PSA: Lemmy votes can be manipulated

koper@feddit.nl to Fediverse@lemmy.ml – 1932 points –

The best part of the fediverse is that anyone can run their own server. The downside of this is that anyone can easily create hordes of fake accounts, as I will now demonstrate.

Fighting fake accounts is hard and most implementations do not currently have an effective way of filtering out fake accounts. I'm sure that the developers will step in if this becomes a bigger problem. Until then, remember that votes are just a number.

359

You are viewing a single comment
View all commentsShow the parent comment

Whitelist federation is one strategy. Rather than defaulting to federation with every instance a proactively moderated instance would only federate with approved requests.

That would kill small instances though, definitely personal ones for those who want to run their own. Once places like lemmy and kbin get big enough there is no way they're going to go through and hand-federate every tiny new instance that pops up. There'd be no way to tell which ones are personal and which ones would be used for manipulation?

You can still read posts witjout federation. And you could still comment on theirs within your home instance. You just wouldn’t be able to post within their instance.