Lemmy votes ARE public, should they be anonymous?

souperk , 7 hours ago

For anyone interested, there are a few papers on cryptographically secure voting, where both voter anonymity and election integrity are preserved.

Most designs consider three separate entities, where if you accumulate the information between those entities you would be able to identify a voter and his vote, but each entity on itself does not hold enough information.

wazoobonkerbrain , 5 hours ago

That’s interesting. I have read multiple comments to the effect that it would not be possible for lemmy to implement anonymous voting because the underlying ActivityPub protocol does not support it. So it sounds like solutions do exist, although I suppose the effort required to modify ActivityPub is too much, more likely the feature will be included in some successor to the fediverse.

Vlyn , 3 hours ago

The problem isn’t keeping votes anonymous, that’s easy. The problem is bots/spam. You could just create a new instance and then upvote a post from another instance a thousand times. If the votes are anonymous for the other instance it’s tough to say if they are genuine users or just bots.

That’s the main issue here, when votes are anonymous you could easily just spam votes with no way to trace it back. If it’s a rogue instance then fine, you can ban the whole instance. But imagine if lemmy.world starts using fake votes in the background towards other instances.

nimpnin , 1 hour ago

What keeps from doing that right now? You can just create an instance and bot accounts on that

souperk , 1 hour ago

If you are worried about duplicates, aka a single bot spamming multiple votes, then that’s feasible to mitigate.

If you are worried about multiple bots spamming one vote each, that’s harder to mitigate and it comes down to how the instances handles bot accounts in general. IMO it’s best to ignore the bot problem and instead focus on designing a vote weighting system that favors similar instances.

A_A , 13 minutes ago

Thanks @souperk,
i believe many users will be interested in these papers about cryptographically secure voting.

Amongst them there would be :
@rimu
@SorteKanin
@brbposting

brbposting , 6 minutes ago

Wow neat!! Eating our cake & having it

Thanks @A_A

half_built_pyramids , 2 hours ago

I will always downvote ai shit. Brigade 100%. I’m fact this reminds me I need to get through all the ai subs and downvote everything again.

half_built_pyramids , 1 hour ago

We need to reveal downvotes so we can identify the ai lovers.

Akasazh , 21 minutes ago

And then?

half_built_pyramids , 20 minutes ago

Also brigade them

Akasazh , 17 minutes ago

You make a good point for anonymity of the votes

half_built_pyramids , 15 minutes ago

Thanks, that’s what I was getting at, but I still also hate ai shit.

Damage , 4 hours ago

If I vote something I’m expressing my opinion just like I would with comment, and those are not anonymous.
I get that people are worried about griefers and psychos, but anonymity is just a (poor) cure for the symptoms, not for the disease; users who don’t behave should be banned, and if their instance turns out to be a detriment to the community, they should be defederated.

The anonymity we should ensure is the one of the person behind the username, to avoid doxxing and cyber-bullying.

FeelzGoodMan420 , 4 hours ago

No I’m worried about powertripping mods… That’s the issue.

snek , 2 hours ago

Why is this so universal?

Buelldozer , 2 hours ago

Because too many mods are power tripping assholes and I say that as someone whose been a mod in various corners of the Internet since at least 2000.

The best mods, and admins, are nearly invisible and as close to drama free as possible.

snek , 16 minutes ago

I am Palestinian and I just got banned from world news ml for saying that some Israeli hostages experienced rape/sexual assault/abuse without “credible evidence”. Somehow the mod equated this with me not giving a fuck about Palestinian prisoners of war.

No my man… I was raped myself as a teen. So to me, all rapes are equal no matter who does it to whom.

Xirup , 9 hours ago

Wait a minute, so any admin can see which posts do I upvote/downvote?

bamboo , 9 hours ago

Yep. On kbin I think any user can too.

BentiGorlich , 5 hours ago

On mbin users can only see who upvoted a post. An admin can of course still go into the db and look there, but for users and mods there is no way to see who downvoted a post

Redjard , 53 minutes ago (edited 6 minutes ago)

There is a “Reduces” tab on mbin, which shows downvotes

BentiGorlich , 52 minutes ago

There was and is not anymore

Redjard , 49 minutes ago

Then maybe it is still around on some instances?
Either way, it is only a matter of time for another fediverse software to show downvotes, or someone to spin up a vote info page which gets its information via undisclosed legitimate fediverse instances so you cannot defederate them.

BentiGorlich , 45 minutes ago

I was actually the one removing it. I implemented the support for incoming downvotes and because I and others had concerns to keep showing remote users downvotes publicly we / I removed it.

