Currently, almost anyone in the Fediverse can see Lemmys votes. Lemmy admins can see votes, as well as mods. Only regular Lemmy users can’t. Should the Lemmy devs create a way to make the votes anonymous?

There is a discussion going on right now considering “making the Lemmy votes public” but I think that premisse is just wrong. The votes are public already, they’re just hidden from Lemmy users. Anyone from a kbin/mbin/fedia instance can check out the votes if they are so inclined.

The users right now may fall into a false sense of privacy when voting because the votes are hidden from Lemmy users. If you want to vote something and not show up on the vote list, please create another account to support that type of content and don’t tell anyone.

  • Amju Wolf@pawb.social
    link
    fedilink
    English
    arrow-up
    1
    ·
    4 months ago

    Votes could be publicly federated but tied to some uuid instead of the username. That way you still have the same anti spam ability (can see that a user upvoted these things from this instance at this time) but can’t tie it directly to comments or actual user accounts without some extra osint.

    The issue with that is with malicious instances that could engage with vote manipulation by just generating new IDs and voting for whatever they want. If you can’t look back at the profile and determine whether it’s a real, non-spam account, it’s a pretty big issue unfortunately.

    You also have an issue where someone could potentially vote with “your” ID without any way to detect that it’s not actually “you” who sent the vote.

    • TechLich@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      4 months ago

      Yeah, that’s fair enough, though I’m not sure it’s very different from malicious instances creating normal user accounts?

      You can see when users from an instance are all suspiciously voting the same way at the same time regardless of whether they are usernames or IDs.

      There’s lots of legitimate users that only vote but never post so doing it based on that doesn’t seem very effective?

      The second problem is solved using public key cryptography, the same way that you can’t impersonate someone else’s username to post comments. Votes and comments are digitally signed (There would need to be a different public key for voting to maintain pseudonymity though).

    • Pika@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      2
      ·
      4 months ago

      they could do similar to another platform had done, which is tie voting to a shadow account that only the instance admin team can link to a user, this allows for moderation while providing the ability for obscurity.

      I still disagree it should be public in the first place, but I know it’s a hard requirement for federation so it’s unlikely to become more concealed