The best part of the fediverse is that anyone can run their own server. The downside of this is that anyone can easily create hordes of fake accounts, as I will now demonstrate.
Fighting fake accounts is hard and most implementations do not currently have an effective way of filtering out fake accounts. I’m sure that the developers will step in if this becomes a bigger problem. Until then, remember that votes are just a number.
I wonder if it’s possible …and not overly undesirable… to have your instance essentially put an import tax on other instances’ votes. On the one hand, it’s a dangerous direction for a free and equal internet; but on the other, it’s a way of allowing access to dubious communities/instances, without giving them the power to overwhelm your users’ feeds. Essentially, the user gets the content of the fediverse, primarily curated by the community of their own instance.
when you say import tax do you mean actual monetary payment? Or a computing power tax? I don’t think I understand
I was reading it as lowering the value of an upvote from instances that are known to harbor click farming accounts. I could be wrong though.
That defeats the purpose of decentralization and creates a dangerous precedent. The entire point of Lemmy is that every instance is equally valid and legitimate. If certain instances are elevated above others, we’re on our way to do what Gmail and Microsoft did to email.
I agree it would be a dangerous precedent.
Thing is, though, every instance is not equally valid and legitimate: that’s the reason for defederating from Threads.
Not sure what you mean by what Gmail and Microsoft did to email? Do you mean that they assume many unknown email origins are spam? Though Gmail’s obviously attracted a lot of users, and I myself have moved off it now to paying for my email provider elsewhere, I was under the impression it’s been quite good for email and for pushing secure email, and being good at anti-spam.
I mean that Microsoft and Gmail took over the email protocol and right now if you stand up your own email server with a new domain/IP you basically have zero chance to get your mail delivered anywhere. They’ve positioned themselves as “higher” authority because of the sheer number of users they control and can now control the entire email system.
Same thing could happen with instances if we elevate lemme.world or any other instance to be “more legitimate” so their user votes count higher.
Uh no. Just implement DKIM if your messages are not being sent correctly. Spam is killing email, making admins implement more protocols such as DKIM but that isn’t “google and Microsoft killing email”
So, I didn’t mean instances treated unequally in the grand, set-in-protocol scheme of the fediverse - as if some centralised authority/agreement that this instance counts for more than that. Just as defederation doesn’t make meta’s instance authoritatively illigitimate.
But an instance can choose, within that instance, to defederate with another; likewise an instance within itself could deprioritise some or all others’ instances’ votes.
Still agree dangerous precedent …but still wonder if some sort of instance-controlled moderation of external content is eventually necessary in the future. Or, I suppose, there could be separate services (much like ad-block lists) that users individually could enable to auto-moderate/adjust their own feeds.
And (sorry for waffling!) I suppose it depends a lot on how much you browse specific communities and how much you scroll “all” or whatever. Back in the before-days, I’m used to subbing to very few communities, and generally lazily browsing r/all
Out of interest, within a community (that’s what a sublemmy is called, right?) is there any facility to prioritise votes of people subscribed to that community over those not subscribed? Was that the thing with brigading before (sorry, didn’t realise this before!) that mods can moderate and ban posts/posters but not votes/voters?
Oh, I’m not saying I agree, I definitely think it sets a dangerous precedent
Creating a foreign exchange for upvotes? 1 upvote from lemmy.world account = 25 upvotes from acconamatta.basementlemmy?
Maybe adjust by the number of upvotes coming from that instance (negatively) and by the number of upvotes users of your instance give over their (positively). If one instance spams upvotes, these upvotes loose value. If posts on that instance are popular with your users, the upvotes coming from that instance are more likely to have been made by real users. Maybe we can find a better metric to estimate the number of real, active users on another instance.
Sounds interesting, imilar to the way googles page rank works.
Yeah, that’s the idea
Edit: but I was thinking the result to be specific to your instance, rather than a fediverse-wide vote-rank standardisation.
So, e.g. to a viewer signed into lemmy.ml votes from within lemmy.ml would count more; but to the member of ispamlemmywithhate.crap, votes from ispamlemmywithhate.crap would count more
You can do it on your own instance, but the way Lemmy works means you’ll need to do some changes to both native code and SQL queries to make it work reliably. Every instance has complete control over how they display other instances’ data.
I would imagine this is the same with bans I imagine there will be a future reputation watchdog set of servers which might be used over this whole everyone follows the same modlog. The concept of trust everyone out of the gate seems a little naive
What is the definition of a “fake account”?
Are you an academic or just dense?
Are you an academic or just dense?
I thought beehaw is all about inclusivity and safe space and friendly shit
Who says I’m not being inclusive. If I want to provide a helpful answer to the question, I must know what perspective they’re asking from.
Let’s go academic with it, and skip straight past “impossible to answer” directly to heuristic / attribute analysis.
What are the attributes / behaviors / tells of a fake account?
