You can see who upvoted and downvoted a post by viewing it in friendica.
You can see who upvoted and downvoted a post by viewing it in friendica.
Upvotes seem to just federate as likes and dislikes.
Who cares? If your upvote or downvote or any other activity you deliberately perform on a public platform is something you're embarrassed about and wouldn't be willing to do in a face to face engagement you probably shouldn't be doing it.
I agree, and if you absolutely must, then maybe make an alt?
The main problem is most people assume their votes are private, as they are private on reddit.
The whole concept of the Fediverse as social media is that all the data is public. Stop acting like these servers are giving out private data. This data has never been private, and it never will be. Data like this being shared with any other server is how ActivityPub and the Fediverse work.
I know, but some people assume votes are private.
It's not good practice. Really one shouldn't be assuming anything is private or some entitlement to privacy on a service where all content you post is made publicly available to any and all linked instances. They miss the point of a federated public forum. If one wants privacy, data must be kept locally only. That's why Lemmy has local-only communities, the "private" community aspect that many people want just won't be federated, because you can't make something like this private otherwise.
I don't think everybody knows that and at least here on Lemmy, it doesn't show it by default like friendica. The fediverse doesn't necessarily mean that all data has to be public. It's just that it's way harder to have a sense of truth without public data.
There's no way that isn't going to be abused. Some marketing or tracking agency will setup a fediverse server and just collect all data like this for free. Or worse, take advantage of a friendica instance to bombard it with requests for data collection purposes.
Yes, but as long as you donโt reveal your identity, they canโt do much to track you.
They donโt have access to your IP.
Of course, it youโre using the same username over multiple services, or reveal identifying information (which is much easier to analyse now due to AI) they will be able to track you.
This is nothing new. Fire up any ActivityPub server and you can see everything over the wire. As a Lemmy admin of my server of just me, I can also see it in the UI.
Wouldn't you be able to see it by
curling the outboxes?
What can they use that data for?
It would only be usable data if they could show personalized ads to the users. They canโt.
All they know is that Meldrik up/downvoted this and that, but outside of Lemmy they have no idea who Meldrik is.
If you think metadata is worthless, I would like to make you aware about Snowden and his revelations. Look them up.
I think the issue is that many Lemmy users will think more carefully about what they comment than what they up/downvote, as a comment appears connected to your username but a vote doesn't. You might decide against commenting on something you disagree with because you don't want to get in a fight, instead just downvoting it, but if people then know if was you who downvoted can still pick the fight.
Basically the issue is you're revealing a lot more information than you might initially have realised if you'd have known votes were public all along. Maybe a disgruntled person uses that to dox you, or maybe a corpo feeds all that information into their fancy computer system to work out who you might be, who knows.
Cant you just defed with them?
If you can identify all of their instances, yes.
Yes, after all other servers need this information in order to prevent double voting, you can't just have servers sending each other information "somebody upvoted this" and also tell when servers are allowing users to vote more than once.
So upvotes and downvotes aren't actually private, never have been, some servers may display them publicly even if most don't.
The server hosting the post needs it.
It only needs to tell other servers the vote count, and the votes of people on that other server.
That may not be how it actually works, but that's all that's neededYes, but then you can have malicious servers sending fake numbers without other server operators being able to check whether this is at all plausible.
(It's still possible for malicious servers to send fake votes, but server operators can see which users they are stated to originate from, then block that server if that looks like it's doing that. At least that is my understanding.)
Hashing exists for this use case
Hashing alone if it's just usernames isn't enough. Need something like keyed hashes, but then malicious servers can lie about numbers of votes.
Otherwise you need something ridiculously overengineered like public but encrypted logs of user actions and Zero-knowledge proofs of correctness mapping everything to a distinct existing user without revealing who it is.
As I mentioned in another post: for consistency is better to have each server count total votes from their own users, send a signed & timestamped message with the count to the host of the post being voted on. Then the host can display a consistent vote count to everybody that shows where votes are coming from without manipulation of external votes.
Each individual server can lie about its count, but not by too much or else it will be detected and the server can get defederated (or have its votes ignored).
There are plenty of ways to handle double voting without plaintext user strings. The fact that it's done this way is just lazy and poor design and doesn't actually do anything to prevent a rogue instance from vote spamming with fake users.
Over thinking.
Only the instance with the post needs the username to register the vote, the count can then be updated by the instance. Simple and lightweight
They should be.
This isn't just a Frendica thing; you can see this from Mastodon, mbin/kbin, etc. Many people seem to think upvotes and downvotes are private, but the reality is that they're publicly available information by default in ActivityPub. Lemmy just hides the information on the front-end for "normal" users; If you're a moderator you can clearly see everything.
If one wants truly pseudonymous voting, they're free to try out PieFed. See the announcement post for this feature for more details.
Or you can be an instance admin. Iirc In the next lemmy version (1.0.0), mods will also be able to view votes in their communities.
mods will also be able to view votes in their communities.
You can already do this using tesseract, by the way (not tesseract.dubvee.org, strangely?)
On t.lemmy.dbzer0.com i can see both upvotes and downvotes (for all my modded comms):
You can already do it with a database query iirc.
I mod a small community with like 6 monthly users, I'm the only one who post or comment and the average post have 3/4 upvotes and 1 downvote. And I always ask myself who is downvoting my submissions, because it's make no sense to me that someone take the job of pressing the downvote button on a link to a EDM set. Couldn't they just block the community?
Use https://tesseract.dubvee.org/home/all/scaled to show downvotes
Assess whether banning makes sense for someone who only downvotes content
It's not about blocking, it's about sending a message.
