What does open source itself mean?
Does it mean anybody can access information about lemmy like upvotes?
Can any person access lemmy data to know what I upvote?
Open Source has nothing to do whether data involved in the program/service is available, it refers to the source code. This source code is the recipe of the program, it is written in a programming language. When a project is open source people who make modifications to that code must publish the modifications with the same licence(generally speaking), thus ensuring a mutual knowledge exchange.
As for the data in Lemmy, yes you can see who upvoted posts and comments but it is not available in the interface. There is a website called Lemvotes or something that does this. To be clear, a project can be open source and not expose data of their users, for example the Matrix protocol.
others have answered the important parts so i’ll just do an addendum: your DMs on lemmy are also available to everyone.
wait what? you mean if i send a PM to you, another person is able to read what i sent in plaintext?
they’re stored in plaintext, so anyone with access to the server can read them. i’m assuming you can’t fetch someone else’s DMs but i haven’t read the source.
If they’re federated, then you should be able to fetch them if you’ve got the URL. IDs in ActivityPub have to be dereferenceable iirc.
But like, even if they were only dereferenceable for a short time, the very act of federating the message would hand over the PM to outside the garden controlled by your instance. There’s no stopping the recipient from doing whatever they want with it.
Actually, that’s a problem on ActivityPub; DMs are hard to cipher within AP because of the AS and JSON-LD particularities. Though there’s some good software that done it, like Bonfire.
Damn, now this is good to know. By any chance do you know is that include DM’s with bots (mod bots and other tools of the like)?
Everything on Lemmy should be considered open and readable.
Usually when you’re creating software (a program, website, game, whatever app) you have
- the source of it (code, images, text, etc)
- the end-user product (the thing a user sees)
Closed source apps only allow you to access #2.
Open source apps allow you to access #1 as well. This means you can find out exactly how that software works if you had the required knowledge. You can even modify it and create your own version of #2.
#1 does not include user-generated data.
It means that you can access a copy of the source code to read, modify, or run your own instance of the software.
It means that the source code of the application (e.g. the Lemmy website/server) is available to everyone. Everyone can spin up their own personal Lemmy server. The difficult and sometimes controversial part is that I don’t necessarily know whether a website is running the publicly known source code.
The content you create with it is not part of what makes an application open source or not.
It’s possible in theory, hard in practice. You can, for example, look if they have any repo with their fork (if they forked) or mirror (if just mirrored for one reason or another). Well, that’s the easy part. But even if so, you could think that you can’t know if the code in the repo is the same as the running one. But that’s not always true, as for example if the code has reproducibility guarantees; just like in F-Droid, or in Nix, or in Guix. There are projects that make it more localized, at the application level, publishing everything from the compilation recipes along with their scripts and DBOM, to their default configurations. If they claim that the program they are running follows just those structures but you cannot reproduce it when compiling or self-hosting, you may become suspicious. Of course, divergence adds another problem here, and the method is not perfect either since it depends on there being a certain initial assertion to test against your evidence, but it is much better than nothing. And I don’t know in any case why you would join an instance that claims to be reproducible but does not give access to its code or one that gives access to non-reproducible code.
Unless your instance admin actively blocks lemvotes you anyone can see your vote history
https://lemvotes.org/user/Karl@literature.cafe
The Lemmy source code is open source so anyone can run it and use it within the bounds of the licence.
Not true, because anyone else can spin up their own instance and see them too. Nothing is private here, on purpose.
Any Mbin instance lets you see people’s upvotes too. Though they sadly don’t show downvotes anymore.
OpenSource means you may look into the algorithms that decide what you see and everything technical. You may find for example that Lemmy doesn’t use an algorithm that is trained to make you addicted.
The fact that likes are basically public is a byproduct of the federated aspect of Lemmy and somewhat also a design choice. (Since otherwise it would be hard to make your upvote count on all federated servers)
Use bookmarks and only your server admins have insight into what you like. Use offline bookmarks and the data is yours. (Or selfhost)
