Edit: obligatory explanation (thanks mods for squaring me away)…

What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

  • unexposedhazard@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    35
    arrow-down
    18
    ·
    1 year ago

    Bad post. Ofc the person running the server can see who votes. Your original post made it seem like anyone has access to this data.

    • inkweaver@kbin.social
      link
      fedilink
      arrow-up
      66
      arrow-down
      2
      ·
      edit-2
      1 year ago

      There’s a bit of a difference here…

      Suppose I’m the President of the Democratic People’s Republic of Leopards Eating People’s Facia, And now, I want to post a propaganda piece on how Leopards are friendly, cuddly, and do not eat people’s faces.

      On Reddit, I can post this and get downvoted to oblivion, I could try to request Reddit to hand over the list of users that downvoted my post, but I’m most likely going to be told to kick rocks and I can’t do anything. (Assuming I’m not the US/a five eyes country).

      With Lemmy/Kbin, I don’t even need to ask the owner for this information. All I need to do is spin up my own separate instance and the original server will happily send over the list of usernames that have downvoted the original post. Maybe I can use this list and send out a few friendly leopards…

      It’s quite literally anyone who has 30 min to set up an instance has access to this data. There’s some discussions on GitHub on how to potentially fix this but right now this is the case.

      • lazyvar@programming.dev
        link
        fedilink
        English
        arrow-up
        10
        ·
        1 year ago

        Is that what you found out during your experiments?

        That seems like a really inefficient and useless implementation to have all instances provide those details to one another, when every instance can simply keep track of it for their own users and pass along the total number.

        • Muddybulldog@mylemmy.winOP
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          They would have to pass that total along every time it changed. Different info, same number of server interactions.

          • lazyvar@programming.dev
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I would expect they’d collate that information and pass it on at regular intervals to the instance that holds the true version of the post, who then subsequently disseminates that information to subscriber instances.

            Then again, I guess you could collate the detailed information in a similar manner.

            Not disputing what you’re saying, I assume you’ve tested this out and that’s what you’re reporting, just commenting on the choices made by the project to implement it this way.

    • MindCap@lemmy.world
      link
      fedilink
      English
      arrow-up
      17
      ·
      1 year ago

      Your original post made it seem like anyone has access to this data.

      Literally anyone can access this data. It’s not private at all just by the way ActivityPub works.

    • impulse@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      5
      ·
      1 year ago

      It is a pretty big deal. What it essentially means is that you are completely exposed, if you pardon the pun.

      And yes, absolutely everyone with basic IT skills has access to this data as it is shared across instances. All it takes is a couple minutes to deploy a docker image and boom, I’m somewhat of an admin myself.

      The fact that this data is stored in plain is a major security and privacy issue that makes me rethink this platform.

      • Vlyn@lemmy.ml
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        1 year ago

        Just don’t vote then? Reddit also told advertisers what you’re into, it was just over backchannels with money involved.

        Or create an account that has no links to your private live, then you can vote as much as you want.

          • Vlyn@lemmy.ml
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            1
            ·
            1 year ago

            The moment you make votes anonymous (which would theoretically be possible) you open up a million ways in which votes can be manipulated. So congratulations, that ad post from some random company has 12k upvotes now.

            Only alternative is still connecting it to a user, but only registering that they voted (but not if it’s an upvote or downvote, that’s anonymous again), but then you can never change your vote again afterwards. So if you misclick the downvote button there is no way back.

            With the current solutions in place, if you want to remain anonymous: Don’t create an account, just lurk. Or don’t upvote/downvote/comment on things. It’s as easy as that.

            Just like putting your real name online and then complaining when others can see it on Facebook… your account is as anonymous as you want to make it.