Please. Captcha by default. Email domain filters. Auto-block federation from servers that don’t respect. By default. Urgent.

meme not so funny

And yes, to refute some comments, this publication is being upvoted by bots. A single computer was needed, not “thousands of dollars” spent.

  • HTTP_404_NotFound@lemmyonline.com
    link
    fedilink
    English
    arrow-up
    138
    arrow-down
    11
    ·
    edit-2
    2 years ago

    Sigh…

    All of those ideas are bad.

    1. Captchas are already pretty weak to combat bots. It’s why recaptcha and others were invented. The people who run bots, spend lots of money for their bots to… bot. They have accessed to quite advanced modules for decoding captchas. As well, they pay kids in india and africa pennies to just create accounts on websites.

    I am not saying captchas are completely useless, they do block the lowest hanging fruit currently. That- being most of the script kiddies.

    1. Email domain filters.

    Issue number one, has already been covered below/above by others. You can use a single gmail account, to basically register an unlimited number of accounts.

    Issue number two. Spammers LOVE to use office 365 for spamming. Most of the spam I find, actually comes from *.onmicrosoft.com inboxes. its quick for them to spin it up on a trial, and by the time the trial is over, they have moved to another inbox.

    1. Autoblocking federation for servers who don’t follow the above two broken rules

    This is how you destroy the platform. When you block legitimate users, the users will think the platform is broken. Because, none of their comments are working. They can’t see posts properly.

    They don’t know this is due to admins defederating servers. All they see, is broken content.

    At this time, your best option is for admin approvals, combined with keeping tabs on users.

    If you notice an instance is offering spammers. Lets- use my instance for example- I have my contact information right on the side-bar, If you notice there is spam, WORK WITH US, and we will help resolve this issue.

    I review my reports. I review spam on my instance. None of us are going to be perfect.

    There are very intelligent people who make lots of money creating “bots” and “spam”. NOBODY is going to stop all of it.

    The only way to resolve this, is to work together, to identify problems, and take action.

    Nuking every server that doesn’t have captcha enabled, is just going to piss off the users, and ruin this movement.

    One possible thing that might help-

    Is just to be able to have an easy listing of registered users in a server. I noticed- that actually… doesn’t appear to be easily accessible, without hitting rest apis or querying the database.

    • Dessalines@lemmy.ml
      link
      fedilink
      English
      arrow-up
      67
      arrow-down
      3
      ·
      2 years ago

      This is all 100% correct. People have already written captcha-bypassing bots for lemmy, we know from experience.

      The only way to stop bots, is the way that has worked for forums for years: registration applications. At lemmy.ml we historically have blocked any server that doesn’t have them turned on, because of the likelihood of bot infiltration from them.

      Registration applications have 100% stopped bots here.

      • eyy@lemm.ee
        link
        fedilink
        English
        arrow-up
        29
        arrow-down
        4
        ·
        edit-2
        2 years ago

        You’re right that captchas can be bypassed, but I disagree that they’re useless.

        Do you lock your house? Are you aware that most locks can be picked and windows can be smashed?

        captchas can be defeated, but that doesn’t mean they’re useless - they increase the level of friction required to automate malicious activity. Maybe not a lot, but along with other measures, it may make it tricky enough to circumvent that it discourages a good percentage of bot spammers. It’s the “Swiss cheese” model of security.

        Registration applications stop bots, but it also stops legitimate users. I almost didn’t get onto the fediverse because of registration applications. I filled out applications at lemmy.ml and beehaw.org, and then forgot about it. Two days later, I got reminded of the fediverse, and luckily I found this instance that didn’t require some sort of application to join.

        • HTTP_404_NotFound@lemmyonline.com
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          2
          ·
          2 years ago

          Don’t read the first sentence, and then glaze over the rest.

          I am not saying captchas are completely useless, they do block the lowest hanging fruit currently. That- being most of the script kiddies.

      • Stovetop@lemmy.ml
        link
        fedilink
        English
        arrow-up
        22
        ·
        2 years ago

        But even then, however, what’s to stop an army of bots from just ChatGPTing their way through the application process?

        I went to a website to generate a random username, picked the first option of polarbear_gender, and then just stuck that and the application questions for lemmy.ml into ChatGPT to get the following:

        I want to join Lemmy.ml because I’m really into having meaningful discussions and connecting with others who have similar interests. Lemmy.ml seems like a great platform that fosters a diverse exchange of ideas in a respectful way, which I like.

        When it comes to the communities I’d love to be a part of, I’m all about ones that focus on environmental conservation, wildlife preservation, and sustainability. Those topics really resonate with me, and I’m eager to jump into discussions and learn from fellow passionate folks.

        As for my username, I chose it because I’ve got respect for polar bears and how they live with the environmental challenges they face. And throwing in “gender” is just my way of showing support for inclusivity and gender equality. Building a more just and fair society is important to me.

        I don’t know the full criteria that people are approved or declined for, but would these answers pass the sniff test?

