Upvotes seem to just federate as likes and dislikes.
Or you can be an instance admin. Iirc In the next lemmy version (1.0.0), mods will also be able to view votes in their communities.
mods will also be able to view votes in their communities.
You can already do this using tesseract, by the way (not tesseract.dubvee.org, strangely?)
On t.lemmy.dbzer0.com i can see both upvotes and downvotes (for all my modded comms):
I guess the feature was already merged in one of the past Lemmy versions then?
I think it’s been implemented this whole time, but it’s just that the default lemmy-ui doesn’t show it
You can already do it with a database query iirc.
I’m not sure about the downvotes part (i failed to recreate this lmao) but you can already view upvotes with mbin. Piefed solves this problem with a option to make your votes private but only with untrusted instances (but from my tests it didn’t work? weird)
IIRC, piefed’s private votes are disabled for “trusted” instances. You can see which instances are trusted here.
That is stupid and defeats the point and makes me rethink my decision to support piefed.
Bummer.
It depends what your threat model is. Admins being dickheads about who downvoted what was the main issue at the time so I made it about choosing which admins to trust.
If future Lemmy versions show votes to mods (not just admins) then Pandora’s box would be well and truly open so we’d need to rethink this.
Yeah I guess for me I don’t really trust any admins. At the end of the day that’s a permanent database of user activity which could be passed along to anyone, so ideally the minimum threat surface would be that it exists only on the home instance.
Also, I kind of just don’t get the point of obfuscating for some and not others unless there are some politics going on behind the scenes, which just gives me even more cause for concern. I think this is a killer feature for piefed and really addresses a major concern I have with Lemmy so it is just disheartening to hear that the functionality has been nerfed for seemingly no good reason.
I hear ya. There was quite a bit of back-and-forth about it and we ended up with a compromise. It would be good to have more configurability of this to suit different preferences.
There’s a niche out there for a max-privacy instance. No server logs, no email verification, automatic deletion of old content. And if it was running PieFed, no trusted instances set.
Not a niche I want to pursue but someone could.
Do you have a link to any discussions on this? I have browsed local posts on piefed.social but can’t find it. I’d be curious to see more context in support of the trusted instance concept.
Check this out for general background discussion https://piefed.social/post/205362. The idea to differentiate by trusted instances was mine and not discussed there. Pretty sure there was some discussion about it in the Matrix channel which is lost to time.
During the recent roadmap planning one of the potential units of work was to sort all this out https://piefed.social/post/411591 but it didn’t garner significant interest and didn’t make it through to the final version of the roadmap.
Damn, so this is how I find out we’re least trustworthy part of the commonwealth.
Ah, well that sucks :( i thought it just used a different strategy to do so if it was trusted, not outright disable it.
Will correct it, thanks
IIRC PieFed’s method is to send the upvote using a second random username not connected to your username.
I wish friendica had a mobile app. I spend more time on my phone
Its webui is responsive (i think), its compatible with the mastodon api.
Raccoon for Friendica is great if you’re on Android.
How to fo that?
Asumming you meant “do”, go to friendica (friendica.world) and paste the fedilink (press the rainbow button) into the searchbar.
Same was the case on /kbin, and while Mbin got rid of the downvotes, it still has public upvotes.
kbin also got rid of the ability to view downvotes. I believe either before the fork or at least before the implosion while mbin were still mostly just pulling from upstream.
I was thinking just now how there seems to be people who downvotes threads for no apparent reason, even seemingly innocuous and neutral ones… for example “Kingdom Come has sold 2 million units” 3 downvotes; “This New Algorithm for Sorting Books Is Close to Perfection” 5 downvotes; you get the idea. Now everyone is entitled to their opinion, but It makes me wonder if someone(s) is spam downvoting for some motive.
The first isn’t really interesting, and the second is clickbait. I wouldn’t say there is no reason for downvoting them.
You are NOT supposed to downvote things that “aren’t really interesting”, you are actively ruining other people’s user experience on here by doing that as downvoted posts get less visibility.
Some people might think it’s not interesting because it’s not appropriate content for that community, and that by downvoting they are improving the quality for everyone. I don’t think every instance/community has a unified consensus on how exactly to use voting, and some people are always going to do their own thing regardless.
This is one of the reasons why I’d love to see a more expanded method of reacting to content rather than simply upvoting or dowvoting; something like, say, user-side thread or post tagging, with things like “verified”, “clickbait”, and mood reacts like “happy” vs “sad”, and usefulness reacts like “solved, thanks” vs “closed as duplicate”, etc. We need more and better axes.
(Axises? Axeses?
Asses?)Interesting idea, but how do you decide on what the universally-agreed on reactions are? Have too many and they may as well just be comments!
A fair point that I admittedly don’t know how to solve. The closest I’ve got to a “functional” idea is to focus on splitting the two (I think? maybe three) things that an “upvote” is interpreted as, and supplementing with also the opposite / counter message:
- “I like what this post is about” (basically a like / heart / kudos)
- “I found this information useful / verified / checked” (a more proper upvote)
- (optionally) “I want this information to be more easily found”
Pretty much everything else can be a comment, as you say, but the purpose and reception of a message should also be as streamlined to communicate as possible.
