this post was submitted on 02 Aug 2025
139 points (69.9% liked)

/0 Governance

259 readers
40 users here now

A community for discussion and democratic decision making in the Divisions by zero.

Anyone with voting rights can open a governance thread and initiate a vote or a discussion. There's no special keywords you must be aware of before you open a thread, but there are some. here's the governance thread manual.

Answers

founded 6 months ago
MODERATORS
div0@lemmy.dbzer0.com
db0@lemmy.dbzer0.com
139
Should we opt out of Lemvotes? (infosec.pub)
submitted 3 days ago by Flatworm7591@lemmy.dbzer0.com to c/div0_governance@lemmy.dbzer0.com
223 comments fedilink hide all child comments
 

Hi again mateys!

As most of you are probably aware, since the development of Lemvotes Lemmy votes are no longer private for users.

The way lemvotes works right now afaik, is it uses an admin level account to collect voting data from all federated instances, thus enabling the identification of every voter. This method effectively bypasses the guardrails the developers put in place to keep this info more restricted.

However, the developer of lemvotes has recently developed an "opt out" for instances that don't want their user data collected in this way. So now we have a choice of whether or not to continue. For total transparency, I asked the developer to create an opt out because I wanted to give our users the option to choose that path without defederating from the lemvotes instance.

I think there are (at least) two schools of thought on this topic, which I will attempt to succinctly summarize below:

  1. Votes should be kept private to users as they were only ever meant to be viewable by instance admins. Making votes public to everyone via lemvotes, when users have a reasonable expectation of privacy when it comes to voting, is a betrayal of user trust. It also leads to arguments and a lot of unnecessary drama, caused by users trawling though each others' vote histories.

  2. It's good that voting is transparent and that users have the same tools available as admins to conduct their own investigations into other users. This creates a level playing field and helps hold everyone accountable for their voting patterns.

So now you have some of the context, I'd like to ask our community what are your thoughts on lemvotes... is it a social good or a bad idea?

Personally, I quite like it from an admin perspective - it's a handy tool, and a pretty cool project. But I also have an expectation (mainly from other forms of social media) that users' votes should be kept private from other users, so I still think it's problematic from that perspective.

Proposal: To opt out of lemvotes, so that our users' voting data is kept (at least somewhat) private.

  • To vote FOR the proposal to succeed, upvote the post.
  • To vote AGAINST the proposal, downvote the post.

This will be a simple majority vote. Similar to the last governance topic, I have no clue what the instance sentiment is towards lemvotes, so let's find out! Feel free to add your comments below.

(page 4) 50 comments
sorted by: hot top controversial new old
[–] Kazel@lemmy.dbzer0.com 5 points 3 days ago (1 children)

voting for

load more comments (1 replies)
[–] antonim@lemmy.dbzer0.com 5 points 3 days ago* (last edited 3 days ago) (1 children)

Against. Occasionally I snoop through someone else's up/downvotes ("oh yeah, this guy is a cunt, just as I thought"). However, it seems unfair that I get to check the votes of people from servers that haven't opted out, while as a dbz0 user myself I'd be safe from such "inspection". (Have any other major servers opted out anyway?) It's a problem (if it is a problem) that should be resolved across the board, not just from individual instances.

load more comments (1 replies)
[–] Jake_Farm@sopuli.xyz 5 points 3 days ago (2 children)

Lol, just another excuse to get doxxed by a psycho.

[–] NotANumber@lemmy.dbzer0.com 1 points 3 days ago (1 children)

This info is already public. All you have to do is go on kbin or mbin.

[–] Jake_Farm@sopuli.xyz 3 points 3 days ago

Technically DoX info is also "public"

load more comments (1 replies)
[–] Neverclear@lemmy.dbzer0.com 4 points 3 days ago (1 children)

I have to believe some sort of system could be designed that can preserve privacy while preventing abuse. Maybe zero knowledge proofs, packet filters or fail2ban. Adaptations would have to be made, of course.

But I expect that exposing everyones' voting habits would enable more vengeance and spite than it would cooperation.

In holding out for a better solution. I choose the lesser evil of risking anonymous abuse over the greater evil of open discord.

load more comments (1 replies)
[–] basiclemmon98@lemmy.dbzer0.com 2 points 3 days ago* (last edited 3 days ago) (1 children)

Is it at all possible that we could edit the ActivityPub protocal for just our instance to NOT report who upvoted or downvoted what to the wider fediverse?! And if it is possible (I genuinely don't know how it works, so pls feel free to tell me otherwise), would any of us want to develop that?? (Feel free to remove this if this comment is too unhelpful or it shouldn't be discussed here)

[–] ragebutt@lemmy.dbzer0.com 3 points 3 days ago (1 children)

Pointless regardless of how you feel, am I wrong? Like wouldn’t other instances that have federated with this instance lead to comments from here

Private votes are a mixed bag. On one hand they can be abused and lead to brigading and making them public defuses this easily. On the other hand sensitive topics obviously are something one may not want to leave a receipt over. Dunno

load more comments (1 replies)
[–] Even_Adder@lemmy.dbzer0.com 2 points 3 days ago (9 children)

I use it for moderation, so having less data will severely hamper my ability to work.

[–] fxomt@lemmy.dbzer0.com 6 points 3 days ago (2 children)

If you are just using it for checking votes on content, mods can see votes in their own communities

load more comments (2 replies)
load more comments (8 replies)
load more comments
view more: ‹ prev next ›