        I’m just worried that placing too much trust in the application process contributes to a false sense of security. A community that is supposedly “protected” from bots can be silently infiltrated by them and cause more damage than in communities where you can either reasonably assume bots are everywhere, or there are more reliable filtering measures in place than a simple statement of purpose.

        • HTTP_404_NotFound@lemmyonline.com
          link
          fedilink
          English
          arrow-up
          0
          arrow-down
          2
          ·
          2 years ago

          As I said in my post-

          There are very intelligent people who make lots of money creating “bots” and “spam”. NOBODY is going to stop all of it.

          The only way to resolve this, is to work together, to identify problems, and take action.

          If I decide I want to write spam bots for lemmy- there isn’t much that is going to stop me. Even approvals, aren’t hard to work around. Captchas are comically easy to get past. Registered emails? Not a problem either. I can make a single valid email, and then re-use it once on every single instance. Writing a script that waits for approvals, is quite easy.

            • imaqtpie@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              2
              ·
              edit-2
              2 years ago

              Btw, what’s the deal with your instance? I noticed you’re from one of the original servers from 4 years ago. Do you know why it was founded or can you direct me to some information?

              I’m from the reddit migration, although a bit more experienced than most (having been here over 2 weeks makes me a unicorn on my server).

              I’d like to spread some more knowledge about the history of the platform and what kind of different servers are out there. Problem is, I don’t have any knowledge! Help!

                • imaqtpie@sh.itjust.works
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  2
                  ·
                  2 years ago

                  Ah, I see. So tchncs.de hosts other federated platforms, and someone probably decided to set up a Lemmy site when it was originally created 4 years ago. But it was likely pretty empty until the past couple weeks.

                  Ok good to know, I don’t really know about XMPP/Jabber but I like what I see on wikipedia. Thanks!

        • HTTP_404_NotFound@lemmyonline.com
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          2 years ago

          I admin a decent sized facebook group, at 10.8k members currently.

          Luckily, the facebook group is specifically for people living in a certain geographical area. As such, I am able to make questions, only somebody living in the area would know.

          You would be surprised, there are LOTS of spammers who answer all of the questions. (Just- getting the wrong answer on the area-specific questions)

          Duct-cleaning spam has been a real problem. lmao.

      • mohawk@kbin.social
        link
        fedilink
        arrow-up
        4
        ·
        2 years ago

        Wait what’s the difference between the suggested auto block and you historically blocking instances without applications? Is there other criteria you use to determine the block?

        Not saying I know the answer, just curious.

    • eyy@lemm.ee
      link
      fedilink
      English
      arrow-up
      29
      arrow-down
      4
      ·
      2 years ago

      Haven’t you heard of the “Swiss cheese” model of security?

      The best way to ensure your server is protected is to unplug it from the Internet and put it in an EMF-shielded Faraday cage.

      There’s always a tradeoff between security, usability and cost.

      captchas can be defeated, but that doesn’t mean they’re useless - they increase the level of friction required to automate malicious activity. Maybe not a lot, but along with other measures, it may make it tricky enough to circumvent that it discourages a good percentage of bot spammers.

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      5
      ·
      2 years ago

      I disagree. I think the solution is moderation. Basically, have a set of tools that identify likely bots, and let human moderators make the call.

      If you require admins to manually approve accounts, admins will either automate approvals or stop approving. That’s just how people tend to operate imo. And the more steps you put between people wanting to sign up and actually getting an account, the fewer people you’ll get to actually go through with it.

      So I’m against applications. What we need is better moderation tools. My ideal would be a web of trust. Basically, you get more privileges the more trusted people that trust you. I think that should start from the admins, then to the mods, and then to regular users.

      But lemmy isn’t that sophisticated. Maybe it will be some day, IDK, but it’s the direction I’d like to see things go.

      • tetris11@lemmy.ml
        link
        fedilink
        English
        arrow-up
        10
        ·
        edit-2
        2 years ago

        HackerNews does something similar where new users don’t have the ability to down vote until they have earned enough upvotes from other users.

        We could extend that, and literally not allow upvotes to properly register if the user is too new. The vote would still show on the comment/post, but the ranking of the comment/post will only be influenced by seasoned users. That way, users could scroll down a thread, see a very highly upvoted comment bang in the middle, and think for themselves “huh, probably bots”.

        Very hierarchical solution, heavily reliant on the mods not playing favourites or having their own agenda.

        • sugar_in_your_tea@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 years ago

          heavily reliant on the mods

          As any solution to this sort of problem should be, IMO.

          If the mods suck, then go make another community. If enough of the mods are good, they can be a huge part of the solution. I’m envisioning this:

          1. users report other users
          2. mods ban users based on reports, if the reports have merit
          3. admins block instances based on reports from mods, if the reports are consistent

          Transparency keeps the mods honest, or at least allows users in the community to name and shame bad mods.

          Some automated tools to help mods out are always welcome.

      • HTTP_404_NotFound@lemmyonline.com
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 years ago

        I disagree. I think the solution is moderation.

        But- that is basically agreeing with the context of what I said.

        So I’m against applications.

