Draconic NEO

You can usually use another instance that shows names if you have an account there, it’ll show at least the federated stuff.

Exactly, that’s why I said for ones that aren’t cached. They can be cached, but it’s not a guarantee they will be.

And it wouldn’t be caught quickly or maybe even ever if they opted to use hashes instead of just showing who voted and when.

Mods can already see voting data, at least through the API on the latest version of Lemmy.

I know, it’s a really big problem here and on the Fediverse in general because people get so outraged and entitled over something that just is the way things are, this wouldn’t work any other way.

Except ActivityPub data is by in large already not private, it is handed out to any tom dick and harry who run a server and have subscribed to actors on this one, and most of the time, it doesn’t even really require extra authorization. That is fundamentally how ActivityPub and federation work, but you can’t have any expectation of privacy in this system when it comes to the content shared. Expecting it to be private because it’s labeled is as dumb as expecting your website not to get scraped because you said so in robots.txt.

It’s not good practice. Really one shouldn’t be assuming anything is private or some entitlement to privacy on a service where all content you post is made publicly available to any and all linked instances. They miss the point of a federated public forum. If one wants privacy, data must be kept locally only. That’s why Lemmy has local-only communities, the “private” community aspect that many people want just won’t be federated, because you can’t make something like this private otherwise.

That’s almost as bad as using robots.txt to claim sites are private and secure and just whining that people/bots should respect it.

You should assume voter data is fully public and fully open. It otherwise is in the federated ecosystem.

If image embeds aren’t cached by your server they can be abused to gain IP, but that’s a hack, it’s not intended.

The whole concept of the Fediverse as social media is that all the data is public. Stop acting like these servers are giving out private data. This data has never been private, and it never will be. Data like this being shared with any other server is how ActivityPub and the Fediverse work.

you can, names are shown in other frontends like phtn.app.