We have temporarily locked posting on AskLemmy until the CSAM posting stops.
You must log in or register to comment.
CSAM? What is CSAM? Is it a rewrite of “scam”?
Googles…
Oh no. Oh no no no. Why are people so fucking shit?
Today is a bad day to be named Sam.
See Sam.
See Sam run.
See Sam run down to the appropriate bureaucratic office to change their name to something else.
Doesn’t lemmy allow the communities to only allow text as posts? Could be a future feature
I feel like this is an underrated idea. Resonates with the whole thing of making a subset of the internet simpler and just like documents, as with the simpler protocols like Gemini etc.
That would still allow links to be posted. Better than allowing image posts, but not a complete solution.
It prevents concerns about hosting CSAM posted by someone else. A categorical improvement I’d say. But yes, nothing’s perfect.
Lemmy.world is hosted on Cloudflare and Cloudflare has tools to prevent CSAM uploads. https://blog.cloudflare.com/the-csam-scanning-tool
Important note, this feature is only available for US customers.
Also important to note: this feature will only really work against real CSAM. The images that were posted to this community weren’t real CSAM but were pictures/gifs of adult models, with titles/captions that would imply they were CSAM. I don’t think Cloudflare can do much about those.
At least, the handful of posts that I saw were like this. I’m doubtful that the guy doing this is uploading actual CSAM to the clearnet.
I hope you’re right, because as someone that sometimes browses by new I keep seeing it and it’s upsetting as fuck to think it could be real.
It’s weird they’re targeting asklemmy communities in particular, I don’t think the .ml and .world communities are even related are they?
Well… it seems there’s some issue with post removal federation. There’s still 2 posts visible from my home instance.
And now it’s definitely cached on our instance. And every other instance with pict-rs enabled.
This is what makes me scared of self hosting an instance. I would basically be hosting it. And I would be responsible for such content.Might be worth mentioning on !fediverse@lemmy.world
Ok, this is interesting. There was one just posted to !asklemmy@lemmy.ml, but it got removed from my instance as well.
The account looks deleted from lemm.ee, not found on lemmy.world, banned on lemmy.ml, and empty on lemmy.dbzer0.com.
Perhaps it’s account deletion that doesn’t federate properly.account deletion does not federate in general, only banning (+ content removal) does
I suggest limiting new accounts from uploading photos for 3 days, to prevent abuse.
3 days should be enough to make most people think twice before doing something so stupid, harmful and illegal. Most users don’t upload photos right as they sign up anyway so this effect to legitimate use should be negligible.
that doesn’t do anything, they’ll just register accounts in advance and wait some days.
we’ve even had spam recently from accounts that had been dormant for months, although it was a different kind of spam.
Is there a way AskLemmy and other major communities could prevent new users from making posts in the future?
Like an account has to be over a month old to post for example. Maybe that could help prevent these kinds of disgusting attacks
I don’t know if Lemmy has a moderator tool available that could do something like that though.
I don’t quite like that idea. It’s something I really hated on Reddit. It just discourages new people from joining. Besides, you could self host an instance with accounts claiming to be made in 1970.
Good point. I didn’t think about how easy that would be to fake.
That said I would still prefer it to some subreddit’s cryptic karma requirements. If it worked I mean.
And here’s the spot where I point out that using a blockchain for recording accounts would be a good technological fit for a decentralized system like the Fediverse, and then get pilloried for being a “cryptobro” or whatever.
Seriously, all that you’d need to use the blockchain for would be a basic record of “this account holder has this name on that instance” and you get all sorts of unspoofable benefits from that. No tokens, no fancy authentication if you don’t want it, just a distributed database that you can trust.
I’m not saying you’re wrong but why would this be the first time blockchain stopped illegal activity instead of facilitating it? It like 15 year-old tech and hasn’t made a significant impact outside of niche projects like cryptocurrencies.
To the first, there are a vast number of legal applications for blockchains.
To the second, it’s not the same tech as it was 14 years ago. There have been a lot of advancements over that period.
If you trace ActivityPub’s lineage back to its origin, it’s 14 years old too - it started as OpenMicroBlogging in 2009. It then became OStatus, which became standardized as ActivityPub. It’s barely the same thing any more. The same thing has happened with blockchains, the version of Bitcoin that launched in 2009 is nothing like the cutting-edge stuff like Ethereum is these days.
Putting aside that this use case doesn’t meet the five requisites for block chain use, the fediverse in general and Lemmy is already struggling with too much data being stored and moved.
Searching for “the five requisites for blockchain use” isn’t finding anything relevant, what requisites do you mean?
This wouldn’t be storing more data, it would be storing existing data. It would just be putting it somewhere that can be globally read and verified.
How do you store data in a decentralised way without have many redundant copies? The decentralisation of Blockchain is from many machines maintaining their own copy of the entire history. The entire xo dept I herebtly stores more data. Your suggestion is to literally store more data, claiming it won’t store more data only suggests you don’t know how blockchain works.
And that’s not even including any overhead of implementing a Blockchain in the first place. Or the fact you’ll be storing data on literally every user even if they never interact with your instance, pr even if their instance is entirely blocked from yours. And there’s no way around that, if you do manage to selectively store some subset of users then when you do need to include that data you’re trusting the subset of maintainers who do have that user’s data which, initially, is only the user’s home instance so we’re back to square one.
Yes, my point is that that sort of thing is exactly what blockchains are for. They handle all of that already. So there’s no need for Fediverse servers to reinvent all of that, they can just use existing blockchains for it.
As someone (who’s not a fan of the fediverse) put it to me:
Fediverse is web2.5, worst of both web2.0 and web3.0.
I think there’s something to that. So instilled in the fediverse’s makers is web2.0 that I’m not entirely sure their solutions can be trusted in the long term.
It makes sense that down the line, when bitcoin and crypto hype finally settles into knowing what’s actually useful, some sort of cryptographic mechanisms will become normal in decentralised tech. BlueSky may make this mainstream.
That’d be nice. Personally, I think the tech is just about ready - Ethereum has solved its environmental issues with proof-of-stake, and has solved its transaction cost issues with rollup-based “layer 2” blockchains. At this point I think the main obstacle is the knee-jerk popular reaction to anything blockchain-related as being some kind of crypto scam. I’m actually quite pleasantly surprised that I haven’t been downvoted through the floor for talking about this here so perhaps there’s a light at the end of the tunnel.
I personally have the knee-jerk reaction. I don’t understand anything you’re saying about blockchain. I’ve heard of farcaster (if you haven’t you might be interested) and nostr (ditto) but don’t know how they work.
The lack of mega downvotes, I’d guess, comes from the fact that people here appreciate the value of decentralisation and also can imagine from experience that a better system is possible than the relatively clumsy “let’s just send copies and requests everywhere”.
In the end I don’t know. But I can see the decentralised social web being where cryptographic technology finds its mainstream landing (BlueSky, like I said, being an interesting space to watch as its the middle ground on that front).
I could try explaining in more accessible terms, if you like. I actually enjoy discussing this stuff but I don’t want to derail the thread or sound like I’m evangelizing.
I think solutions like this are best handled entirely on the back end, the general user wouldn’t even need to know a blockchain was involved. The blockchain would just be a data provider that the instance software is using behind the scenes to track stuff. Just like how a general user has no need to understand how the HTTPS protocol actually operates, they just point their web browser at an address and the technical details are handled behind the scenes.
i thought dbzer0 already had a tool for this
Jesus, it’s still going on? I’ve kept away since seeing posts about it a couple days ago, but seriously, what the fuck?