        I don’t like them either, but, the problem is, I don’t have ANY other tools at my disposal for interacting with and viewing the other users.

        What we need is better moderation tools.

        Just a way to audit user activity and comments would be a big start. I honestly cannot find a method for doing this via the UI. Having to resort to querying the database just to dig up details.

          • HTTP_404_NotFound@lemmyonline.com
            link
            fedilink
            English
            arrow-up
            0
            ·
            2 years ago

            Well, I dug around and built a pretty simple webassembly GUI for lemmy just now-

            It would appear, the API is actually missing easy ways to just… query users, and actions. However, skipping past the lemmy api and going directly to the database, is easy enough.

            And, from there, its pretty easy to run each user’s post history through say, a piece of ML, which detects the potential for spam, and reports on the highest risk users.

            • sugar_in_your_tea@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              1
              ·
              2 years ago

              I wonder how hard that would be to throw into a separate service? We could probably set up a replica of the main db to run the ML algo against and ship it as an optional add-on service.

              Admins could then set it to update the model on some schedule and to flag likely spammers/scammers.

              Sounds feasible.

              • HTTP_404_NotFound@lemmyonline.com
                link
                fedilink
                English
                arrow-up
                2
                ·
                2 years ago

                Querying users, is actually extremely easy.

                Query users, posts, and then performing sentiment analysis, is also extremely easy.

                (From the database- that is)

                The API is a bit limited.

                I am messing around with the database right now… and… well, it maintains a LOT of data.

    • homesnatch@lemmy.one
      link
      fedilink
      English
      arrow-up
      6
      ·
      2 years ago

      Captcha is like locking your car… There are still ways to get in, but it blocks the casual efforts.

      I review my reports. I review spam on my instance. None of us are going to be perfect.

      Do you review upvote bots? The spam is an easily replaceable account, the coordinated army of upvote bots may be harder to track down.

  • 2xsaiko@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    119
    arrow-down
    4
    ·
    2 years ago

    As someone with his own email domain, screw you for even thinking about suggesting domain filters.

    • TWeaK@lemm.ee
      link
      fedilink
      English
      arrow-up
      48
      arrow-down
      1
      ·
      2 years ago

      Blacklist domain filters are fine, it’s whitelist domain filters that get small personal domains.

        • Azzu@feddit.de
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          2 years ago

          You could just make a simple duplicate email check with special special handling of gmails + and . behavior, and notify the user if they try to create an account for an already registered email.

          • vapeloki@lemmy.ml
            link
            fedilink
            English
            arrow-up
            8
            ·
            2 years ago

            This is not “gmails” behavior. This is called “verb” and it is one of the best things ever. I only use verb for signing up at stuff. So, i can sort, and know when someone misuses my mail address.

            And, if i would need to create an alt, to post stuff, that i don’t want somebody do bring in connection with me (TIFU, NSFW, whatever you like) i would use verb.

    • chiisana@lemmy.world
      link
      fedilink
      arrow-up
      38
      ·
      2 years ago

      This right here.

      Op, if you’re not ready to moderate, don’t spin up your own server or do your own private instance. If you’re going to moderate, do it properly and don’t spew bad ideas while hiding behind a dumb “alert” throwaway.

      • T156@lemmy.world
        link
        fedilink
        arrow-up
        16
        ·
        2 years ago

        To be honest, I’m surprised that that username was allowed (or not reserved). It seems like it would introduce a risk where people could pose as Lemmy developers or something along those lines.

        • chiisana@lemmy.world
          link
          fedilink
          arrow-up
          17
          ·
          2 years ago

          Lemmy is very “open” right now; some might say by design, other might say flawed. OP is maybe coming from a good place and actually wants to help, but instead of doing it tactfully, OP is becoming the exact thing they’re advocating against — a spammer posting garbage.

          • imaqtpie@sh.itjust.works
            link
            fedilink
            arrow-up
            3
            arrow-down
            1
            ·
            2 years ago

            Meh, at least it’s driving engagement. There’s going to be friction for the time being as people are all mixed together into these communities. I’m sure plenty of casuals were engaged by this post, as it has over 1k upvotes.

            But yeah I didn’t even notice his username is alert. I’m still on high alert for Reddit shills trying to destabilize this platform, though. Just say the word and I’ll come over and verbally defenestrate any shill that might appear.

    • tal@kbin.social
      link
      fedilink
      arrow-up
      12
      ·
      2 years ago

      I’m not really enthusiastic about email filters either, from a privacy standpoint. Plenty of companies that go harvest email addresses to link identities to activity. And even if the instance admin isn’t doing that, it’s one more thing that someone could break into a server and swipe.

      If the CAPTCHA can’t handle it, then it ain’t doing its job.

      • le__el@lemmy.world
        link
        fedilink
        arrow-up
        17
        ·
        2 years ago

        Actually, hello.1@gmail will go to hello1@gmail.