Redjard , 41 minutes ago

That’s a pretty reasonable compromise, and probably explains my confusion.
Why didn’t you do the same for remote upvotes?

BentiGorlich , 38 minutes ago

Upvotes were already implemented when we did the fork. I guess we just never really thought about it. I honestly just have no opinion on whether upvotes should be public or not, so I don't mind them being public, but I basically never check who upvoted my posts anyway, so might as well be removed... If people care about this I'd say it is just up for discussion...

Redjard , 30 minutes ago

In my case I would like them to be private, but currently they are not. I don’t think it is good to try to hinder the visibility into a fundamentally transparent system.

I don’t see a technical way to make votes private either, that doesn’t prevent bad actor instances abusing the vote system. As an admin of an instance I could just add 5-10 votes to all of my interactions whenever I feel like it, and noone would be able to tell it didn’t come from legitimate users on my instance. The accounts of vote origin are needed as proof, hence moderators on lemmy having access to them.

Do you perhaps have any idea how this could be accomplished?

Munkisquisher , 9 hours ago

Yes, by looking in the DB or the data that’s federated as it comes through

ericjmorey , 9 hours ago

There's now a UI feature that allows admins to see votes without needing to manually query the database

Link , 9 hours ago

Furthermore, anyone can spin up a Lemmy server if they want to see people’s votes. It’s not very hard or load the same post in kbin/mbin.

otter , 9 hours ago

For what it’s worth, admins/employees on Reddit (or any other website) can also see upvote records.

Jumuta , 31 minutes ago

this is different, oc is talking about “any admin”. Anyone can make a lemmy server and become a server admin from which they might be able to see the voters

FiskFisk33 , 9 hours ago

yes, and any instance owner on any federated instance. Oh, and anyone on Kbin.

GBU_28 , 9 hours ago

Yep and they ban people as they see fit, across different communities, based on votes anywhere

skullgiver , 8 hours ago

What you upvote/downvote, when you upvote/downvote. With some database queries, they can also read DMs that are on their server (i.e. if you message someone on my server).

You can see who upvoted a post by putting the URL to the post or comment into any connected mbin server and clicking “favorites”. Downvotes are restricted by default (but admins can see those of course).

The only information admins can see is the information on their server. For Lemmy, that means a server would need to be subscribed to all communities you’re active in for that information to be available. If you want I can DM what upvotes of yours my server knows about.

unconfirmedsourcesDOTgov , 39 minutes ago

“If you have nothing to hide then you have nothing to fear.”

Given the strong presence of the privacy community on Lemmy, I have to say that I’m a bit shocked to hear so many in these discussions chiming in to support voting transparency.

I’m on board with the idea of using ring signatures to validate the legitimacy of a vote and moderating spammers based on metadata.

Or, for something (potentially) easier to implement, aggregating vote tallies at the instance level (votes visible to your instance admin and mods) and federating the votes anonymously by instance, so you might see something like:

• lemmy.world: 9 up, 2 down
• discuss.tchncs.de: 3 up, 4 down
• Etc

Up/down votes are the method of community moderation that sets Reddit apart from many other platforms. If the Lemmy community is trying to capture some of that magic, which is good for both highlighting gems AND burying turds, radical transparency isn’t the path to get there.

In fact, I’d argue that the secret ballot has already been thoroughly discussed and tested throughout history and there are plenty of legitimate examples of why it would be better if they were more secret than they are today.

Many people have brought up the idea of brigading, but would this truly get better if votes are public? Is it hard to imagine noticing that an account you generally trust has voted and matching their vote, even subconsciously?

For those who feel that they aren’t able to post on Lemmy because downvotes make you feel sad, my feeling is that if you make posts in a community and they consistently get down voted to oblivion, you’re in the wrong place. The people in that community don’t value your contributions, and you should find another place to share them. This is the system working as intended and the mods should be thankful that such a system has been implemented.

The last point I’ll make is about the potential for a chilling effect - making users less likely to interact with a post in any way due to a fear of retaliation. Look - if you’re looking for a platform where all of your activity is public, those are out there. Why should we make Lemmy look just like every other platform?

Coelacanth , 3 hours ago

I always thought anonymous voting was preferable, or at least non-public. I don’t want “why did you downvote me bro!?”-arguments to occur, and I don’t want to know who approves of my comments or not. I think thinking of votes as an amorphous blob representing general public opinion on Lemmy is preferable to getting into the weeds of who exactly likes your posts and comments.

