This is a topic that i’ve been meaning to start a discussion about but haven’t had a chance due to the level of detail i’d like to provide.

I will also be posting the current logic of how vote counts are counted and also publish the code that i use for the counting.

Without going too much into detail today when votes are counted theres a few things that the logic accounts for.

1. It only counts votes at the first level (meaning anyone that replies to a vote with their vote gets their vote discarded)
2. In the event someone tries voting more than once, only the first vote gets counted, the others get discarded.
3. Users who join after the voting post is made do not get their votes counted. You must have had your account active prior to the vote post
4. External and local users get separated and counted separately.

In the future, and this is the part i’d like to discuss more in detail on another thread, is whether we factor in someone’s reputation. Lemmy currently collects a post and comment score for every user. This score is essentially = to how many upvotes your post or comments have gotten. Additionally the number of post and comments also get tracked. I’d like to see if there would be a method to use this data in order to determine if an account should have the ability to vote. This does alienate the lurkers but they don’t typically vote anyway unless its something that could affect them.

When I have some extra time i’ll post a detailed post on this so that those of you who have an overachiever mindset can provide your 2 cents.

What if I have multiple people in my household who want to vote? One vote per IP address would not allow for this. And as others have pointed out, sophisticated users can get around the IP restriction.

I think putting up even small hurdles would drastically cut down on the bot problem. I outlined one idea here: https://sh.itjust.works/comment/455909

It is basically go out and solve a CAPTCHA, then vote, pasting in a url with your vote that verifies you solved the CAPTCHA. A script should be able to verify that the url is indeed for the user who cast the vote. It is not a bulletproof method, but raises just enough of a hurdle that is would be hard for bots, but realitivly easy for humans (we’d want an audio version or other alternative for the visually impaired; I’m not sure what the state of the art is).

Doesn’t solve the problem of one real person operating several alts. Frankly, I don’t know how important that is to solve.

Yeah, I don’t turn my vpn off, period.

Not that it matters. If this instance gets enough fake accounts just to game voting in this single community, we’re fucked. You get that many fakes and moderation becomes a full time job. Lemmy doesn’t have the tools to cope with it on a moderator level (and from what the admin of pond of the bot attacked instances said, the admin tools are weak as well).

This just makes voting a pain in the ass. Add in a rule about writing a coherent sentence along with your vote, and you’ll reduce fakes without the need to leave the app/page, or deal with VPN usage invalidating the ability to participate.

Democracy takes work.

Using an off-site tool for voting trades our current problems for others. We would have no way to limit voting to only users of this instance, allowing anyone to brigade our votes.

Basically, the same problem as a single user making 100s of accounts to manipulate a vote.

I think instead we need to limit voting to user accounts of a certain age, and with X number of comments. We can all help with this by reporting accounts that are too young, or appear to have bot generated comments.

Until new tools are developed and built into Lemmy for voting, we’ll all have to chip in. Because…

Democracy takes work.

What if 300 students sharing an IP from the same dorm want to vote, should 299 of them be ignored?