Edit: obligatory explanation (thanks mods for squaring me away)…

What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

  • Wander@yiffit.netEnglish
    6838·
    2 years ago

    To anyone surprised at this: welcome to the fediverse, please treat everyhing you do or say as public.

    The way to achieve privacy around here is by following the long forgotten arts of the old internet before Facebook was a thing: use a Nick name and don't tell strangers on the internet your real identity.

    Your home instance will act as a proxy and only they have access to your email and IP address. That does stay private.

    So, as long as you trust your home instance to not leak or disclose your connection or sign up data (which would be illegal in EU countries), just sign up with an alias.

    A very positive aspects of this is that it should allow us to detect voting manipulation by correlating the activity of certain potentially malicious actors. If Lemmy instances take vote manipulation seriously and do their best to block bots this has the chance to make Lemmy / Kbin much more transparent and credible than Reddit ever was.

  • TimewornTraveler@lemm.eeEnglish
    30113·
    2 years ago

    Edit: Obligatory RIP my inbox.

    Can we leave this kinda stuff behind? It is NOT obligatory.

    • NotMatt@lemm.eeEnglish
      1476·
      2 years ago

      I’m going to start throwing “edit: thanks for the gold kind stranger!” on the end of my comments just to induce some nostalgic cringe.

    • gsa32@lemmy.worldEnglish
      789·
      2 years ago

      Redditisms are cringe and always have been. Yes I agree we should leave them behind.

      • JesusTheCarpenter@feddit.ukEnglish
        3610·
        2 years ago

        Well, I disagree. Redditsms, or whatever you call them, among other things helped to make reddit as popular as it is (was) right now.

        I get you don’t like it personally, but your personal opinion about them being cringe, while respectable, is not a fact.

        • Bene7rddso@feddit.deEnglish
          15·
          2 years ago

          I agree with both of you. We should leave redditisms behind and create lemmyisms. And yes, they get cringe if overused

          • Boz (he/him)@lemmy.oneEnglish
            3·
            2 years ago

            Possibly relatedly, is this a good place to mention beans? I have not figured out where that meme actually came from, but apparently it’s a thing the cool kids are saying.

      • Chriszz@lemmy.worldEnglish
        216·
        2 years ago

        Yes all the bad Reddit jokes and unoriginal lame attempts at garnering upvotes eg making a stupid joke out of a typo (generally unfunny, rare exceptions), I also choose this guy’s wife, take my upvote you bastard, anything along the lines of wow I hate you for making a pun, I’m not crying you are, I feel personally attacked and god knows the list goes on and on

        Hopefully these things aren’t just replaced but one can hope

    • Cheems@lemmy.worldEnglish
      21·
      2 years ago

      This.

      EDIT: Thanks for the awards kind stranger!

      EDIT 2: Rip my inbox

      This is all examples of reddit shit that is really dumb. We don’t need to bring it over here

  • booty_flexx@lemmy.worldEnglish
    2771·
    2 years ago

    To illustrate op’s point I’m going to spin up an instance, federate with everyone, and not tell anyone what that instance is.

    Then I’m going to feed all that data into my new website, called Open Lemmy Stats, where anyone can query the user data ive accumulated. The homepage will be ripe with insights, leaderboards and all kinds of data on prolific users.

    Additionally, I’ll display a snapshot/profile of a random user by feeding that users data to GPT4 to make inferences about the user’s political affiliations and display the results.

    Worst of all, I’m not going to out my instance for everyone to know it as the one to defederate. In fact I’m spinning up a few instances that will host innocuous communities that I plan to mod and support to give my instances cover for their true purpose: redundant fediverse datastreams for my site, Open Lemmy Stats.

    I’ll also have a store where anyone can buy my collected fediverse data for a handsome sum.

    Just kidding I’m not doing any of this. But someone absolutely will or already is.

  • RyanHx@vlemmy.netEnglish
    1921·
    2 years ago

    People raise a good point that in countries where political dissent can actually be dangerous, this would very much dissuade people from voting on things they believe in, or even coming anywhere near Lemmy period.