        The one you are thinking I believe is hello+1@gmail will go to hello@gmail

        • muffedtrims@lemmy.world
          link
          fedilink
          arrow-up
          7
          ·
          2 years ago

          Correct, Gmail essentially doesn’t “see” dots hello@gmail is the same as h.e.l.l.o@gmail

          hello+anything@gmail will also be delivered to hello@gmail. This is great for signing up for mailing lists or subscriptions then creating a filter afterwards to do with it what you please.

          • tool@r.rosettast0ned.com
            link
            fedilink
            arrow-up
            1
            ·
            2 years ago

            Correct, Gmail essentially doesn’t “see” dots hello@gmail is the same as h.e.l.l.o@gmail

            There’s one exception to that. If you originally created the email address with a dot in it, as in, signed up for gmail as “hello.2@gmail.com,” it’s treated as a literal character in the username portion and is required.

        • gkd@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          2 years ago

          Ahh, yea that’s right. Regardless, just all the more reason that it’s kind of silly to do what OP is talking about. Sure, you could filter out the + signs as well but overall it’s a pretty pointless implementation.

    • cstine@lemmy.uncomfortable.business
      link
      fedilink
      arrow-up
      5
      arrow-down
      5
      ·
      2 years ago

      No, you’ve (maybe) limited your singular solitary instance’s growth: your instance is not “Lemmy” and admins should do whatever they find works for them, is something they can easily enforce, and resolves the problem.

      If you want to geoip limit signups to Skokie, Illinois? Great! If it works for you and keeps your instance from being The Problem, then it’s a valid solution.

      (I don’t disagree that email domain blocks are not a singular solution to any abuse problem, but I also think that whatever works for the individual admin is perfectly reasonable, and email blocks CAN be worthwhile.)

    • Shinhoshi@infosec.pub
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      24
      ·
      2 years ago

      BTW, it might be more inclusive language to use “allow list” and “block list”

      • TrueDahn@lemmy.ml
        link
        fedilink
        English
        arrow-up
        17
        arrow-down
        2
        ·
        2 years ago

        I can’t imagine being so obsessed with race politics as to think that purely technical terms like “white list” and “black list”, which have never had any connection to race relations whatsoever, are somehow non-inclusive.

  • draughtcyclist@programming.dev
    link
    fedilink
    English
    arrow-up
    48
    ·
    2 years ago

    Everyone is talking about how these things won’t work. And they’re right, they won’t work 100% of the time.

    However, they work 80-90% of the time and help keep the numbers under control. Most importantly, they’re available now. This keeps Lemmy from being a known easy target. It gives us some time to come up with a better solution.

    This will take some time to sort out. Take care of the low hanging fruit first.

    • InfiniteFlow@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      2 years ago

      Plus, if this becomes the “bot wild west” at such an early stage, the credibility hit will be a serious hindrance to future growth…

  • vapeloki@lemmy.ml
    link
    fedilink
    English
    arrow-up
    43
    ·
    2 years ago

    First of all: I’m posting this from my .ml alt. Because i can not do it from my .world main. That i can’t do it, i found out just because i was waiting for a response on a comment where is was sure that the OP would respond. After searching, i found out that my comment and my DM’s never where federated to .ml.

    So, that said: I’m all for defederating bad instances, i’m all for separation where it makes sense. BUT:

    • If an instance is listed on join-lemmy, this should work as the normal user would expect
    • We are not ready for this yet. We are missing features (more details below)
    • Even instances that officialy require applications, can be spam instances (admins can do what ever they want), so we would need protection against this anyways. Hell, one could just implement spam bots that talk directly federation protocol, and wouldn’t even need lemmy for this …

    Minimal features we need:

    • Show users that the community they try to interact with is on a server that defederated the users instance
    • Forbid sending DM’s to servers that are not fully federated

    Currently, all we do is: Make lemmy look broken

    And before someone starts with: “Then help!”, i do. I do in my field of expertice. I’m a PostgreSQL Professional. So i have build a setup to messure the lemmy SQL performance, usage patterns, and will contribute everything i can to make lemmy better.

    (I tried rust, but i’m to much C++ guy to bring something usefull to the table beyond database stuff, sry :( )

    • Taxxor@lemm.ee
      link
      fedilink
      English
      arrow-up
      16
      ·
      edit-2
      2 years ago

      Show users that the community they try to interact with is on a server that defederated the users instance

      Not only that, also show users when comments in any community are made by users from an instance that your instance defederated.

      Because you(instance A) may very well only be able to see half of the comments in a thread of a community of instance B because half of them were made by users of instance C which instance A defederated.

      Right now the comments just don’t get copied to your instance at all, which also leads to followup comments not being visible even if they are not from defederated instances.
      Instead I’d like everything to be copied and then flagged based on defederations. Just don’t show the original content and instead show a hint that a comment can’t be seen because of defederation would be enough.
      At least that way we know that we’re missing something.

      Because simply not showing it also leads to confusion why you see less comments than other users on another instance.

      And this goes both ways. The user from the other instance(who can still see your comment because his instance didn’t defederate yours) should also see that I’m from an instance that defederated his instance directly by looking at my post before commenting, maybe in form of a symbol or a note next to my username, so that he knows it doesn’t make any sense to comment on my post.

