Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)G
Posts
152
Comments
2038
Joined
2 yr. ago

  • Wenn ich Überwachung und Zensur wollte, dann würde ich gleich die AfD wählen.

    Ich bin so über alle Maßen enttäuscht von solchen Idioten. Mir fällt schon lange auf, dass zwar gerne auf "Lehren der Geschichte" verwiesen wird, aber irgendwie nie gesagt wird, was diese Lehren sind.

  • To boldly come where no man has come before.

    • Zafran Cockrain
  • I assume it proves that there is a public key associated with each vote.

    It doesn't sound like cryptography is able to add anything worthwhile. You have to trust the instance to police itself. Self-hosted instances still don't vote anonymously.

    A group of users has to cooperate to hide their votes from others and each other. Only the tally is known, but you have to trust the group. On the Fediverse, such a group will be the users of an instance. The more users the instance has, the more anonymous the individual becomes.

    You have to trust the instance admins to weed out bots and sock puppets, which is extra hard when they don't see the votes either. Presumably, compensating by collecting and keeping other data, such as IPs, for longer is undesirable. You have to believe that admins, volunteers all, are willing to do the extra work and that they don't actually favor manipulation for ideological reasons.

    The only way to uncover untrustworthy instances is to look at aggregated data. I guess you'd have to get/scrape data for some community and then analyze by instance if the number of posters is out of whack with the number of voters. I wonder if anyone's ever done such a thing. It's certainly more challenging than looking at oddities among voters who brigade some topic.

    Admins of large instances could get away with having many sock voters among the real users, if they wanted to manipulate discussions for, say, ideological reasons.

  • You could also make it prove each vote comes from one real account and that no account voted twice.

    How would it prove that the account is real? I suspect that the meaning of "real account" is not the opposite of bot or sockpuppet.

  • But accounts are already pseudonymous?

    Here's where I am at:

    I can check if my votes are federated correctly by checking if any of my votes are suppressed or votes in my name are made up. If my instance sends a different random token with each vote, I can still do that, as long as I know which tokens are assigned to my votes.

    But vote tallies can also be manipulated by making up new votes through fake/bot accounts. If a vote can be connected to posts, this can be checked to some degree. Say, if an instance has a lot of voters that never post, that indicates a problem.

    I don't see how the second thing with E2EE.

  • Es wird nicht drüber geredet, aber... Die Corona-Lockdowns haben vielen Kindern das Leben gerettet. Nicht wegen der Krankheit, sondern weil die Kleinen einfach nicht totgefahren wurden.

    Statistiken: https://www.euromomo.eu/

  • Linux fans: Teaching you all you need to know to survive in Russian politics.

  • Wait. What is the relation to vote federation?

  • It’s doable with E2E encryption,

    How?

  • Federation requires openness and that goes badly with secrecy. You can argue that one has to trust instance owners anyway, but knowing the users and not just the tallies makes uncovering manipulation easier.

  • Deleted

    Permanently Deleted

    Jump
  • That's not how it works.

  • How do you algorithmically manipulate those 12M people with Mastodon?

    The usual way, whatever that is. What would Mastodon do about it? How do you manipulate Bluesky?

    BTW, Bluesky has almost 40M users.

    It's the number in OP, so I ran with that. The fediverse number apparently excludes Gab and Truth Social. Makes sense, since those aren't federated with the rest, but that also shows an issue.

  • Alternate history: Bluesky never happens. Instead, some company opens up a Mastodon instance as a Twitter replacement. So instead of Bluesky with 12M+ users, there's a Mastodon instance with 12M+ users. Now what?

  • Bin ich der einzige, der den Artikel für schlecht geschrieben hält?

    Es wird darüber gelabert, was für Wunderdinge, die Kamera kann, obwohl das offensichtlich bei der Nachbearbeitung der Aufnahmen passiert. Ich fürchte, es fehlt schlicht das technische Verständnis für diese Vorgänge.

  • [Edit: I see the problem, even with a self-hosted instance of 1, when you comment on posts in other instances that data is no longer held on your server, so you don’t own it and can’t control it directly, is that right?]

    Not quite. It's more like Bluesky works, but also not quite.


    First, a note on the idea of "your" data. The law gives people rights over certain data. For example, copyright gives people rights over certain content, which translates to rights over data encoding that content. You may think of a movie as being yours because you have the file on your device. The copyright holder still considers it their data and will therefore demand control over your device through DRM.

    Rights over data always means rights over what other people do with their computers and devices. Unfortunately, Fediverse users are not very tech-savvy. They demand more rights and regulations and then condemn Big Tech for the predictable consequences. They pull on one end of the string and blame dark powers when the other end moves.

    The European GDPR also creates rights over certain data. You have GDPR rights over all data that is directly or indirectly related to you. For example, if I write about the current French President, then Emmanuel Macron has GDPR rights over that data, even if I don't mention him by name. Of course, his rights will be limited by freedom of information. Also, these rights are rarely recognized outside of Europe.

    What legal rights you have over data depends on your location. Copyright is internationally recognized, but its precise reach depends on location; eg the US has Fair Use. Even at a specific location, those rights depend on context, with a lot of gray area. This cannot be implemented technically.


    With Lemmy it's like this: When a user on an instance subscribes to a community, all (recent-ish) posts and comments in that community are downloaded to that instance. Users on that instance are served from their own instance.

    Generally, a Fediverse instance keeps a copy of whatever data its local users might need. If your instance was the only source for some data, then every user in the whole world needing it would have to access your server every time they want it. Every user whether registered or unregistered would hit your server every time they reload. If a server buckles under the strain, you just get missing data. It just wouldn't scale.

    Bluesky has Personal Data Servers (PDSs) for that role. Those are the definitive store of some user's data. This can be self-hosted easily. The data from all users is aggregated by a "relay", If a PDS is like a personal web server, then a relay is like a search engine. That's the one that you can't self-host; takes big time capital expenditure.

    I don't think the Fediverse has a solution for this. Imagine Mastodon or Lemmy with 100M+ users. How do you find stuff? Well, making a crawler and search engine for the Fediverse would be simple. But that would also take major capital expenditure.

    The Bluesky relay combines all activity into the "firehose". Anyone can write apps that get data from the firehose and present them to users. When Bluesky blocked Mississippi, that meant that the official Bluesky App did that. Other Apps still work in that state.


    Final bit: When you self-host, you need to be your own legal department. When you use a service, you are shielded to some degree. Eg when you infringe copyright, a social media service will usually just take it down. If you infringe copyright on your web server, or even via torrent, you may get a pretty hefty bill.

    Fedi-users cheer when Meta gets sued or settled with a huge fine. Well, good luck running your own Facebook server. Fedi-users mostly aren't very tech-savvy but when it gets to law, they are positively delusional.

  • I’m surprised they had a robot radiation hardened enough to actually try.

    It's not like this was the first time, such a situation came up. And it's not like we have to guess what plan B looks like.

  • Be strong now. Mastodon is a gGmbH. That's the German version and translates to public benefit limited liability corporation.