No, sometimes it is about blocking.
If you run a small community like several of us do, even a small amount of downvotes can completely shut down a discussion from ever being seen by anyone else. It's a way petty assholes have of trying to kill conversation in small communities because they don't like something about what you said or how you said it.
If someone neither wants to contribute nor lurk, and merely drag down a community, they shouldn't be allowed to continue to be a part of it at all.
Some people just downvote for the sake of it.
I'm not sure about the downvotes part (i failed to recreate this lmao) but you can already view upvotes with mbin. Piefed solves this problem with a option to make your votes private but only with untrusted instances (but from my tests it didn't work? weird)
IIRC, piefed's private votes are disabled for "trusted" instances. You can see which instances are trusted here.
Damn, so this is how I find out we're least trustworthy part of the commonwealth.
I get this is obviously intended behaviour on part of actpub but I'd love for there to be a pseudo-anonymous voting system too. Maybe an option to hash user credentials when added to likes to ensure that they're unique whilst obfuscating the original user.
Hash them with the post ID appended, so a user can't be identified across posts
There is already a foolproof method that is immune to any abuse of trust by admins; create an alt account.
True, but there are other benefits too. Bots can't crawl through your likes for example. Maybe you want a feature on lemmy or mastodon or whatever with anonymous polling? (ik masto has polls but for sake of argument) Maybe you're implementing anonymous polling into an app for a trade union that needs total anonymity even from admins? It's not totally unusual!
IMO it makes sense to do this at a platform level just because there's a unified implementation of obfuscation across all the fediverse for any platforms that want to use, rather than a bunch of unique solutions that would be duplicated effort.
I mean, seems pretty pseudoanonymous to me, unless Musk had another kid he named apj2k36 or something.
People have really weird usernames sometimes
I think lemmy instance admins can see this too. Doesnโt even have to be a friendica instance
Any instance admin can see the vote history.
Same was the case on /kbin, and while Mbin got rid of the downvotes, it still has public upvotes.
kbin also got rid of the ability to view downvotes. I believe either before the fork or at least before the implosion while mbin were still mostly just pulling from upstream.
There are some instances that disable downvotes altogether!
Oof, hell no. That's some Facebook level cancer right there when they removed downvotes.
It's just a form of white washing that makes the same people who made up being offended by "black lists" and "master branch".
Some people seem to really hate down votes. I don't give a shit either way.
this is an icky issue because lemmy sends votes with empty addressing, so remote instances should count them but not show them to anyone. however mastodon (and *key) sends likes with empty addressing too, but considers them public. lemmy is (surprisingly) right here and should request that the rest of fedi respects the protocol and hides stuff based on its addressing. maybe open issues on mastodon and friendica
also this issue probably exists when seeing lemmy posts on any microblogging instance
I was thinking that it would make sense to federate upvotes, but with the hash of your username instead of your actual handle. Would this work?
The userbase is small enough that hashing would be easy cracked by a determined person. Even with salting, iterating through the entire userbase and hashing each username+salt to check for a match would probably not take long
Replace "hashing" with "encrypted" (perhaps just using a symmetric key that the admin sets up) and then it gets impossible to know for any outsiders who is the real user behind the vote.
I for one just wish people understood once and for all that anything you do on social media is public.
If you are not comfortable backing up your opinion or action, then don't do it.
What if a uuid is generated every time a user signs up, and every upvote iterates through the uuids?
One of the advantages of votes being public is that it keeps instance owners honest and, perhaps more importantly, means they know other instance owners are honest.
If they weren't public it would be easy to modify your lemmy instance to send 10 votes with fake hashes for every real vote. There would be constant accusations of brigading and faking votes.
I'm honestly surprised it hasn't already become rampant.
Piefed already does this, because it is the way.
Just make a rainbow table and get the usernames back.
I wish friendica had a mobile app. I spend more time on my phone
Raccoon for Friendica is great if you're on Android.
Its webui is responsive (i think), its compatible with the mastodon api.
That's pretty cool. Sometimes in an argument there's that (1/-1) thing going on, would be funny to see how both are downvoting each other.
I don't know this name, I read its part of the Fediverse... Does this affect us?
Yes, it is probably the oldest or second oldest server suite in the fediverse (diaspora is maybe older).
It was an early supporter of statusnet and pump.io, which are the earlier versions of ActivityPub.
It originally used it's own protocol to talk to other friendica instances, but a lot of plug-ins came out adding support for everything, even Facebook support for a while.
I was thinking just now how there seems to be people who downvotes threads for no apparent reason, even seemingly innocuous and neutral ones.. for example "Kingdom Come has sold 2 million units" 3 downvotes; "This New Algorithm for Sorting Books Is Close to Perfection" 5 downvotes; you get the idea. Now everyone is entitled to their opinion, but It makes me wonder if someone(s) is spam downvoting for some motive.
Might just be people who are used to having an algorithm so they dislike stuff they don't want to see more of.
Which is a problem
Every thread will get downvoted by someone for some reason. You would go insane trying to make sense of it.
That's true, but since witnessing the waves of spam that flooded Kbin before its disappearance, I try to keep an eye open for this kind of shit.
My guess is accidentally hitting the button while scrolling, and too lazy to change it.
The first isn't really interesting, and the second is clickbait. I wouldn't say there is no reason for downvoting them.
How to fo that?
Asumming you meant "do", go to friendica (friendica.world) and paste the fedilink (press the rainbow button) into the searchbar.