Edit: obligatory explanation (thanks mods for squaring me away)…

What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

  • @brave_lemmywinks
    link
    English
    581 year ago

    I’mma be honest, this might be the worst part of lemmy. NSFW, gray area topics, sports discussion, all that becomes completely radioactive.

    • Earl Turlet
      link
      fedilink
      English
      151 year ago

      People might have to stand behind their opinions if they choose to voice them. The horror!

      (Although the user/account is still basically anonymous 🤷‍♂️)

      • @brave_lemmywinks
        link
        English
        491 year ago

        There’s a reason nobody has to publicly announce who their voting for in democratic countries, and that there’s no mechanism to check that. People can be grouped, ostracized, persecuted, canceled, or worse.

        • @[email protected]
          link
          fedilink
          English
          81 year ago

          Not all votes are private in this way, and we’re not exactly voting for a new prime minister / president.

        • @Bazoogle
          link
          English
          41 year ago

          You don’t publicly announce it, but the government still knows it’s you who voted. Except in this case the site is open source. Knowing who voted is the only way to prevent vote manipulation.

          • @bitbybit
            link
            English
            151 year ago

            In the US, all elections are done by secret ballot. The govt can see that you voted, but not who you voted for

            • @Bazoogle
              link
              English
              21 year ago

              Okay, yea, that does make sense. I was thinking of electronic votes, in which case there wasn’t much stopping them from storing that data. But you can get a paper ballet where your name isn’t on it. Regardless, actual voting isn’t a good analogy. You can change your vote on an internet forum, you cannot with a ballet.

              Let’s say on lemmy, up or down vote, it reported “Bazoogle has voted” and simply adds a number to the variable without my name tied to it. If I wanted to undo my vote, it wouldn’t know whether to subtract an up vote or down vote unless it knew which one I did in the first place. The only other option would be to try and encrypt the username with some sort of identifier that can’t easily be decrypted. Which might be possible, but is beyond my current knowledge of cybersecurity.

              • @sauerkraus
                link
                English
                11 year ago

                It’s as simple as sharing vote counts but not individual identifiers between instances. Problem solved.

                A user doesn’t even have to comment to be doxxed by publicly viewable upvotes. They upvote a post in a community for their local state, then upvote a post about how to get an abortion. The state subpoenas the instance admin and gets their IP and email address.

                • @Bazoogle
                  link
                  English
                  11 year ago

                  They could already do that with Reddit. Is that something that happens?

                  • @sauerkraus
                    link
                    English
                    11 year ago

                    With Reddit that data could be kept between the users and admins.

                    I do not have any insider knowledge regarding whether Reddit has received requests for user data.

          • @ilikekeyboards
            link
            English
            41 year ago

            Uhm the government knows it’s you who voted but not what

        • Earl Turlet
          link
          fedilink
          English
          21 year ago

          No one is forcing anyone to upvote or downvote. There’s not even karma or anything here. If people don’t want others to know how they feel, then they shouldn’t say anything, no matter what form the speech takes.

      • @[email protected]
        link
        fedilink
        English
        22
        edit-2
        1 year ago

        This is an issue of privacy, though. There is a reason why people dislike google or their neighbour having access to their information, however mundane.

      • @JakeHimself
        link
        English
        41 year ago

        Yeah, that’s terrifying for a lot of people

    • lightrush
      link
      fedilink
      English
      5
      edit-2
      1 year ago

      Err, up/down voting is just a quick way to agree or disagree. If one is voting because they feel they can’t stand behind their opinion if they expanded it in text… I don’t know what to tell ya.

      • @[email protected]
        link
        fedilink
        English
        01 year ago

        One of the reasons I really disliked Reddit and stopped using it years ago was this way of using the voting system. If I make a post, and it gets voted something like +4-10, and a reply that is some rewording of “that’s a dumb statement”, what am I to think? I’m certainly not going to change my mind, no one gave me a good reason to.

        If one is voting because they feel they can’t stand behind their opinion if they expanded it in text… I don’t know what to tell ya.

        I’m inclined to believe a lot of people do this. This is not to say they are terrible for doing this, it’s that it’s human nature. Replying to someone with a well thought out post takes effort and, from my experience, makes the me realize i don’t know shit about the subject. Point is, this way of using the voting system breeds half-thought opinions which is a host of a lot of other problems.

