I have been working on Lemvotes, a tool to check who voted on a Lemmy post. In this blog post, I will describe how it works and the ethics of such a tool.
Compare your actions to releasing a 0-day exploit for a security vulnerability instead of responsibly disclosing. It doesn’t help, it just causes chaos until the people who do the actual work can figure out a solution.
This comparison is not fair at all. It’s not like the devs are unaware of this. They could start by removing the API endpoint that lists a post’s votes, but they haven’t, which means they seem to think it’s okay for the instance admins to snoop on votes if they so wish.
As I understand it, ActivityPub-compliance basically requires that a vote is tied to an actor. Although, they could have made a dummy actor do it. Maybe they were worried about stopping vote manipulation?
This comparison is not fair at all. It’s not like the devs are unaware of this. They could start by removing the API endpoint that lists a post’s votes, but they haven’t, which means they seem to think it’s okay for the instance admins to snoop on votes if they so wish.
As I understand it, ActivityPub-compliance basically requires that a vote is tied to an actor. Although, they could have made a dummy actor do it. Maybe they were worried about stopping vote manipulation?
That’s how piefed works iirc