Edit: obligatory explanation (thanks mods for squaring me away)…

What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

  • vinnymac@lemmy.world
    link
    fedilink
    English
    arrow-up
    21
    ·
    1 year ago

    If post views are public that’s a fairly poor implementation on the developers part. I’m sure it will change over time.

    E.g. someone using your account to view illegal content in a community you are not a member of, and you being held accountable.

    • s4if@lemmy.my.id
      link
      fedilink
      English
      arrow-up
      21
      ·
      1 year ago

      I think the in the current implementation, your post views is not public. But any data you have is still accessible to your instance admin.

        • chris@l.roofo.cc
          link
          fedilink
          English
          arrow-up
          14
          ·
          1 year ago

          Nope. Everything you do is sent to all other instances. If you upvote your instance sends that upvote to the instance where the community lives and that instance broadcasts your vote to alle instances that subscribe to that community. Every instance operator can see the upvotes.

          • s4if@lemmy.my.id
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            At least your password hash not accessible by anyone but you… and your dm is also only accessible by your recipient and his/her admin… 😅

        • variants_of_concern
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Would be awesome if you could just install an application onto your machine to be self hosted from

            • ninjan@lemmy.mildgrim.com
              link
              fedilink
              English
              arrow-up
              8
              ·
              1 year ago

              While you’re 100% correct Lemmy would feel pretty slow running on your normal computer unless you keep it online and powered on 24/7. Since Lemmy fetches new content continuously and being offline causes a big backlog which will take time to process. It also presents a few extra challenges since you need a domain and cert and a home static IP isn’t super common which means you need dynamic dns and have to set that up. Any restart where you get a new IP will be even slower since you need your updated A host record to propagate before your Lemmy instance can fetch the backlog. Those issues aside though you could absolutely just run it like any dockerized application on your normal computer.

              • HTTP_404_NotFound@lemmyonline.com
                link
                fedilink
                English
                arrow-up
                5
                ·
                1 year ago

                If your lemmy goes offline- there is a good chance it WONT catch-up.

                Servers only retry sending content so many times. ActivityPub PUSHES, rather then pulls mostly.

      • vinnymac@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        Not too bad then, at that point it just depends how they handle log storage on the instance you are visiting.

        Thanks for clarifying.

    • Wander@yiffit.net
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      It’s not possible to make votes private is your care about no manipulation happening. Otherwise any self hosted instance could just communicate any made up amount of votes.

      • WIPocket@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Cant they? Sure, they would have to make up new users instead of simply saying a number, but what is actually preventing that?

        • Wander@yiffit.net
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          We can monitor actual active users that an instance has. Anything artificial in volumes enough to have an impact would be noticeable in some way to other instances.

          • lightrush@lemmy.ca
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            Can’t someone talk ActivityPub directly and do this? If the instance is responsible to authenticate the users, the instance can just directly talk ActivityPub to the rest of the network and tell it users and votes on the fly, without even Lemmy running there.

        • lightrush@lemmy.ca
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          1 year ago

          Without a common authentication scheme that every instance checks against… Probably anyone can do it. I don’t know how you’d even approach this. Signed messages via GPG with a common pubkey host? Some blockchain scheme for authentication that obviates the need for a central host? I’ve no idea.

    • CmdrShepard
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      E.g. someone using your account to view illegal content in a community you are not a member of, and you being held accountable

      Can you explain what you mean here? How would someone else be using your account without your knowledge?

      • XiELEd@lemmy.fmhy.ml
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Your friend or classmate would be like “You’ve got games on your phone?” then when you’re not looking they’ll try to access your social media.

        • CmdrShepard
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I suppose, but then they’re going to look up illicit content on said account in the hopes of framing you for a crime? That’s quite a stretch.

          • vinnymac@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            I was just providing a scenario that came to mind. I am sure many exist outside the one I described.

            Nobody has mentioned crime, so I am not sure where that came from. Accountability can come in many forms, and often on the internet users will be banned or excluded based on their direct actions. However, if views were public, it would be trivial to setup a bot to autoban users from communities before they even join, based solely on what they’ve seen.

        • CmdrShepard
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          But that could apply to any online account not something unique to Lemmy.

        • vinnymac@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          You’re reading too much into my comment.

          I am a software engineer, and am always thinking of user experiences in my day job. This is simply the scenario that popped into my mind, but many do exist.

          Besides hacking, phishing scams, and pranks. Users trick others all the time into viewing content they didn’t mean to view.

          My concern isn’t so much that this can happen at all, but rather that if views were public, how it’d be trivial to write software that auto bans users based on those views. Without great moderation tools, and petitioning it wouldn’t scale well.

          • HTTP_404_NotFound@lemmyonline.com
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            E.g. someone using your account to view illegal content in a community you are not a member of, and you being held accountable

            I may have replied to the incorrect content, but, I meant to reply to this one above.

      • vinnymac@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        As I’ve explained elsewhere, this is just what popped into my mind.

        Many scenarios exist where you view content you did not intend on viewing.

        For example, have you ever been Rick Rolled?