Some people only browse global feeds and downvote stuff as if they’re trying to train the Netflix recommendation algorithm, completely ignoring the rules of the community it originates from
I remember that being a problem back on Reddit (though I always found people upvoting low-effort stuff that wasn’t community/sub-appropriate to be more of a problem). It’s kind of a site-wide UX issue though really, if a new casual user is just presented with a list of posts then they might genuinely be unaware of (or perhaps just uninterested in) where they came from and what their votes mean.
Well yes, the visibility thing would be the point. Interesting and relevant content is upvoted, becoming more visible to more people, and uninteresting and irrelevant content is downvoted, becoming less visible and shown to fewer people.
Your interests are not identical with interests of other people.
Every thread will get downvoted by someone for some reason. You would go insane trying to make sense of it.
That’s true, but since witnessing the waves of spam that flooded Kbin before its disappearance, I try to keep an eye open for this kind of shit.
Might just be people who are used to having an algorithm so they dislike stuff they don’t want to see more of.
Which is a problem
My guess is accidentally hitting the button while scrolling, and too lazy to change it.
Petty mods or users would abuse this
Mods can already see voting data, at least through the API on the latest version of Lemmy.
How can I see this in the community I mod?
You can use the Tesseract Lemmy frontend to view votes in your communities. However it will only work on instances on version 0.19.8 or greater, so if your mod accounts are on an instance like that it won’t give you the option or let you see them.
It’s already possible to see if you really want to look. Friendica is just another way.
I wish I could see what scummy lemm.ee mods removed my comments and got me banned
you can, names are shown in other frontends like phtn.app.
Thanks but doesn’t work if you’re site-banned.
You can usually use another instance that shows names if you have an account there, it’ll show at least the federated stuff.
This isn’t just a Frendica thing; you can see this from Mastodon, mbin/kbin, etc. Many people seem to think upvotes and downvotes are private, but the reality is that they’re publicly available information by default in ActivityPub. Lemmy just hides the information on the front-end for “normal” users; If you’re a moderator you can clearly see everything.
If one wants truly pseudonymous voting, they’re free to try out PieFed. See the announcement post for this feature for more details.
There are some instances that disable downvotes altogether!
Oof, hell no. That’s some Facebook level cancer right there when they removed downvotes.
It’s just a form of white washing that makes the same people who made up being offended by “black lists” and “master branch”.
Some people seem to really hate down votes. I don’t give a shit either way.
There’s no way that isn’t going to be abused. Some marketing or tracking agency will setup a fediverse server and just collect all data like this for free. Or worse, take advantage of a friendica instance to bombard it with requests for data collection purposes.
Yes, but as long as you don’t reveal your identity, they can’t do much to track you.
They don’t have access to your IP.
Of course, it you’re using the same username over multiple services, or reveal identifying information (which is much easier to analyse now due to AI) they will be able to track you.
Is IP not logged anywhere in Lemmy/ ActivityPub?
Nope just server
If image embeds aren’t cached by your server they can be abused to gain IP, but that’s a hack, it’s not intended.
You can set a Lemmy server to proxy image requests
Exactly, that’s why I said for ones that aren’t cached. They can be cached, but it’s not a guarantee they will be.
Proxying is a separate option from caching. I think it was added in 0.19.5
I think server admins can access. It makes sense moderation wise, if for keeping a tab on alts for enforcing permabans.
My name is actually Ricky Rigatoni and I am King of the Brooklyn Mafia.
This is nothing new. Fire up any ActivityPub server and you can see everything over the wire. As a Lemmy admin of my server of just me, I can also see it in the UI.
This feature has been available to all kbin/Mbin users since the beginning, btw.
I wanna say it was built into Lemmy originally as well but they removed it from the FE
It’s in lemmy but only available to instance admins
What can they use that data for?
It would only be usable data if they could show personalized ads to the users. They can’t.
All they know is that Meldrik up/downvoted this and that, but outside of Lemmy they have no idea who Meldrik is.
If you think metadata is worthless, I would like to make you aware about Snowden and his revelations. Look them up.
I think the issue is that many Lemmy users will think more carefully about what they comment than what they up/downvote, as a comment appears connected to your username but a vote doesn’t. You might decide against commenting on something you disagree with because you don’t want to get in a fight, instead just downvoting it, but if people then know if was you who downvoted can still pick the fight.
Basically the issue is you’re revealing a lot more information than you might initially have realised if you’d have known votes were public all along. Maybe a disgruntled person uses that to dox you, or maybe a corpo feeds all that information into their fancy computer system to work out who you might be, who knows.
Cant you just defed with them?
If you can identify all of their instances, yes.
Well yes, the whole concept of the fediverse is that of social media as a public service. All activitypub data is public.
So you’re agreeing with me that it will be abused.
Not them but yes but it’s not a feature of the system, it’s a failure of the humans.
What is it that you mean by that? Do you mind rephrasing your reply?
Tools do not have morality or ethics, only people do. Some people use tools in a morally and/or ethically questionable manner, either for profit or because it amuses them.
