the comment_like database table in Lemmy also has a timestamp on it, "published" field, that discloses what time you voted. This reveals patterns of your Lemmy usage to other federated servers.
You Should Know
YSK - for all the things that can make your life easier!
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
Rules (interactive)
Rule 1- All posts must begin with YSK.
All posts must begin with YSK. If you're a Mastodon user, then include YSK after @youshouldknow. This is a community to share tips and tricks that will help you improve your life.
Rule 2- Your post body text must include the reason "Why" YSK:
**In your post's text body, you must include the reason "Why" YSK: It’s helpful for readability, and informs readers about the importance of the content. **
Rule 3- Do not seek mental, medical and professional help here.
Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.
Rule 4- No self promotion or upvote-farming of any kind.
That's it.
Rule 5- No baiting or sealioning or promoting an agenda.
Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.
Rule 6- Regarding non-YSK posts.
Provided it is about the community itself, you may post non-YSK posts using the [META] tag on your post title.
Rule 7- You can't harass or disturb other members.
If you harass or discriminate against any individual member, you will be removed.
If you are a member, sympathizer or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people and you were provably vocal about your hate, then you will be banned on sight.
For further explanation, clarification and feedback about this rule, you may follow this link.
Rule 8- All comments should try to stay relevant to their parent content.
Rule 9- Reposts from other platforms are not allowed.
Let everyone have their own content.
Rule 10- The majority of bots aren't allowed to participate here.
Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.
Partnered Communities:
You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.
Community Moderation
For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.
Credits
Our icon(masterpiece) was made by @clen15!
That's a point that I think a lot of people are missing. Since a lot of this data is propagated, it's not just their own instance admins they have to be concerned about, it's any instance admin across the globe. There's effectively zero cost to become an instance admin.
People are already using it for "good", e.g. correlating upvotes and downvotes to identify accounts that are related to each other for the purposes of stamping out bot activity. The same method could also be used correlate ALT-accounts, say for example, a hard-right leaning account that has an alternate that interacts regularly in support of LGBTQ+ communities.
I would hope this would be obvious to anyone. If your client can highlight which posts you have upvoted in the web and app UI then the fact that your user specifically upvoted that post must be recoverable from the instance server and thus must be recoverable by the instance admins. I would not expect anything different.
Reddit always had this too though. In every app I used there was an "up voted" and "down voted" tab when I would look at someone's profile
Maybe it was an api thing?
Now we know who are the people stalling the liftoff of the bean's meme to the stratosphere.
I'm already questioning the whole system behind it, not just votes.
Say you have critical information that you want to delete but other instances can just ignore this deletion request, than I could technically write a plugin that uses an extra instance, to always display all deleted comments to me, despite me being a regular user.
For other sites you'd need a crawler, catching this information and all this in a rapid fashion to be usable, with a lot of programming extra work.
At this point we can as well remove the option to delete or edit a comment as everyone can host their own, which wouldn't be possible with proprietary tools.
If someone can simply see votes the same way, we can as well add a mouse hover function that will display the username of whoever upvoted.
Displaying the internal information publicly is indeed the more honest approach. Still, people need to understand that Social Media is Public Media. Deleting and editing depends on the goodwill of the receiver. Just imagine you were sending an email when you send something here. It is about the same level of control. It is not like you had much more control on Facebook or Reddit.
Good find, albeit a bit horrifying.
I wonder what the GDPR implications of this is. As far as I understand, even free, privately run services are required to abide by GDPR and offer data insight and deletion. They're also required to state clearly what happens to user data.
Edit: Apparently people have varying takes and feelings on what the GDPR does and does not say, so I urge you to please read the summary of GDPR data privacy here: https://gdpr.eu/data-privacy/ as well as the summary of what constitutes personal data here: https://gdpr.eu/eu-gdpr-personal-data/ It's easier to have a good and fruitful discussion if we talk about what the GDPR actually says.
People have burner Reddit and Twitter accounts for posts or votes they think could bite them in the ass, so why wouldn't they do the same on Lemmy?
There is a fundamental misunderstanding here.
Our data has never been 'invisible'... We've just trusted that places like Reddit and their staff will do the right thing. That's literally how it already works.
If you sign up for Reddit, Reddit staff can see your posts and votes if they want to.
If you sign up for a private forum the admin there can also see database contents.
One way encryption is not possible without stopping functionality... If data about you was encrypted then posts you make couldn't be displayed. If you include a means to decrypt then there was no point encrypting anyway.
This is how it's always been, and Lemmy doesn't change this status quo much.
A faceless corporation that has had access to your data is just replaced by a variety of admins distributed across instances.
This isn't a good or bad thing, the potential for abuse does exist, but when we have literally made agreements with places like Reddit that they can use and sell our data... then what difference does it make it an admin takes a peek?
It wouldn't be great... but nothing is perfect.
It's still worth working on however, to see if a better solution can be found, but at this time I'd say just be aware that it is possible that your data can be seen and understand the only safeguard against that if you need to communicate something private would be to use direct messaging with end to end encryption.
Sounds like a "non-issue" to me, really. That's kind of the point with the fediverse. If I run an instance, I have access to its database and, thus, everything stored in it. That was the case with old PHPBB forums, admins could see everything.
The questions is what ends up stored from outside my own instance. I haven't looked at the source, but I would hazard a guess that it's mostly some json blobs and/or pointers to users/instances.
I'm fine with it.
I mean... you can get information accessing the database. Can anyone access the instance DBs? No. How would you know reddit doesn't log these in its database somewhere?
On it's own, it's not a problem IMO. Why would you want to show all information stored on the frontend? But, if you have to investigate something, it's not that bad you have stuff in your database that can help it.
Granted, if an admin is a shitface, they can look at these information. And then...? Make fun of downvoting people? Go to other instance and that's it.
Well time to write a bot that creates a new account for every vote and comment
For as much as I love Lemmy, its obvious that it is an early software. Mark my words, that’s not the last privacy threat it will experience.
Beyond upvote/downvote data is there anything else that is seen beyond whether someone had an arbitrary influence on a post?
I'm safe, I upboated the beans
It's not just upvotes and downvotes. Instance admin also knows your email and can store your password in plaintext if they want to. It's up to user to decide whether to trust the instance admin
I think you need to clarify how they can see the password. It’s not stored in plaintext, but when the user logs in, the server administrator can see the password in the HTTP post data if they log it in the lemmy sourcecode. All apps are subject to this and it’s why to have to trust the instance owner.
Admins can see literally everything. If you can see it (from your end, like whether you've upvoted something), it has to be stored somewhere and of course the server owners can see it
Is the poster's IP address, system, or other system identifier/location, tracked?
If I have users giantshortfacedbear and throwaway123. Then it could be inferred or impled that they are same person if there are from the same IP or phone.
That information is not tracked in the application itself. A "home instance" admin could correlate their web access logs with the database to draw this kind of conclusion but it's not federated info.
I don't think that's necessarily bad. You upvote to indicate your approval of something. Usually people approve things to recommend it to others.
The things I upvote and downvote are in line with my personal values and I am not ashamed of that. I have no issues with anyone knowing my reaction to a post. On Discord anyone can see who leaves reactions on a message. Same with Facebook. It will show you who added what reaction.
The things I upvote and downvote are in line with my personal values and I am not ashamed of that.
Sounds an awfull lot like I have nothing to hide therefore I don't need privacy. The goal of crypto etc is to design protocols that allow you not having to trust anyone. I don't want to trust anyone, and I don't.