    A better approach I think would be to have the user’s host instance save their votes (the database obviously needs to remember what you voted on), but when federating those votes with other instances just hand over a cumulative total, e.g., “here on vlemmy.net we have +18 votes for this comment”, which the other instances can then add. There’s no need to send user information with that data.

  • deweydecibel@lemmy.worldEnglish
    1802·
    2 years ago

    Reading these comments, seeing so many excuses, sarcastic responses, and handwaving, makes me realize a great deal of users really need to develop some imagination.

    This is not about privacy. It’s about data that can easily be used for targeting and profiling users, and how that creates countless avenues for targeted harassment and wide scale retaliation. It’s about all of the innumerable ways public vote information can and will be abused to manipulate scoring across the site with targeted/automated shadow banning and shared blocklists. Raise your hand if you trust every single admin to never abuse such a tool to curate the outward appearance of an instance to fit a narrative.

    For a different example: I could say something about how great Nazis are right now, and have a bot programmed to read every single person that downvoted me, add those names to a shared blocklist, and viola, I’ve made myself and all my alts invisible to the people that would challenge me on a massive scale.

    I promise you this is going to be a big issue as tools for this site get more sophisticated over time.

  • czech@no.faux.moe
    1662·
    2 years ago

    Activities are public and easily viewable on kbin. It’s been interesting. Seems mostly positive other than people harassing those who down-vote them demanding explanations.

  • kennydidwhat@lemmy.worldEnglish
    17015·
    2 years ago

    There’s something amusing about people feeling violated by their activity being made public, but not necessarily by corporations hoarding and capitalizing on that activity & data. I mean, one of them is out in the open. The other is pure abuse.

  • ScaNtuRd@lemmy.worldEnglish
    15618·
    2 years ago

    Not to sound harsh or anything, but those of you saying that it’s okay that all this data is public are insane. This completely goes against the entire philosophy of the Fediverse and FOSS in general. The reason we all are fleeing from Big Tech is because they collect so much data on us. At least, they keep it hidden from public view. This is a major issue in my opinion, and needs to be addressed ASAP before we can claim to have superior platforms on the Fediverse. Why can’t this data at least be encrypted?

  • Aceticon@lemmy.worldEnglish
    15115·
    2 years ago

    Well, yeah, it’s put on the database.

    It’s the only way to avoid double voting from the same account or to remove the reverse vote if one changes one’s mind and votes the other way.

    Did you think that it was any different on Reddit and that no random employee with access to their database could run a similar SQL query with a couple of joins and end up with nicknames, e-mails and IP addresses?!

    Do you know who are the Reddit employees with access to their database or a copy of it? Have you had a chance to vet them? I don’t think so.

    At least here it’s a bit more transparent.

    The only shocking thing in this is that anybody is shocked by it.

  • Bill@lemm.eeEnglish
    111·
    2 years ago

    I downvoted the beans and I don’t care who knows about it. I’d do it again.

    This is useful to know though, thanks. I guess assume everything is public short of your password (unless your admin is particularly nefarious and has altered the code to store passwords in plaintext for some reason).

  • Margot Robbie@lemmy.worldEnglish
    94·
    2 years ago

    Suppose there is someone who wants to maintain their anonymity and privacy on Lemmy so that it couldn’t be tied to their real identity, what do you think is the best way to do that?

    Hmm, I, famous Hollywood actress Margot Robbie and star of “Barbie”, sure am stumped.

  • FinalFallacy@kbin.social
    9711·
    2 years ago

    Isn’t that kind of the point? You don’t get very far hiding in a social setting. You’re on a public website talking to other people. Your posts should be public, comments, etc. At least people should treat all websites or apps they didn’t develop personally like they’re public. I mean you don’t really have a right to privacy in public.

    And I’m not trying to say this with some malicious tone or anything but it’s just my view on it.

  • Exosus@lemmy.worldEnglish
    863·
    2 years ago

    I mean essentially any decentralised type of social Media cannot work any other way. An open backend is not shocking, it is expected.

  • MissingNo@lemmy.worldEnglish
    842·
    2 years ago

    At first I agreed with the general “whatever” sentiment. It has some important implications, however.

    It discourages people from voting if they’re concerned about other people seeing their activity. This could result in a lower quality of scoring for posts.