True, we perpetuate the unjust systems around us. Systems can be constructed to unfairly benefit some over others as well, like how capitalism unfairly benefits the wealthy.
It’s the age old argument of “It’s not Communism that’s bad, it’s the human element.”
Speaking as if any system created by humans will ever be free of the human element, which is of course faulty logic.
Edit:
The downvote button is not an ‘I don’t like this’ button, trogs. Read the rules.
I mean, when the human element is literally not doing communism, yes, that would be a problem.
That’s the problem: for communism to work, it requires perfect beings that act according to how the system is designed. Humans do not do that.
, which is of course faulty logic
…which is why design systems so that when using them we can account for the human element, right? Come on! We have centuries-spanning systems even industries built on that! Engineering, avionics, Yelp reviews…
I think you’re forgetting the context of the discussion…
Not them but yes but it’s not a feature of the system, it’s a failure of the humans.
A system designed to be used by humans has an attribute bound to be exploited by humans and it’s the failure of humans for exploiting it.
i think we should be accounting for it if we don’t wanna get swallowed by shitty interests tbh
Like, of course; tho any sort of “accounting” should IMO start from the base that the intent of this entire thing is to publicly share public information.
has anyone come up with possible solutions yet?
But it has absolutely nothing to do with how it is displayed in Friendica.
Yes, after all other servers need this information in order to prevent double voting, you can’t just have servers sending each other information “somebody upvoted this” and also tell when servers are allowing users to vote more than once.
So upvotes and downvotes aren’t actually private, never have been, some servers may display them publicly even if most don’t.
They should be.
Hashing exists for this use case
Hashing alone if it’s just usernames isn’t enough. Need something like keyed hashes, but then malicious servers can lie about numbers of votes.
Otherwise you need something ridiculously overengineered like public but encrypted logs of user actions and Zero-knowledge proofs of correctness mapping everything to a distinct existing user without revealing who it is.
As I mentioned in another post: for consistency is better to have each server count total votes from their own users, send a signed & timestamped message with the count to the host of the post being voted on. Then the host can display a consistent vote count to everybody that shows where votes are coming from without manipulation of external votes.
Each individual server can lie about its count, but not by too much or else it will be detected and the server can get defederated (or have its votes ignored).
but then malicious servers can lie about numbers of votes.
They already can do that by pretending to have users they don’t have. It’s definitely a quick way to get defederated.
And it wouldn’t be caught quickly or maybe even ever if they opted to use hashes instead of just showing who voted and when.
There are plenty of ways to handle double voting without plaintext user strings. The fact that it’s done this way is just lazy and poor design and doesn’t actually do anything to prevent a rogue instance from vote spamming with fake users.
The server hosting the post needs it.
It only needs to tell other servers the vote count, and the votes of people on that other server.
That may not be how it actually works, but that’s all that’s neededYes, but then you can have malicious servers sending fake numbers without other server operators being able to check whether this is at all plausible.
(It’s still possible for malicious servers to send fake votes, but server operators can see which users they are stated to originate from, then block that server if that looks like it’s doing that. At least that is my understanding.)
It’s only fake numbers for posts on the instance.
Not the first malicious instance, wont be the last.
What do you mean “send fake votes”?
Or rather, who do you think should be responsible for identifying and blocking fraudulent votes?And how do you reconcile votes that come from servers that you’ve defederated with? Should everyone have the same view of the post, or should people only see votes from servers that their server is federated with? What about votes from users you’ve personally blocked? Etc
I personally kinda think that the responsibility is on the server hosting the post, and that everyone should see the same (but anonymous) vote count, of which the hosting server is the single source of truth.
A malicious hosting server could use fake points to blast any message to the top of everyone’s feeds until manually banned or defederated
Yes, that’s happened before. They were sending a very large number of votes, so it was immediately obvious. Even a couple dozen from an unknown instance will be noticed, when an admin sees it and says “huh I haven’t heard of that instance” and when they look there’s nothing there.
I’m not sure how giving every server access to the votes solves that.
The malicious server can make fake users to pump up votes. your server admin has to notice, then check the vote logs, then see what’s happening and defederate them. That’s pretty much what you described in your scenario, anyways.It’s way easier to notice and defed when you can see these fake usernames
But it also has to be defended separately by the admin of every server that has a user subbed to that community. Seems like a large burden to put on small-mid instance admins.
I’d be surprised if my server admin was really paying attention that closely to votes on communities I’m subbed to, right?
I have to admit I don’t know the view that admins get of how their server intersects the fediverse.
Over thinking.
Only the instance with the post needs the username to register the vote, the count can then be updated by the instance. Simple and lightweight
That’s pretty cool. Sometimes in an argument there’s that (1/-1) thing going on, would be funny to see how both are downvoting each other.
Who cares? If your upvote or downvote or any other activity you deliberately perform on a public platform is something you’re embarrassed about and wouldn’t be willing to do in a face to face engagement you probably shouldn’t be doing it.
I agree, and if you absolutely must, then maybe make an alt?
The main problem is most people assume their votes are private, as they are private on reddit.
I think lemmy instance admins can see this too. Doesn’t even have to be a friendica instance
deleted by creator
Any instance admin can see the vote history.