In this context it would be an account with the sole purpose of boosting the visible popularity of a post or comment.
But that’s kinda the point of all posts. You post because you want people to see something and you want your post to be popular so it can be seen by the largest amount of people.
Your right. You just asked what a “fake account” was though. I think it’s generally accepted that if you create “alt” accounts for the sole purpose of vote manipulation, you’re being a dick.
Why am I being a dick, I was genuinely curious. What do you mean “vote manipulation”? Like making a post with one account and creating another one to upvote the post?
I didn’t mean YOU are being a dick. If SOMEONE creates “alt” accounts for the sole purpose of vote manipulation, they’re being a dick. I was using the royal “you,” a weird english language thing. You, yourself, are not a dick. We’ll you might be, but I don’t think so.
Sorry, I misunderstood. I definitely agree accounts created for the sole purpose of upvoting stuff/bot farms are bad. I just don’t know if there’s an effective way to fight it as they’re getting pretty elaborate these days and it’s hard to distinguish them from real accounts.
Pretty soon we’ll be at the point where no one will trust anything on the Internet.
PSA: internet votes are based on a biased sample of users of that site and bots
Thank you for this. I’d upvote you, but you’ve already taken care of that.
deleted by creator
shocked shocked
@[email protected] @[email protected] oh yeah nothing from servers in terms of numbers can really be trusted
love you lamp
Federated actions are never truly private, including votes. While it’s inevitable that some people will abuse the vote viewing function to harass people who downvoted them, public votes are useful to identify bot swarms manipulating discussions.
This. It’s only a matter of time until we can automatically detected vote manipulation. Furthermore, there’s a possibility that in future versions we can decrease the weight of votes coming from certain instances that might be suspicious.
And it’s only a matter of time until that detection can be evaded. The knife cuts both ways. Automation and the availability of internet resources makes this back and forth inevitable and unending. The devs, instance admins and users that coalesce to make the “Lemmy” have to be dedicated to that. Everyone else will just kind of fade away as edge cases or slow death.
This is really important to call out. Also though the bots have gotten so good it would be hard to tell the difference. To be honest though I’m pretty sure reddit was teeming withing them and it didn’t really bother me. lol
I have strong feelings about reddit being infested with bots too. And because reddit could, there’s no reason lemmy doesn’t have the same issue.
it didn’t really bother me
Bot armies could have hidden things from you that would bother you deeply, but because it’s hidden, you don’t have a chance to be bothered.
Ignorance is bliss?
Fake/bot accounts have always existed. How many times has a “YouTuber” ran a “giveaway” in their comments section?
Yes but you presumably had to go through a captcha to make each one, whereas here someone can spin up an instance and ‘create’ 1 million accounts immediately.
This gives me an idea;
Don’t store incoming data from remote instances into the “Main DB” immediately. Store them into SUBORDINATE DATABASES!
The logic of how you arrange these subordinate databases should be simple; depending on which instance you’re communicating with you could select a subordinate database like so;
- First; we need to have a “Main Delay” database. This database is used by all the instances we Both Federate With, and Mark as one we Trust! and we merge all records here into the main database on a specified timeframe to give ourselves a little time to roll back the clock if something betrays that trusted status.
- Secondly we need to have unique little databases for each little instance that we Federate with, but do not yet mark with trust! These little DBs are merged into “Main Delay”, then Main on a different time-delay schedule. This gives us even more time to roll back large-scale attacks, spam or flooding via ActivityPub as well as time to just smack the “Defederate” button as soon as they start to misbehave and, optionally, jettison the garbage data that caused the need for Defederation as well.
Reddit had/has the same problem. It’s just that federation makes it way more obvious on the threadiverse.
Instances can just defederate with those servers
That can only be done after the fact, and people can just create new ones constantly can they not? There needs to be a different pro-active defense to watch for the signs of manipulation and counter them as they happen.
Whitelist federation is one strategy. Rather than defaulting to federation with every instance a proactively moderated instance would only federate with approved requests.
That would kill small instances though, definitely personal ones for those who want to run their own. Once places like lemmy and kbin get big enough there is no way they’re going to go through and hand-federate every tiny new instance that pops up. There’d be no way to tell which ones are personal and which ones would be used for manipulation?
You can still read posts witjout federation. And you could still comment on theirs within your home instance. You just wouldn’t be able to post within their instance.
that’s only an option if they are obvious about it
IMO, likes need to be handled with supreme prejudice by the Lemmy software. A lot of thought needs to go into this. There are so many cases where the software could reject a likely fake like that would have near zero chance of rejecting valid likes. Putting this policing on instance admins is a recipe for failure.
Votes were just a number on reddit too… There was no magic behind them, and as Spez showed us multiple times: even reddit modified counts to make some posts tell something different.
And remember: reddit used to have a horde of bots just to become popular.
Everything on the internet is or can be fake!