    • @consumer451
      link
      English
      0
      edit-2
      1 year ago

      What about IP addresses? I see those are logged. Are they available to query?

      I would imagine so, right?

      If so, ummmmmmmm. That is not ok.

      • @lemming007
        link
        English
        161 year ago

        Umm, anything you access on the Internet has to know your IP address, that’s how the Internet works. Whether or not they choose to keep the logs is a different matter.

        • @consumer451
          link
          English
          4
          edit-2
          1 year ago

          Ok, sure. But the difference is that I can’t make my own Reddit instance and then see all Reddit users IP addresses.

          What is the vetting process of getting an instance federated?

          Like if I was an authoritarian henchman, could I make an instance with a community about cats, get federated, then see all the IPs of users calling my boss a pooh bear, on all other instances?

          Edit: what about swatting?

          • @azuth
            link
            English
            31 year ago

            Ok, sure. But the difference is that I can’t make my own Reddit instance and then see all Reddit users IP addresses.

            There’s no difference, you don’t get IPs of other instances’ users just an id

            Like if I was an authoritarian henchman, could I make an instance with a community about cats, get federated, then see all the IPs of users calling my boss a pooh bear, on all other instances

            Or you could just buy it from reddit.

            what about swatting

            Fix your police.

            • @consumer451
              link
              English
              1
              edit-2
              1 year ago

              This sounds a lot like “not my problem.” I am familiar with this type of response, but usually this level of irresponsible indifference comes from those evil VC backed companies. Except they don’t usually say it out loud.

              If this is the attitude of the devs, I am deleting all my glowing recommendations of lemmy on other sites.

              Is this really the attitude of the devs?

              • @azuth
                link
                English
                11 year ago

                I suppose if you ignore the part where I said the problem doesn’t actually exist (IPs are not included in federated content) then It can look like a not my problem response.

                I wonder if you will also delete the FUD and misinformation you posted on this thread.

      • @veganzombeh
        link
        English
        41 year ago

        I haven’t looked into it at all but I expect IPs are visible to instance admins. That’s pretty typical of any online platform.

        • @consumer451
          link
          English
          5
          edit-2
          1 year ago

          But if I understand this, anyone that makes a lemmy instance can see the IPs of any commenter or voter, on any other federated instance?

          What is the vetting process for federation?

        • @[email protected]
          link
          fedilink
          English
          31 year ago

          Even if lemmy itself doesn’t support it, there are plenty of ways to log visitors ips and correlate that data with lemmy to figure out who the user is.

          EX: Using a revese proxy like cloudflare or nginx, which are both very common.

        • @[email protected]
          link
          fedilink
          English
          11 year ago

          Even if lemmy itself doesn’t support it, there are plenty of ways to log visitors ips and correlate that data with lemmy to figure out who the user is.

          EX: Using a revese proxy like cloudflare or nginx, which are both very common.

      • newIdentity
        link
        fedilink
        English
        21 year ago

        IP Adresse does not really matter. It changes every day or whenever I restart the router.

        • @[email protected]
          link
          fedilink
          English
          11 year ago

          Your public IP stays the same for long periods of time, is geographically tied, and also associates you to certain ISPs based on your address space. How long does it stay the same? Months - Years potentially depending on the lease set on the IP.

          • newIdentity
            link
            fedilink
            English
            11 year ago

            Well… not in Germany. Here you have to request a static ip

        • @[email protected]
          link
          fedilink
          English
          01 year ago

          It depends on the ISP, country etc

          I’m in France and almost every time our IP changes it’s because my parents changed our internet subscription, or because moved to another place

      • @[email protected]
        link
        fedilink
        English
        11 year ago

        every website logs ip. The question is whether the admin maintains those logs. However a web server needs your IP so they can route traffic back to you. That IP gets logged so that if something is not working the admin can review the logs and figure out what is going on. Many websites that are privacy focused either turn the logging off or dump the logs fairly quickly. Doing something like that means the admin needs to take steps to create other avenues for troubleshooting that don’t factor user data into the scenario. With smaller projects like instances hosted on lemmy that might not always be feasible for volunteer admins. This doesn’t necessarily mean they are doing anything wrong. Lots of websites maintain logs that include IP addresses.

    • @[email protected]
      link
      fedilink
      English
      -11 year ago

      Radioactive? Honestly, some people are never satisfied and really like to constantly complain, don’t they?