    • retiolus@lemmy.cat
      link
      fedilink
      arrow-up
      5
      ·
      2 years ago

      Interesting, I hadn’t thought of that. I guess it’s technically possible to post on a community without even having an account on any server…?

  • jollyroger@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    44
    arrow-down
    3
    ·
    edit-2
    2 years ago

    The admin https://lemmy.dbzer0.com/u/db0 from the lemmy.dbzer0.com instance possibly made a solution that uses a chain of trust system between instances to whitelist each other and build larger whitelists to contain the spam/bot problem. Instead of constantly blacklisting. For admins and mods maybe take a look at their blog post explaining it in more detail. https://dbzer0.com/blog/overseer-a-fediverse-chain-of-trust/

    • star_boar@lemmy.ml
      link
      fedilink
      English
      arrow-up
      19
      ·
      2 years ago

      db0 probably knows what they’re talking about, but the idea that there would be an “Overseer Control Plane” managed by one single person sounds like a recipe for disaster

      • jollyroger@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        8
        arrow-down
        1
        ·
        edit-2
        2 years ago

        I hear you. For what it’s worth it is mentioned in the end of the blog post, the project is open source, people can run their own overseer API and create less strict or more strict whitelists, instances can also be registered to multiple chains. Don’t mistake my enthousiasm for self run open social media platforms for trying to promote a single tool as the the be-all and end-all solution. Under the swiss cheese security model/idea, this could be another tool in the toolbox to curb the annoyance to a point where spam or bots become less effective. Edit: *The be-all and end-all *not be and end all solution

        • prlang@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          2 years ago

          Couldn’t agree more. I gatta say though I kinda find it funny that the pirate server is coming up with practical solutions for dealing with spam in the fediverse. I guess it shouldn’t though, y’all have been dealing with this distributed trust thing for a while now eh?

          • FlowerTree@pawb.social
            link
            fedilink
            English
            arrow-up
            2
            ·
            2 years ago

            When you’re a swashbuckling pirates in the lawless seven seas, you gotta come up with clever ways to enforce your ship’s code of conduct.

    • Ech@lemmy.world
      link
      fedilink
      English
      arrow-up
      17
      arrow-down
      3
      ·
      2 years ago

      So defeating the point of Lemmy? Nah, that’s a terrible “solution” that will only serve to empower big servers imposing on smaller or even personal one’s.

      • prlang@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        2 years ago

        It’s probably the opposite. I’d say that right now, the incentives for a larger server with an actual active user base is to move to a whitelist only model, given the insane number or small servers with no activity but incredibly high account registrations happening right now. When the people controlling all of those bot accounts start flexing their muscle, and flooding the fediverse with spam it’ll become clear that new and unproven servers have to be cut off. This post just straight up proves that. It’s the most upvoted Lemmy post I’ve ever seen.

        If I’m right, and the flood of spam commeth then a chain of trust is literally the only way a smaller instance will ever get to integrate with the wider ecosystem. Reaching out to someone and having to register to be included isn’t too much of an ask for me. Hell, most instances require an email for a user account, and some even do the questionnaires.

        • Ech@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          2 years ago

          When those "someone"s are reasonable, sure, it won’t be bad, but when they’re not? Give the power of federation to a few instances, and that’s not just a possibility, but an inevitability.

          We already know Meta is planning to add themselves to the Fediverse. Set down this path and the someone deciding who gets access and how will end up being Zuck, or someone like him. That sound like a good future to you?

          • prlang@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            2 years ago

            Sorry for the late response, I fell asleep.

            Yeah I’m concerned about that too. It really doesn’t matter what anyone does if a group the size of Meta joins the fediverse though. They have tens of thousands of engineers working for them, and billions of users, they can do whatever the hell they want and it’ll completely swamp anyone else’s efforts.

            Zuck wanting to embrace, extend, and extinguish the ActivityPub protocol is a separate issue though. The way a chain of trust works, when you grant trust to a third party, they can then extend trust to anyone they want. So for instance, if the root authority “A” grants trust to a second party “B”, then “B” can grant trust to “C”, “D”, and “E”. If “A” has a problem with the users of “E”, the only recourse he has is to talk to “B” and try to get them to remove “E”, or ban “B” through “E” altogether. I think we can both agree that the latter action is super drastic, it mirrors what Behaw did, and will piss a lot of people off.

            So if you run that experiment, and any particular group can become a “root” set of authority for the network, I’d speculate that the most moderate administrators will likely end up being the most widely used over time. It’s kinda playing out like that at a small scale right now with the Behaw/Lemmy.world split. Lemmy.world is becoming the larger instance, Behaws still there but just smaller and more moderated.

            People can pick the whitelists they want to subscribe to. Who gets to participate in a network really just comes down to the values of the people running and participating in it. A chain of trust is just a way to scale people’s values in a formal way.