We could also have “karma” on Lemmy, but while technically tracked the environment is better off without it being public in my opinion. I view voting records similarly.

If botting becomes enough of an issue that regular users need to report vote manipulation bots I’ll be fine with conceding my stance.

ChaoticNeutralCzech , 2 hours ago

I agree. As long as anonymous voting doesn’t cause obvious trolling/spam issues, it should be preferred.

One of the reasons I’ve always found Facebook off-putting and never used it (even before learning about the shady practices) are the very visible votes. I tend to overanalyse any reaction and would judge people based on their votes on my posts, even if I consciously tried to avoid it. Similarly, I imagine some other people would do the same and I’d feel like I’m under surveillance.

corsicanguppy , 1 hour ago

As a comment on the other discussion says, there’s a reason ballots are secret.

blanketswithsmallpox , 44 minutes ago

In reality you should be able to get an anonymized reference number to show your vote was tabulated correctly though.

Right now it comes down to an actual official finding your paper ballot with hand marked tracking and presuming to the computer read it correctly on an overall vote total.

Being able to do this anonymously and securely is where the problems lie. Which is also why digital only voting still isn’t a thing anywhere.

ZDL , 9 hours ago

To me the anonymity of voting is the problem, so the solution is to make them public for all, not to find ways of making them more private.

halm , 9 hours ago

The point of privacy is pretty shaky in this context, tbh. Anybody using the fediverse is ensured pseudonymity already, the privacy issue should be whether your account(s) can be linked to your real life identity against your will.

In that regard I can only see positives to making voting public. Foremost it could create some accountability to the system, and maybe minimise the lazier drive-by, doom scroll votes?

lalo OP , 8 hours ago

I completely agree with the idea of more accountability. We are real people in acting public right here, we should be constantly aware that our actions have consequences. If you don’t want your pseudonym associated with a vote, don’t do it. It’s kinda like the opposite of 4chan, where instand of anonymous controversial content on top, here we have human-curated content being pushed up.

halm , 8 hours ago

Couldn’t agree more, and if we passed around imaginary gold on Lemmy, I’d give you a dubloon for this.

rglullis , 8 hours ago

I’m so, so glad to see I am not the only one that thinks this way.

ZDL , 7 hours ago

It’s the lazy drive-by and rage votes specifically that I would love to see eliminated. If you’re too much a coward to defend a position, maybe you shouldn’t express it.

halm , 51 minutes ago

And now I definitely want to see whoever downvoted your post outed as cowards 👍👍

ZILtoid1991 , 2 hours ago

I can see that in some circumstances, votes might need to be public due to protocol, otherwise public votes have their own uses, and so are private ones.

null , 2 hours ago

Sounds like opinions are pretty mixed. Maybe we should put it to a vote.

But then how do we decide if that vote should be public or not…

ItsComplicated , 2 hours ago

Overall my opinion is irrelevant, however, I think there is a huge difference in knowing a person votes vs how a person votes. The how should not be public, imo.

mihnt , 2 hours ago

They should just stay mostly hidden as they are now. I was harassed 3 times while using kbin for my voting habits. When I brought it up to ernest, him and mostly everyone else defended it, even though at the time I was actively being annoyed by someone.

It’ll make less people vote in the long run and will scare people off.

Nothing worse than hopping on something I do for leisure to realize that thread I voted on a week ago has now come back to bite me in the ass because the OP decided to go on a crusade and harass everyone that downvoted them.

Tudsamfa , 2 hours ago

Always in favor of taking power from mods that they can abuse and simply do not need.

The 1 “You think you can come into MY instance, and downvote ME?” post I read was 1 too many.

snek , 2 hours ago

There is enough drama as it is. This will just open the door to shadowbanning and stalking and other horrors we have escaped by leaving reddit. It’s enough that it’s party available on kbin.

troed , 8 hours ago

Keep the Fediverse bot- and troll-free.

The whole idea of being able to behave like a shithead without accountability needs to go.

roguetrick , 4 hours ago

As with all things you must behave like a shithead in moderation.

j4k3 , 8 hours ago

I would rather vote identities being blocked from scraping. I don’t care about other users or admins. I would rather that level of information be unavailable to outside commercial sources, especially any timings based metadata that could be used to derive dwell time and other psychological metrics.

Microw , 4 hours ago

Thats probably a complete nonstarter in a federated network. The metadata needs to be sent via Activitypub, ergo it has to be public.

Damage , 4 hours ago

I think you’re looking for a different type of community then, like an image board.