Edit: obligatory explanation (thanks mods for squaring me away)…

What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

  • catch22
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    1 year ago

    I think this is a good conversation to have, I’m assuming there are no security checks to make sure instances connecting to each other are legitimately released and code reviewed by the community? I’m also curious if you could run a malicious instance that garners a lot more information from your users than is necessary or uses security holes to gather information from other instances. This could send this entire experiment down the toilet very fast. For instance HTTPS guarantees you are connecting to who they say they are and are from a trusted source. At the very least it would be nice to be able to have control over your credentials and history, and only release it to trusted instances.