Edit: obligatory explanation (thanks mods for squaring me away)…

What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

  • s4if
    link
    fedilink
    English
    651 year ago

    Nothing private in fediverse except when you are selfhosting yourself.

    • @vinnymac@lemmy.world
      link
      fedilink
      English
      211 year ago

      If post views are public that’s a fairly poor implementation on the developers part. I’m sure it will change over time.

      E.g. someone using your account to view illegal content in a community you are not a member of, and you being held accountable.

      • s4if
        link
        fedilink
        English
        211 year ago

        I think the in the current implementation, your post views is not public. But any data you have is still accessible to your instance admin.

          • @chris@l.roofo.cc
            link
            fedilink
            English
            141 year ago

            Nope. Everything you do is sent to all other instances. If you upvote your instance sends that upvote to the instance where the community lives and that instance broadcasts your vote to alle instances that subscribe to that community. Every instance operator can see the upvotes.

            • s4if
              link
              fedilink
              English
              11 year ago

              At least your password hash not accessible by anyone but you… and your dm is also only accessible by your recipient and his/her admin… 😅

          • @variants_of_concern
            link
            English
            21 year ago

            Would be awesome if you could just install an application onto your machine to be self hosted from

            • CALIGVLA
              link
              fedilink
              English
              91 year ago

              I mean, you can, that’s literally the definition of self hosting.

              • @ninjan@lemmy.mildgrim.com
                link
                fedilink
                English
                81 year ago

                While you’re 100% correct Lemmy would feel pretty slow running on your normal computer unless you keep it online and powered on 24/7. Since Lemmy fetches new content continuously and being offline causes a big backlog which will take time to process. It also presents a few extra challenges since you need a domain and cert and a home static IP isn’t super common which means you need dynamic dns and have to set that up. Any restart where you get a new IP will be even slower since you need your updated A host record to propagate before your Lemmy instance can fetch the backlog. Those issues aside though you could absolutely just run it like any dockerized application on your normal computer.

                • HTTP_404_NotFound
                  link
                  fedilink
                  English
                  51 year ago

                  If your lemmy goes offline- there is a good chance it WONT catch-up.

                  Servers only retry sending content so many times. ActivityPub PUSHES, rather then pulls mostly.

        • @vinnymac@lemmy.world
          link
          fedilink
          English
          51 year ago

          Not too bad then, at that point it just depends how they handle log storage on the instance you are visiting.

          Thanks for clarifying.

      • @Wander@yiffit.net
        link
        fedilink
        English
        61 year ago

        It’s not possible to make votes private is your care about no manipulation happening. Otherwise any self hosted instance could just communicate any made up amount of votes.

        • @WIPocket@lemmy.world
          link
          fedilink
          English
          21 year ago

          Cant they? Sure, they would have to make up new users instead of simply saying a number, but what is actually preventing that?

          • @Wander@yiffit.net
            link
            fedilink
            English
            31 year ago

            We can monitor actual active users that an instance has. Anything artificial in volumes enough to have an impact would be noticeable in some way to other instances.

            • lightrush
              link
              fedilink
              English
              31 year ago

              Can’t someone talk ActivityPub directly and do this? If the instance is responsible to authenticate the users, the instance can just directly talk ActivityPub to the rest of the network and tell it users and votes on the fly, without even Lemmy running there.

          • lightrush
            link
            fedilink
            English
            2
            edit-2
            1 year ago

            Without a common authentication scheme that every instance checks against… Probably anyone can do it. I don’t know how you’d even approach this. Signed messages via GPG with a common pubkey host? Some blockchain scheme for authentication that obviates the need for a central host? I’ve no idea.

      • @CmdrShepard
        link
        English
        21 year ago

        E.g. someone using your account to view illegal content in a community you are not a member of, and you being held accountable

        Can you explain what you mean here? How would someone else be using your account without your knowledge?

        • HTTP_404_NotFound
          link
          fedilink
          English
          21 year ago

          Sounds to me like they are trying to make scapegoats for looking at illicit content.

          • @vinnymac@lemmy.world
            link
            fedilink
            English
            1
            edit-2
            1 year ago

            You’re reading too much into my comment.

            I am a software engineer, and am always thinking of user experiences in my day job. This is simply the scenario that popped into my mind, but many do exist.

            Besides hacking, phishing scams, and pranks. Users trick others all the time into viewing content they didn’t mean to view.

            My concern isn’t so much that this can happen at all, but rather that if views were public, how it’d be trivial to write software that auto bans users based on those views. Without great moderation tools, and petitioning it wouldn’t scale well.

            • HTTP_404_NotFound
              link
              fedilink
              English
              11 year ago

              E.g. someone using your account to view illegal content in a community you are not a member of, and you being held accountable

              I may have replied to the incorrect content, but, I meant to reply to this one above.

          • @CmdrShepard
            link
            English
            11 year ago

            But that could apply to any online account not something unique to Lemmy.

        • @XiELEd@lemmy.fmhy.ml
          link
          fedilink
          English
          21 year ago

          Your friend or classmate would be like “You’ve got games on your phone?” then when you’re not looking they’ll try to access your social media.

          • @CmdrShepard
            link
            English
            11 year ago

            I suppose, but then they’re going to look up illicit content on said account in the hopes of framing you for a crime? That’s quite a stretch.

            • @vinnymac@lemmy.world
              link
              fedilink
              English
              1
              edit-2
              1 year ago

              I was just providing a scenario that came to mind. I am sure many exist outside the one I described.

              Nobody has mentioned crime, so I am not sure where that came from. Accountability can come in many forms, and often on the internet users will be banned or excluded based on their direct actions. However, if views were public, it would be trivial to setup a bot to autoban users from communities before they even join, based solely on what they’ve seen.

        • @vinnymac@lemmy.world
          link
          fedilink
          English
          11 year ago

          As I’ve explained elsewhere, this is just what popped into my mind.

          Many scenarios exist where you view content you did not intend on viewing.

          For example, have you ever been Rick Rolled?