SorteKanin @ SorteKanin @feddit.dk

Posts

15

Comments

1,655

Joined

2 yr. ago

Please be aware that votes are already public, they just aren't shown in the UI. Other apps than Lemmy show the votes.

I think you may need to be logged in or something, not sure.

This isn't going to solve anything. Cryptographically secure voting helps when you can ensure that each person only gets to vote once. But anyone can just sign up for more accounts or make loads of bot accounts and vote multiple times. This solves nothing.

They are good questions. The downvotes for an instance with downvotes disabled are simply ignored so they don't appear in the interface and they do not affect sorting.

What’s the difference from users though?

Imagine you have 500 users that consisently upvote each other and 500 users that vote randomly on different posts. If you jumble up those 500+500 in 1000 random hashes, it becomes impossible to distinguish who is part of the voting ring and who isn't.

As far as I know, there are no plans or proposals for private votes at the moment and most implementations don't seem to mind that votes are public. So no, I don't think ActivityPub will have any support for private votes in the foresseable future.

You don't need a whole instance, you just need a user on another service that have votes public, like Mbin.

Comparing to democracy doesn't make sense, as democracy has mechanisms to ensure 1 person = 1 vote. The internet has no such mechanism. If we did, I'd be all for private voting.

people with unpopular opinions will get ostracized not just for their comments, but even for their voting

Sounds like those people doing the ostracizing should get moderated if they can't handle being downvoted. Besides, if a dickhead wants to see the votes today, they can find them - votes are public, Lemmy just doesn't display them in the UI.

But how would I, an external instance, know your true reputation? Would I need to ask your home instance and just trust that? So when I ask "what level of trust should I put in this user", a malicious instance could just say "a million reputation points" and I just need to trust that? I don't see how this is going to work.

Well, there are other problems too of course, but you can check the rest of the thread for that or check my comment history.

If there’s any way to make votes more private between users, we should do it.

I very much agree with your diversity sentiment, but this part is just not possible right now. The underlying protocol (ActivityPub) just has no mechanism for private votes.

Work should focus on making AP more private, not less.

That's a fair opinion, but this is clearly not the place for that discussion, neither is the Lemmy GitHub repository. ActivityPub has channels for that itself.

Meanwhile, while ActivityPub still has this state of making votes effectively public, we should decide how Lemmy should handle that. We can always change that if ActivityPub changes later, but that is probably years away, if not forever away.

I can easily set up an instance and write a simple bot which just spams votes with randomized user strings.

Well you can do that for a little bit, until your instance gets found out and it gets defederated. And you need to pay for a new domain if you want to do it again. So the current system actually makes it cost real money to do this spam you're talking about.

You don't need to start a whole instance to find votes, you just need a user on any of the services that show votes publicly.

Also, if someone is getting angry about downvotes in a bad way, moderators should just step in. People should learn that votes is just part of the system and accept them.

Only sharing aggregate votes could also lead to a lot of issues with vote manipulation, as it is very easy to manipulate such an aggregate.

I agree that ActivityPub is biased around microblogging though. For all its flexibility and universality, it is surprisingly catered to that use case.

If the token is the same for the user across different posts, it would be easy to figure out who is actually behind the token by correlating voting patterns.

An instance could decide to participate with tokenized user IDs

How would this work in practice? I upvote a post and it sends the upvote via a token user to another instance. Then I remove my upvote or downvote instead. My instance would then need to send an undo or dislike for the token user too. How would you ensure you have enough token users to fill up all the votes on a single post? You'd need thousands if not tens of thousands of these token users. How does it work when I ban one of these users? How do I prevent a user from participating if they use these token users?

Also, this could be used to make vote manipulation easier I bet.

Hmmm … is it not really possible at all?

In ActivityPub, no, not at the moment.

How would you verify that such a hash is coming from a real user? What if an instance sends 1000 fake hashes as votes? Also you could still correlate hashes and figure out who is behind the hash by looking at voting patterns of that hash.

Yes, upvotes are in fact just a Like object in ActivityPub and downvotes is a Dislike object. This translates to various other concepts in other ActvityPub apps, depending on what they choose to call it or how they handle them.

I still feel like this should be anonymized

There is no mechanism for doing this in ActivityPub at the moment. Also, you may not want that because it would then also be hidden from admins and mods, who would then be powerless to discover vote manipulation or downvote brigading and other nasty behavior. Having the votes be transparent is probably better as it allows people to discover this kind of behavior much more easily.

How? The ActivityPub protocol has no support for private votes. Also, private votes would be private for mods and admins as well, which would make downvote brigading and vote manipulation very hard to detect and moderate.