this post was submitted on 18 Aug 2024
814 points (97.9% liked)

Fediverse

28520 readers
405 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 2 years ago
MODERATORS
 

Probably better to post in the github issue rather than replying here.

https://github.com/LemmyNet/lemmy/issues/4967

you are viewing a single comment's thread
view the rest of the comments
[–] blind3rdeye@lemm.ee 55 points 3 months ago* (last edited 3 months ago) (2 children)

I'm seeing lots of comments here saying that server admins can already see vote data, and therefore it is not private.

But from my point of view, having a handful of people able to extract voting data using their position of trust on the lemmy network is very different from broadcasting voting data to everyone on lemmy. And although you can argue that it is possible to create a new server and federate and blah-blah-blah to view votes; that argument sounds to me like "don't bother locking your front door, because that type of lock can be defeated by a lock-picking tools."

And even aside from all that discussion about who can access what; there is another key point that I think is overlooked: Making voter information public makes it 'normal' thing to monitor and discuss. Currently there is an expectation that people won't look at or discuss that information (even if they hypothetically could get access). But by making it public, the expectation then is that everyone will look at that information. That would create a change in tone and meaning of votes and discussion around votes.

[–] SorteKanin@feddit.dk 29 points 3 months ago

using their position of trust on the lemmy network

Being a lemmy admin is not a "position of trust" - anyone can fire up a single-person instance for themselves and be a lemmy admin. You can also just view a post on mbin to see votes.

[–] lalo@discuss.tchncs.de 17 points 3 months ago (2 children)

Not only admins can see the votes, but anyone on Fediverse (except regular Lemmy users) can see them.

Security through obscurity is prone to failure when it is used by itself. If people want their votes to actually be private then another method of securing their privacy should be created.

[–] blind3rdeye@lemm.ee 18 points 3 months ago (2 children)

We aren't talking about security though. We're talking about what information should be presented on lemmy.

Let me put it this way: have you personally ever tried to see who upvoted or downvoted a particular lemmy post? And if you did, did you talk about what you saw?

My point is that currently basically no one sees the data. The expectation is that no one is looking. And it is not socially acceptable to discuss who is voting for what. But if the votes were changed to public then everyone would see it, the expectation would be that it is common knowledge, and so obviously it will be discussed. Is that what we want on lemmy?

[–] lalo@discuss.tchncs.de 10 points 3 months ago* (last edited 3 months ago)

Your first comment expands on both privacy and security. There is no privacy without some type of security.

Now to answer your questions: Yes and yes. Users from c/all were downvoting posts from a small community I'm a part of because they don't agree with. I couldn't see the posts from small communities that are important to me because of that. Now we have the possibility to sort by "scaled", which fixes that. Sometimes there are discussions that are very relevant as to who is voting for what. But that discussion has nothing to do with privacy, which was your first point and went unacknowledged on your second comment.

[–] graphene@lemm.ee 4 points 3 months ago

I sure don't, let the mods see it for their communities but not for everyone

[–] JackbyDev@programming.dev 3 points 3 months ago

But this isn't security! No one is claiming that not making vote history visible through the UI is a means to keep things secure!