    • lukas@lemmy.haigner.me
      link
      fedilink
      English
      arrow-up
      10
      arrow-down
      1
      ·
      2 years ago

      Neat, but I appreciate the email model of spam protection more than simple dumb whitelists. I won’t list my domain on any whitelist as whitelists discourage what Lemmy needs the most: People who run their own instances. At the end of the day, spammers will automate the process of listing themselves, and the person who runs their own instance has to go around doing everything manually.

      • prlang@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        1
        ·
        edit-2
        2 years ago

        The blog post dives into how it’s hard for spammers to automate adding themselves onto the whitelist because its a chain of trust. You have to have an existing instance owner to vouch for you, which they can revoke at any time. A spammer couldn’t do things like run a “clean” instance, and then whitelist off that, because presumably someone would try to contact the owner of the presumed “clean” instance to get them to remove the spam. When they don’t respond, or only partially address the issue, it’s possible to pull rank and contact the person further up the chain of trust.

        In short, it’s real people talking to each other about spam issues, but in a way that scales so that an owner of one instance doesn’t need to personally trust and know every other instance owner. It should allow for small single user instances to get set up about as easily as any other instance. Everyone has to know and talk to someone along the chain.

        The real downside of the system is that people are human, and cliques are going to form that may defederate swathes of the fediverse from each other. I kinda think that’s going to happen anyways though.

        A chain of trust is the best proposal I’ve seen for addressing the scaling issues associated with the fediverse. I’m not associated with that guy at all, just saying I like his idea.

        – edit

        On second thought, getting your instance added to the chain of trust is literally no more difficult than signing up for an instance with a questionnaire. It’s basically that but at the instance level instead of the user level.

        • star_boar@lemmy.ml
          link
          fedilink
          English
          arrow-up
          3
          ·
          2 years ago

          Regarding your edit, it can’t be that easy since spammers could just generate thousands of AI-written responses to questionnaires

          • prlang@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            2 years ago

            Right, an instance owner has to endorse another on an ongoing basis though. So for example, if an instance owner named Bob initially trusts a spammer based on a questionnaire, and then that guy immediately generates 100 bot accounts to start spamming with, then Bob can revoke the trust and the spammers instances get defederated.

            You also need to own a domain to run a Lemmy instance. The cheapest of which are only a few dollars a year, which isn’t much but it does put at least some floor on peoples ability to generate instances that’ll just get banned.

            • jarfil@lemmy.ml
              link
              fedilink
              English
              arrow-up
              2
              ·
              2 years ago

              Could it be a subdomain, though? What if a spammer started a “Lemmy instance as a service” on “legit.ml”, and started creating instances on “lemmy.u<number>.legit.ml”? What if some of the instances were actually legitimate, while thousands of others weren’t? What if… oh well, the rabbit hole goes deep on this one.

    • mlaga97@lemmy.mlaga97.space
      link
      fedilink
      English
      arrow-up
      9
      ·
      2 years ago

      Obviously biased, but I’m really concerned this will lead to it becoming infeasible to self-host with working federation and result in further centralization of the network.

      Mastodon has a ton more users and I’m not aware of that having to resort to IRC-style federation whitelists.

      I’m wondering if this is just another instance of kbin/lemmy moderation tools being insufficient for the task and if that needs to be fixed before considering breaking federation for small/individual instances.

      • Raiden11X@programming.dev
        link
        fedilink
        English
        arrow-up
        7
        ·
        2 years ago

        He explained it already. It looks for a ratio of number of users to posts. If your “small” instance has 5000 users and 2 posts, it would probably assume a lot of those users would be spam bots. If your instance has 2 users and 3 posts, it would assume your users are real. There’s a ratio, and the admin of each server that utilizes it can control the level at which it assumes a server is overrun by spam accounts.

        • Irisos@lemmy.umainfo.live
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          2 years ago

          The issue is that it could still be abused against small instances.

          For example, I had a bit less than 10 bots trying to signup to my instance today (I had registration with approval on) and those account are reported as instance users even though I refused their registration. Because of this my comment/post ratio per user got a big hit with me being unable to do anything (other than delete those accounts directly from the db).

          So even if you don’t allow spam accounts to get into your instance, you can easily get blacklisted from that list because creating a few dozen thousands account registration requests isn’t that hard even against an instance protected by captcha.

        • mlaga97@lemmy.mlaga97.space
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 years ago

          Okay, so how do you bootstrap a new server in that system?

          What do you do when you just created a server and can’t get new users because you aren’t whitelisted yet?

          But what if you do handful of users to start out, or just yourself? How do become ‘active’ without being able to federate with any other servers? Talk with yourself?

      • prlang@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        2 years ago

        It’s been answered further below. Yeah it’s that one bloke who did it at https://lemmy.dbzer0.com/u/db0 . The projects also open source though, so anyone can run their own Overseer Control server, with their own chain of trust whitelist. I suspect many whitelists will pop up as the fediverse evolves.

  • Aux@lemmy.world
    link
    fedilink
    English
    arrow-up
    39
    arrow-down
    2
    ·
    2 years ago

    Lemmy is just getting started and way too many people are talking about defederation for any reason possible. What is even the point of a federated platform if everyone’s trying to defederate? If you don’t like federation so much, go use Facebook or something.

