Socsa

@Socsa@sh.itjust.works

• ⁨Comment⁩ on ⁨People born after 2000 have never seen the cosmic microwave background on their TV set.⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  It really isn’t though. It is thermal noise.

• ⁨Comment⁩ on ⁨When shitposting becomes constiposting⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Certain major instances are way worse than reddit ever was.

• ⁨Comment⁩ on ⁨Private voting has been added to PieFed⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  To prevent them from engaging in bad behavior.

• ⁨Comment⁩ on ⁨Private voting has been added to PieFed⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  So you can still ban the voting agent. Worst case scenario you have to wait for a single rule breaking comment to ban the user. That seems like a small price to pay for a massive privacy enhancement.

• ⁨Comment⁩ on ⁨Private voting has been added to PieFed⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  I don’t think you do. Admins can just ban the voting agent for bad voting behavior and the user for bad posting behavior. All of this conflict is imagined.

• ⁨Comment⁩ on ⁨Private voting has been added to PieFed⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  This is literally already the Lemmy trust model. I can easily just spin up my own instance and send out fake pub actions to brigade. The method detecting and resolving this is no different.

• ⁨Comment⁩ on ⁨Private voting has been added to PieFed⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  It will be extremely obvious if you see 300 user agents voting but the instance only has 100 active users.

• ⁨Comment⁩ on ⁨Private voting has been added to PieFed⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  But if the only bad behavior is voting and you can that agent then you’ve solved the core issue. The utility is to remove the bad behavior, no?

• ⁨Comment⁩ on ⁨Private voting has been added to PieFed⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Is that really harassment considering Lemmy votes have no real consequences besides feels?

• ⁨Comment⁩ on ⁨Private voting has been added to PieFed⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  You don’t even need to message an admin. You can just ban the agent doing the voting.

• ⁨Comment⁩ on ⁨Private voting has been added to PieFed⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Who cares? Generating an infinite number of tokenized identities to facilitate ban evasion will just result in an instance getting defederated. This introduces no real risk as long as the instance is generally abiding by the rules.

  Most of us here are fairly anonymous anyway. I dont think being able to add an additional layer of privacy to our activity is really a big deal.

• ⁨Comment⁩ on ⁨Private voting has been added to PieFed⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Awesome! This is the exact stopgap implementation I was arguing for, and I’m surprised how many people kept insisting it was impossible. You should try and get this integrated into mainline Lemmy asap. Definitely joining piefed in the meantime though.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Maybe. I was kind of hoping someone else would run with this flag because I don’t have a spare public GitHub account I really want to throw into this debate. I’m more likely to just implement it and then toss a PR grenade into the discussion in a few months if there’s no other progress.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Worst case scenario, there is an entirely separate, tokenized identity for votes which is authenticated the exact same way, but which is only tied to an identity at the home instance. It would be as if the voting pub is coming from user:socsa-token. It’s effectively a separate user with a separate key. A well behaving instance would only ever publish votes from socsa-token, and comments from Socsa. To the rest of the fediverse socsa-token is simply a user which never comments.

  I am not sure key based ID is actually core to AP anyway. The last time I read the spec it kind of hand waved identity management implementation.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Yes, that is why I am arguing in favor of an additional layer of pseudonymous voting.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  As far as I understand it all activity originates from the home instance, where users are interacting with federated copies of posts. The unique user token from a well behaving instance follows the user across the fediverse, allowing bulk moderation for voting patterns using that token. The only difference is that it is not explicitly tied to a given user string. That means moderation for vote manipulation gets tracked via a user’s vote token, and moderation for trolling/spam/rule violations happens via their display name. It may be possible that a user is banned from voting but not commenting and vice versa. It’s is a fairly minor change in moderation workflow, which brings a significant enhancement to user privacy.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  But not my votes.

• ⁨Comment⁩ on ⁨So it begins...⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  In this case, it could also be a very expensive hairpiece.

• ⁨Comment⁩ on ⁨So it begins...⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  This can’t be real

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  For starters datamining my voting patterns for building a deeper interest profile. It should be pretty obvious how this works in terms of user fingerprinting, and the ultimate monetization of Lemmy data. It would be super naive to think that Lemmy will be the one web space immune to this kind of thing. I guarantee you meta already has an army of silent instances doing this.

  Worst case scenario, legit state actors use it to target deanonymization attacks.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  And that is still possible with pseudonymous tokens votes. You just end up banning tokens for malicious voting activity, and users for malicious posting activity. It’s at best a very mild adjustment to moderation workflows.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  The current trust model already relies on a user’s home instance accurately reporting user activity and not injecting fake activity. Hiding real user votes behind pseudonymous tokens doesn’t change that at all.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Even for delusional tech bro bullshit, the idea that public voting on an anonymous forum will do anything other than create drama is pretty fucking detached from reality.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  On Lemmy the concern isn’t even mod abuse - it’s just how much user telemetry is pushed around in plaintext which makes me uncomfortable. I’m sure there are already instances which do nothing but listen to AP traffic actively building activity and interest profiles on Lemmy users. Say what you will, but at least on reddit they have to buy that shit. And if such a rogue admin is even a little bit enterprising, there are a bunch of potential IP deanonymization attacks possible by serving up content targeted to specific users during specific times of day. And probably a bunch of other shady shit I haven’t thought of.

  Honestly it’s more than a bit suspicious to me that AP and Lemmy has put seemingly zero effort into mitigating this sort of thing.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  It honestly just opens up a whole shitty can of worms. Are admins ready to weigh in every time someone fakes a vote history screenshot showing that so and so up voted a bomb threat before the post got removed?

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Agreed. 10/10.

  And you don’t even need real crypto here to start. The home instance can just send vote actions as fixed unique tokens. The way the trust framework currently works, this is literally a drop-in replacement and introduces no new spam/brigade vulns which don’t already exist from a rogue instance. It would be imperfect, and may still make it possible to correlate and infer vote patterns for a sufficiently motivated adve, but it would raise the bar for protecting user telemetry by a huge factor with very minimal effort. I’m honestly a bit surprised it hasn’t been done already.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  It isn’t true. As far as I can tell there is nothing right now which prevents me from sending a fixed, unique token for any give action from my test instance instead of the user string itself. Only comments would require the real user string, for obvious reasons. Likewise, another instance could ban that token, or the user or both. This actually does nothing to change the trust model, but would significantly enhance privacy and reduce the propagation of user telemetry.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Yes, and this would be fairly easy to make them at least pseudonymous without even needing to modify activitypub itself.

  That said, I still don’t support anything which lowers the friction of vote stalking like exposing votes in even more places. Technically people can look up my address from my license plate number if they really care to, but that doesn’t mean I want to list it in bold letters on my windshield.

• ⁨Comment⁩ on ⁨Lemmy votes ARE public, should they be anonymous?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Right now votes really don’t matter in terms of post sorting so I’m not sure if there’s really a point to this. As far as I understand it, any vote is engagement in terms of making a post active/hot/whatever

• ⁨Comment⁩ on ⁨Lemmy devs are considering making all votes public - have your say⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Sure, but the detection and enforcement mechanism would be the same as it is now.