not working out.
I personally like public votes. It’s great to see who upvoted me, especially if it’s someone I recognize. While I miss being able to see downvotes, because sometimes I do feel like asking for feedback from downvoters on where I could do better.
That said, there’s an issue of consent there imo. So I do understand the complaints. While a receiving instance is technically free to do with the federated vote what they want, the user never really consented to that. It’s like if an instance made private messages public. Theoretically it’s allowed to, but that doesn’t mean people would be happy about it.
To be 1000% clear, the voting agents on piefed worked just fine. They scrapped it because of forum politics. A few terminally online admins got real mad they couldn’t stalk user votes and threatened to defederate, even though they could easily just ban the voting agents if they wanted. They made up a completely absurd and roundabout premise that they needed to be able to preemptively ban people based on votes in case they might make a “harmful comment” in the future. The fact that this was the primary concern indicates that the functionality worked as intended.
Hopefully someone integrates the same functionality into an app. Honestly I’d take a swing at it if I had a bit more time.
I had expected reactions to be encrypted, as it’s not a build in feature of Lemmy itself. If it was, I feel like it should have been visible, just like the modlog. There must have been a reason why the Lemmy devs don’t show a list of who up votes or down votes
Assume that everything you say and do online is public, unless explicitly stated (and proven) otherwise. The advantage of Lemmy (and Reddit in principle) is that your account is anonymous, it is not linked to your person. So you have some freedom to be who you want to be without repurcussions in your daily life.
If it would be encrypted, it would open up for vote manipulation. There are plans that mods will see who upvotes in their communities. Create multiple accounts on different instances if you need more privacy, separate personalities for different topics.
Create multiple accounts on different instances
Isn’t that manipulation too?
If someone has a problem with your alt they can ban it. If votes would be encrypted they would have to defederate the full instance where they come from.
Create separate accounts for privacy not for vote manipulation
I solve that issue by having down votes disabled, I don’t have the capability to down vote or see negative scores. It honestly made my experience on the platform better as well, because it helps hide the hive mind mentality that the platform as a whole seems to have at times.
I mostly solve this by upvoting what I like and ignoring the downvote option, reserving it for advertisement bots and spam.
I think that having the voting record hidden in the client UI makes more harm than good to be honest and would’ve preferred if the devs changed their mind on tricking end users that voting is anonymous.The federated design of fediverse means that upvotes and downvotes must sync between instances and as such they’re not hidden or anonymous in any real sense. Anyone with a fediverse instance can see the votes.
lemvotes.org democratise this by allowing everyone, not just techies with their own instance, to see the votes.
One should know that lemvotes.org isn’t a perfect source of truth though, when I lefthand scroll I sometimes fat finger a downvote that I remove again. The latest downvote in my record is one of those.
https://lemvotes.org/ state I downvoted a post:
https://feddit.uk/ sees 75 upvotes:
https://sopuli.xyz/ sees 75 upvotes and I clearly have not voted:
How dare you not upvote my post.
I blame it on rarely upvoting posts at all! Or maybe it was someone elses fault, must be someone else to blame. I think. Is it your fault? You made me not do it? You must’ve made me not do it. You’re to blame. I’m certain.
solve this by upvoting what I like
This doesn’t solve the privacy issue. It still enables bad actors to create a very detailed profile of who you are, just by looking at the content you upvoted. Your interests, political alignment, medical/mental health issues, sexual orientation… just to name a few.
If you don’t sign in or don’t interact, then you don’t have anything to worry about. Reddit doesn’t make votes public but it definitely is selling your voting data as well as IP and location data to third parties.
Lemmy just publishes the data it needs to make activity pub work. If you don’t do anything that generates an AP action then there is no data on you that somebody can compile. I agree that it probably isn’t a good idea to hide the fact that AP actions like upvotes or downvotes are public, but that’s how the protocol works
Yeah, if you wanna lurk and not comment because you want to stay private then I recommend not voting at all.
If a person is already engaging in communities with comments like you and I are right now then I think the added details from our upvotes only strengthen what they already know from our comments.I think most of my upvotes are in comment chains like this, when I think that they add value and are on topic.
I had assumed that this was somehow encrypted. Especially as it is not a build in feature of Lemmy itself, to show who has reacted in certain ways
And that assumption is why I think the choice of the devs to hide it was wrong. They essentially tricked you.
Having votes transparent makes manipulation much harder and people much nicer.
I woke up today, to a public comment in a Lemmy community asking a series of tagged accounts why they had downvoted certain posts
Which community/instance did this? I’d like to block it.
Wow, what a shitshow.
not surprising that it’s Deceptichum
I’m not at all surprised who the OP here was.
(trying something: https://lemmyverse.link/quokk.au/comment/3048088 )
edit: not convinced, I still don’t know how to properly share a link of a post or comment in a way that all instances open it on their own
Seems to work fine in Voyager, opens in my home instance. But presumably that’s a feature of Voyager.
also:
hey @whyNotSquirrel@sh.itjust.works I see you downvoted my comment, care to share your opinion??
fuck you!
No, fuucckk yoouuuuu!!!
You can’t, at least not yet. The only cross instance linkable is with communities. (i.e. !asklemmy@lemmy.world)
To allow other instances to know about your vote, Lemmy federates it. This involves the post you downvoted and your account. Neither is really optional here, as the receiving instance needs your account to verify the vote.
When another instance receives your vote, it’s up to them how they handle it. Mbin used to display both of them to users, but due to backlash from Lemmy users they made downvotes private eventually. Upvotes are still visible on Mbin though. Other fediverse platforms might also display your votes to users like Mbin and Lemvotes do. And of course anyone can make a minimal ActivityPub implementation and subscribe to a Lemmy community and get all the votes made within.
As other comments have said its by design. But there is a quirk if they used lemvotes to determine who the down voters were: it doesn’t seem to pick up downvotes by mbin users. For example, according to lemvotes I’ve never downvoted anything. This is demonstrably false :)
That’s creepy! I down vote and am down voted constantly.
It’s also petty… But knowing that this is so easy to identify people behind vote activity fundamentally changes how I feel about Lemmy
Maybe we should convey to new users more strongly that ActivityPub software “is like a large open place, where you can publish what you want (minus moderated content) and everyone has the ability to see everything you did”.
AFAIK Lemvotes runs a private instance with a bot (???) as an admin which it uses to collect downvote information (as others have explained, the information is already there, it’s just private on the client side on most Fediverse platforms).