    • Nerd02@forum.basedcount.com
      link
      fedilink
      English
      arrow-up
      14
      arrow-down
      1
      ·
      2 years ago

      This. Defed is not the magic weapon that will solve all your problems. Captcha and email filters should be on by default though.

      • Aux@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        2
        ·
        2 years ago

        Just to add to that, imagine people would start defeding email. Like WTF is that even? Defed should not even be an option.

        • AgreeableLandscape@lemmy.ml
          link
          fedilink
          English
          arrow-up
          10
          ·
          2 years ago

          imagine people would start defeding email

          There are literally globally maintained blacklists of spam email sources. When people lease a static IP address the first thing to do is to check it against the major email blacklists.

        • krayj@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          1 year ago

          It happens to email ALL THE TIME, we just call it something different when it happens to email. Evaluating email for SPAM potential is an every-day common place occurrence, and for at least the past 10 years, a factor called ‘domain reputation’ is part of the equation. Entire domains get spam blacklisted because they refuse to enforce rules for their users. The end result is that some domains completely refuse to accept mail from some other domains.

          Blacklisting an entire domain can and does happen daily. It just doesn’t have the same triggering ring as the word “defederation” has.

    • Greenskye@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      2 years ago

      My understanding from the beehaw defed is that more surgical moderation tools just don’t exist right now (and likely won’t for awhile unless the two Lemmy devs get some major help). Admins only really have a singular nuclear option to deal with other instances that aren’t able to tackle the bot problem.

      Personally I don’t see defederating as a bad thing. People and instances are working through who they want to be in their social network. The well managed servers will eventually rise to the top with the bot infested and draconian ones eventually falling into irrelevance.

      As a user this will result in some growing pains since Lemmy currently doesn’t offer a way to migrate your account. Personally I already have 3 Lemmy accounts. A good app front end that minimizes the friction from account switching would greatly help these growing pains.

      • Aux@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        1
        ·
        2 years ago

        As a user this will result in some growing pains since Lemmy currently doesn’t offer a way to migrate your account.

        Because you shouldn’t. Just like with other federated systems like e-mail or OAuth/OpenID, you don’t create accounts everywhere, you use ONE account everywhere instead.

        Personally I don’t see defederating as a bad thing.

        You should. Imagine e-mail server admins would start banning other e-mail services based on political or religious views and whatnot, that would fragment e-mail system and eventually destroy it. The only reason to defed other instance if such instance breaks the law. Just like we blacklist fraudulent mail server. Not because we don’t like fraud, but because it’s illegal.

    • Antik 👾@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      edit-2
      1 year ago

      Lemmy.world has rules that are up on https://mastodon.world/about - if posts from other instances do not follow these rules the posts will be deleted and if needed the user will be warned/banned. If there is an entire instance that might be a problem, they might ultimately become defederated. Yes this is the last option, but sometimes it’s also the only option. Mod and admin tools are quite limited currently and there’s just some content we don’t want to be linked with.

      Read more about the defederation of exploding-heads.com here: https://lemmy.world/post/747912

      • Aux@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        EH was not defederated because it broke LW rules, it was defeded because it breaks laws. Defeding a porn instance because LW doesn’t allow porn won’t happen. Defeding a child porn instance will happen for sure.

        You shouldn’t defed some instance because their rules are different, because all rules are different. That will destroy fediverse before it starts. Everyone who disagrees simply doesn’t understand the point of Fediverse.

        • Antik 👾@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Did you read that post? I don’t think you did because that explains the entire reasoning why it was defederated. Had nothing to do with them breaking the law.

          • Aux@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Ok, I guess you’re from Belgium. Tell me one thing - is racism legal in Belgium? Because EH is clearly supporting and endorsing racism. That alone makes it illegal. At least here in the UK. There’s no need to invent some explanation for this specific case.

            • Antik 👾@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              So because the rules we put on lemmy.world also match with laws - it’s because of the laws we decided to not federate with them? Not because we don’t want to deal with that kind of people in general? Because we personally don’t like bigots, racists and homophobes? And it wasn’t because we didn’t want to give them a platform here? Cool, I didn’t know.

  • fubo@lemmy.world
    link
    fedilink
    English
    arrow-up
    23
    ·
    edit-2
    2 years ago

    Look up the origins of IRC’s EFNet, which was created specifically to exclude a server that allowed too-easy federation and thus became an abuse magnet.

    • amitten@normalcity.life
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 years ago

      Wow it’s been so long since I’ve thought about IRC. Does anyone you know still use it regularly?

      • Master@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        3
        ·
        2 years ago

        Yes, people still use it all the time. More people use IRC day to day than they do Lemmy at the moment. Though Lemmy’s numbers are close without the bots. Lemmy will overtake IRC soon if it’s not already. I’ve got a v3 IRC client right here on my desktop.

