Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it’s visibly worse for privacy than even Reddit.
- Deleted comments remain on the server but hidden to non-admins, the username remains visible
- Deleted account usernames remain visible too
- Anything remains visible on federated servers!
- When you delete your account, media does not get deleted on any server
The privacy stinks you say? Did you know that Likes and Dislikes are public too? That was the most shocking to me. Because it is very much not like Reddit or others.
It’s still a fantastic piece of software, with all its flaws, though.
It’s impossible to federate these without making them public in this way.
The up-votes are also mapped to favourites in Mastodon etc, so that was always public anyway.
You could argue that this should not be hidden in the Lemmy UI, but there are also good reasons to not highlight that much who voted on a post.
I thought votes didn’t federate yet anyways… but, yes, it is possible, and i can come up off the top of my head with three or four potential implementations.
Good luck with finding an anonymous system that can not be easily abused.
FHE solves that through and through, as has been documented widely, but that’s overengineering when you could just use plain ZKP.
Zero-knowledge voting is here and has been for a while now.
Explains why this obvious issue is not brought up by Mastodon lol
Hey 👋 I know you. Hehe.
And yes, it should not be hidden. It is very much unexpected, because Reddit doesn’t do it, and it’s not visible to normal users.