Thank you. That answers my question. I figured you wanted to remain anonymous, but I liked your answer and I’ll be interested in what you find.

I was trying to word my initial post in a way to prevent you from becoming defensive, perhaps I failed. Though, I do feel quoting yourself is a bit… gauche, no? Especially since you are remaining anonymous.

Are you a single person or a group of people? Do you have any credentials that you’d like to share that might give some context to your research?

Where is the quote in your bio from?

I’m not touting apple. Its just a fact.Graphene has you check boxes so you know you’re giving permissions to your car. It informs you what information you’re giving to android auto. And, if you’ve installed apps through alternate sources, you do have to go through developer mode in Android Auto to enable apps from alternative sources. It takes less than 5 mins and you only have to do it once, but if you don’t, you’ll end up thinking android auto is broken in graphene, like the poster I was responding to believed.

I don’t think there is a better solution for graphene - it works fine after minimal setup. I’d gladly do that to preserve my privacy when it matters.

Apple doesn’t give a shit about informing you what it does with your info so it doesn’t do that. I’m not saying its better I’m just being honest. Its quick and dirty.

Android auto also works fine for me. I haven’t used an android phone in years so I can only compair it to apple car play. There are extra configuration steps to make it work but its not hard (just have to read some messages and go through some menus)

Apple car play “just works”.

Yea, I agree. It’s good enough. Sorry, I didn’t mean to sound like it was a bad solution, it’s just not perfect and people ought to be aware of limitations.

I used a small instance in my example so the problem was easier to understand, but a motivated person could target someone on a large instance, too, so long as that person tended to vote in the posts they commented on.

Just for example (and I feel like I should mention, I have no bad feelings towards this guy), Flying Squid on lemmy.world posts all over the place, even on topics with few upvotes. If you pull all his posts, and all votes left in those posts from all users, I bet you could find one voter who stands out from the crowd. You just need to find the guy following him everywhere: himself.

I mean, if he tends to leave votes in topics he comments on, which I assume he does.

It would have to be a very targeted attack and that’s much better than the system lemmy uses right now. I’m remembering the mass tagger on Reddit, I thought that add on was pretty toxic sometimes.

Also, it just occurred to me, on Lemmy, when you post you start with one vote, your own. I can even remove this vote (and I’ll do it and start this post off with score 0). I wonder how this vote is handled internally? That would be an immediate flaw in this attempt to protect people’s privacy.

While not a perfect solution, this seems very smart. It’s a great mitigation tactic to try to keep user’s privacy intact.

Seems to me there’s still routes to deanonymization:

1. Pull posts that a user has posted or commented in
2. Do an analysis of all actors in these posts. The poster’s voting actor will be over represented (if they act like I assume most users do. I upvote people I reply to etc)
3. if the results aren’t immediately obvious, statistical analysis might reveal your target.

Piefed is smaller than lemmy, right? So if only one targeted posting account is voting somewhat consistently in posts where few piefed users vote/post/view, you got your guy.

Obviously this is way harder than just viewing votes. Not sure who would go to the trouble. But a deanonymization attack is still possible. Perhaps rotate the ids of the voting accounts periodically?

I think they should be public. They’re already accessible for mbin posts and anyone administrating a lemmy instance. It should be clear to all users that their votes are already not private.

Someone could make a lemmy instance just to get voting behavior and make a website with cool graphs and stuff today and the only thing that could stop them is defederation. If Lemmy gets popular, this is just an inevitability.

Imagine if a large instance decided to do that today. Imagine if lemmy.world released lemmy.world/votes. Would people defederate just for that? Remember: Mbin already displays scores and I don’t think anyone has defederated over it.

Might as well put it on the interface so everyone understands it isn’t private. Rip off the bandaid.

There’s a newer article on the website about this person getting booted(?) off Privex because one of their business partners found Privex’s response to this writer objectionable. Here is the other article. From just what this person chose to post, it seems they host loli/shota content (drawings). Uurg.

(I did not do any further research than skim the articles he put on his site).

The research itself is… a nice resource. But… if you thought the image the blog writer chose for his article was a red flag, your instincts were good.