If you can create a Lemmy instance and federate, you can shovel data about every vote linked to an account
If you can create a Lemmy instance and federate, you can shovel data about every vote linked to an account
I've created this post: https://sh.itjust.works/post/8898162
And some admin showed they can see how the upvotes\downvotes go.
If you are concerned about privacy, you should know, that this data on Lemmy can be easily mined and tracked.
Well, not only this data, all activity on lemmy is public since it needs to be federated (sent to all instances subscribed to the community will receive all activity).
Which means any person can track anyone if they subscribe to the same communities the user's instance has.AFAIK the only activity not sent is saved content, and downvotes from content hosted in instances which disabled them.
EDIT: for more example, here's my upvote to this post
"actor":"https://lemmy.pe1uca.dev/u/pe1uca","object":"https://sh.itjust.works/post/8931097","type":"Like","id":"https://lemmy.pe1uca.dev/activities/like/f6b0cced-4e1c-41d7-bf11-349b680c4d84","audience":"https://lemmy.one/c/privacyguides"And here's the original comment
actor":"https://lemmy.pe1uca.dev/u/pe1uca","to":["https://www.w3.org/ns/activitystreams#Public"],"object":{"type":"Note","id":"https://lemmy.pe1uca.dev/comment/1434121","attributedTo":"https://lemmy.pe1uca.dev/u/pe1uca","to":["https://www.w3.org/ns/activitystreams#Public"],"cc":["https://lemmy.one/c/privacyguides","https://sh.itjust.works/u/andrew_bidlaw"],"content":"","mediaType":"text/markdown"},"published":"2023-11-11T04:07:31.962497+00:00","tag":[{"href":"https://sh.itjust.works/u/andrew_bidlaw","name":"@andrew_bidlaw@sh.itjust.works","type":"Mention"}],"distinguished":false,"language":{"identifier":"en","name":"English"},"audience":"https://lemmy.one/c/privacyguides"},"cc":["https://lemmy.one/c/privacyguides","https://sh.itjust.works/u/andrew_bidlaw"],"tag":[{"href":"https://sh.itjust.works/u/andrew_bidlaw","name":"@andrew_bidlaw@sh.itjust.works","type":"Mention"}],"type":"Create","id":"https://lemmy.pe1uca.dev/activities/create/7a1c726e-0191-4a71-8980-a565727ac52d","audience":"https://lemmy.one/c/privacyguides"And all instances which are subscribed to this community need to receive this information to keep it updated.
39I assumed as much seeing as it’s a public site ran by many different entities.
Similarly, I think Google can read my gmails.
19In order to read gmails, you have to work at google.
In order to read the upvotes on this post, all you have to do is spin up your own lemmy instance. Anyone with technical knowledge can do it. The problem is a bit different. I could do it, if I was motivated.
If lemmy gets popular enough, there will be 3rd party sites with search bars and nice UIs and graphs to help you see how someone votes.
Not sure what the solution is. Maybe if we can’t make votes private, they should be fully public.
10
I can already see all upvotes and downvotes on mbin(kbin fork) so it's not really that private
There are all upvotes of your post for example - https://fedia.io/m/privacyguides@lemmy.one/t/395044/If-you-can-create-a-Lemmy-instance-and-federate-you/favourites
13Link lead me to main page, but after finding my post, yeah, I can see it.
3On lotide I click likes on a post and it lists who posted. If you make a post or comment with mastodon you get notified every time someone upvotes.
1
Oh, I remember seeing this a while back on the lemmy threads, thanks for the reminder!
Burner accounts for all! You get a burner and you get a burner and you as well!
11Haha. If all of us would do so, we'd sure up this usercount to combat Meta's Threads and dying Twitter.
6True!
3
From when I was asking about it, I think it's only the instance admins that can see the details. It would be nice to have this information clearly outlined somewhere, so people know and aren't surprised.
Maybe a table like
What can each person see
Lemmy
Other users Community Moderators Instance Admins info A1 info B1 info C1 (all) info A2 info B2 info C2 (home instance) info A3 info B3 info C3 (community's instance)
Reddit
Other users Community Moderators Instance Admins info A1 info B1 info C1 (all) info A2 info B2 info C2 (all) info A3 info B3 info C3 (all) info A4 info B4 info C4 (all)
10Anyone can see any upvote from federated users via kbin -- for example, the upvotes on the comment this is a reply to can be seen here: https://kbin.social/m/privacyguides@lemmy.one/t/616970/If-you-can-create-a-Lemmy-instance-and-federate-you/comment/3491191/favourites
That may not be complete or consistent though given the way federation works.
Downvotes from lemmy do not show up. (Not sure why not; haven't dug into it.) Only downvotes from kbin members are shown on kbin. Also unclear to me if downvotes between different kbin/mbin instances show up or if it's the local instance only. (I've only noticed local downvotes, but haven't really been looking.)
4The table rendering does not work, at least for me on mobile (jerboa android)
4
@andrew_bidlaw You can simply see this data on any Friendica instance if you have an account. Just hover your mouse over the like/dislike numbers, and you can see who upvoted/downvoted shit. You can even receive notifications about this on your own posts, just as on Facebook.
To me, it was funny back in the day to see all tankies brigading to downvote me on any single post or comment I made, the moment I started showing my political stances 😆 (yes, even stuff posted before that had no political stuff in them, lol). But yea. To some people, this might be a drawback.
The good thing, however, is that neither Kbin nor Friendica show you a centralized place in your profile to see what did you downvote. You just have to search every post you can find to see this info.
8@andrew_bidlaw this feature request for KBin to change voting so it is NOT public from 5 months ago has a lot of examples of why public voting can be dangerous, but there doesn't appear to be much interest in changing how this works in KBin or MBin.
5Thank you for the link.
I can imagine a couple of ways it can be obfuscated, but here in your link I've been reminded ActivityPub also serves Mastodon, where interactions are way less impersonal by design.
1
Makes me think...
Is there a plugin for like firefox, available which tracks what you write? Something which analyzes your output stream, or lets say, fetch all lemmy posts of a user and analyze how "easy" the writing patterns are and how easily the user is traceable via shadow linking multiple accounts etc.
I know in order to compare this data privacy violations are necessary, but I am genuinely interested in how ad companies are tracking myself and how easy I am to follow through patterns in my texts.
5As far as I know, LLMs are not that clever yet, and it would require a lot of work to automate tracking of so many targets. But a dedicated person tracking one user can see these. Unknowingly, we leave a lot of cues to know who we are. Not only patterns, but exact word-markers, like calling something by a regional-accepted name. Like how my english teachers insisted London's metro is called Tube.
3
Since there isn't a Karma system i don't think its a problem unless advertisers federate.
4