Does ActivityPub send those to other instances, or does ActivityPub only send the original post and the rest (upvotes, downvotes, replies) are stored only on the original server where the post was made?

  • @[email protected]
    link
    fedilink
    English
    111 year ago

    Honestly votes being federated seems like a bad idea imo. Would be easy to spin up an instance with thousands of fake users and manipulate posts.

    Fediverse is already big enough that it could be lucrative to do so.

    • Shadow
      link
      fedilink
      301 year ago

      So then everyone just blacklists that instance. If the problem is really severe, we move to whitelisting.

      It’s not hard to identify when someone is doing this.

      • @[email protected]
        link
        fedilink
        English
        91 year ago

        It’s not hard to identify if you’re looking for it, they just use one instance, they aren’t subtle about it, and they are only boosting a specific company instead of a variety of products and ideas.

        Vote manipulation is hard enough to detect on Reddit where they have visibility top to bottom. I think this will become a major issue in the future.

        This is on top of the already significant scaling issues votes are causing.

        Other instances can cache the total count for historical reasons, to preserve lost instance vote counts, but keeping the full ledger is going to be a serious barrier to entry for hosters and a security (manipulation) issue.

      • @[email protected]
        link
        fedilink
        81 year ago

        A whitelist defeats the decentralisation and openness of a defederated system.

        I think you’re mistaken in your assumption it would be easy to identify malicious instances. Bots are notoriously difficult to fight, every time you block one method another workaround will appear.

        • Shadow
          link
          fedilink
          13
          edit-2
          1 year ago

          I think you’re mistaken in your assumption it would be easy to identify malicious instances. Bots are notoriously difficult to fight, every time you block one method another workaround will appear.

          I run a large instance and I look around in the DB occasionally when users complain, so I’m pretty familiar with what’s in there.

          A whitelist defeats the decentralisation and openness of a defederated system.

          True, but assholes are assholes and sometimes freedom and assholery don’t mix well.

    • @merthyr1831
      link
      21 year ago

      I disagree. Reddit openly admitted to manipulating its upvote count to “deter bots”, especially since it became apparent that the front page of reddit became a very lucrative position to be if you were promoting a product, service, or ideology. In the post API world of Reddit, it’s more apparent than ever that votes are being manipulated to give users an illusion of activity that isn’t actually there.

      In fact, Reddit’s manipulation was always as easy as paying someone to upvote a post a few hundred times within an hour of posting which in turn boosted it on the algorithm that displayed leading posts based on rate of activity instead of actual upvotes.

      On the fediverse, being on the front page of an instance isn’t nearly as lucrative, and being on the front of ALL of them isn’t feasible. Even if one instance is manipulated, federation makes that effort null in seconds.

      The fact these services aren’t monetised, are volunteer-funded, and don’t have the economic or advertising power as reddit does, really makes it harder for votes to be manipulated, let alone make someone want to manipulate the service.

      Lemmy and Mastodon have issues with moderation but at worst the manipulation risk is nowhere near as bad as reddit. At best, it looks like corporate manipulation of social media is all but nonexistent on here. Let’s celebrate that

    • @[email protected]
      link
      fedilink
      21 year ago

      Would it change anything besides their technique?

      They almost certainly already have vote manipulation tools for reddit that work via browser automation, because someone offered me money to build one 10 years ago.

      Those tools and a handful of accounts+vpns would already be borderline undetectable without the access needed to see that 25 accounts always voted the same way.

      At least on Lemmy, you have that access. Reddit not only makes zero effort to prevent it, they actively obfuscate the information needed to spot it.