    • Guy_Fieris_Hair@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 years ago

      What’s the requirement to become federated? Say someone starts their own server, are they able to load it with bots prior to federating then suddenly go online and fuck shit up before they get defederated?

      I guess what I’m asking is there action needed by every instance before they are federated with a new instance. Do the admins of each instance have the opportunity to do their due diligence before federating with someone or is it automatic?

      • fubo@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        2 years ago

        If someone really wants to attack the network, they’ll attack it with custom software, not just by clicking on a lot of buttons in the web UI.

  • archchan@lemmy.ml
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    1
    ·
    2 years ago

    I’m against email domain whitelists and captchas (at the very least Google’s captchas).

  • Cyclohexane@lemmy.ml
    link
    fedilink
    English
    arrow-up
    22
    arrow-down
    3
    ·
    edit-2
    2 years ago

    Auto-block federation from servers that don’t respect.

    NO! Do NOT defederate due to how an instance chooses to operate internally. It is not your concern. You should only defederate if this instance causes you repeated trouble offenses. Do not issue pre-emprive blanket blocks.

    • anteaters@feddit.de
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      2 years ago

      If they choose not to take measures against bots defederation is the only way to keep that wave out of your own instance.

      • Cyclohexane@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        2 years ago

        Do not make assumptions on how other instances are operating. You don’t know what measures they’re taking. If they did not cause you trouble yet, don’t try to predict it by making generalizations. It creates an echo chamber Internet.

    • o_o@programming.dev
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      2 years ago

      Agree! Defederation is a nuclear option. The more we do it, the more we reduce the value of “the fediverse”, and the more likely we are to kill this whole project.

      I think defederation should only be a consideration if an instance is consistently, frequently becoming a problem for your instance over a large period of time. It’s not a pre-emptive action.

  • stupidmanager@insane.dev
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    1
    ·
    2 years ago

    for larger instances, this makes sense. For us smaller instances, just add a custom application requirement that isn’t about reddit. though i’ll be adding captcha too if they keep at it (every hour, 2 bots apply).

    I’ve seen bots trying to create accounts, it’s the same boring message about needing a new home because “random reason about reddit”. I’ll borrow a quote from Mr Samuel Jackson: “I don’t remember asking you a god damn thing about reddit”… and application is denied.

    • Clompsh@mander.xyz
      link
      fedilink
      English
      arrow-up
      6
      ·
      2 years ago

      I mentioned Reddit in an application. I feel like that would come up in legitimate applications at the moment. Is it easy to tell the bots from actual applicants?

      • stupidmanager@insane.dev
        link
        fedilink
        English
        arrow-up
        4
        ·
        2 years ago

        In my case, yes. I asked for a reason written in code (working or not). Since I intend to be a DevOps focused instance, there’s no excuse. Most humans would read the application and I don’t feel bad for denying based on this requirement.

        Also helps that after 8 of those bots apps, the message is very similar. If there was a human in that mix, they can dm me and ask for reconsideration.

      • Clompsh@mander.xyz
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 years ago

        I somehow missed your first bit about asking for it specifically to not be about reddit. That makes sense.

    • ඞmir@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 years ago

      I asked exactly that to get on here… I saw about it on Reddit and said I want to try an alternative to Reddit. This will get more real humans than bots blocked.

    • Roggie@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 years ago

      actually needing a new home from reddit is the exact terminology I used. That doesn’t mean bots lmao

  • Phantom_Engineer@lemmy.ml
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    3
    ·
    2 years ago

    Isn’t this what all you lemmy-worlders got mad at Beehaw for doing? I don’t think it’s unreasonable to ask for a small statement from people as an anti-spam measure (a sort of advanced captcha), though of course the big problem there is reviewing all the applications in a timely manner. Still, I think there’s room for more and less exclusive instances. The tools are there for instance owners to protect their instances however they choose.

    • clausetrophobic@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      2 years ago

      We already have existing anti-bot measures in the world that don’t involve writing a lame sentence. Also, it’s very easy to spoof an introductory sentence. You could train a fairly small language model to do so.

    • eyy@lemm.ee
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 years ago

      Beehaw got their knickers in a twist because of some spammers, back when lemmy.world and shitjustworks had… maybe 30,000 registered users in total. The solution there was adding more moderators. You don’t chop your leg off because you got a few papercuts.

      If you look at the volume of bots (some instances went from hundreds of users to >12,000 overnight), that’s potential for worry. There’s ~500,000 bot accounts sitting out there waiting to be activated. No amount of moderators can block that fast enough, and that’s when de-federation should be an option.

  • tyfi@wirebase.org
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    1
    ·
    2 years ago

    Mine got blown up a day or two ago before I had enabled Captch. About 100 accounts were created before I started getting rate-limited (or similar) by Google.

    Better admin tools are definitely needed to handle the scale. We need a pane of glass to see signups and other user details. Hopefully it’s in the works.

  • Taubin@lemmy.ml
    link
    fedilink
    English
    arrow-up
    8
    ·
    2 years ago

    Auto-block federation from servers that don’t respect.

    What does this mean?