this post was submitted on 28 Aug 2023
745 points (97.1% liked)

Memes

45581 readers
1874 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
top 50 comments
sorted by: hot top controversial new old
[–] db2@sopuli.xyz 51 points 1 year ago (1 children)

There's always someone who doesn't mind ruining it for everyone else. Probably safest to just delete all the images, that way there's no need to look.

[–] Szymon@lemmy.ca 41 points 1 year ago (1 children)

Bad actors will try to nuke the entire platform to maintain a monopoly on this format of communication and community.

[–] andrew@lemmy.stuart.fun 25 points 1 year ago (1 children)

Who could you posspezibly be referring to?

[–] Etienne_Dahu@jlai.lu 1 points 1 year ago

Is it the android? The lone skum? Or someone else entirely?

[–] acastcandream@beehaw.org 35 points 1 year ago

Once again reaffirming why I refuse to host an instance. If I ever do, I’m not federating with any of you degenerates lol

[–] Maajmaaj@lemmy.ca 16 points 1 year ago (2 children)

Your friend should have restricted account creation.

[–] robotrash@lemmy.robotra.sh 37 points 1 year ago (2 children)

Federation still causes those images to be saved on your hardware, even if the account that creates it is hosted somewhere else.

[–] whofearsthenight@lemm.ee 8 points 1 year ago (1 children)

This is kinda a major problem with lemmy, and the idea that they don't have CSAM detection on the roadmap is going to make wide adoption a near impossibility. The other thing though is that even automated CSAM detection isn't 100%, so hosting your own instance likely means you're going to have to view CSAM and other fucked up shit at some point to properly moderate it, even if you're just hosting for yourself. Tbh I was strongly considering hosting my own instance because it's not like, that hard/expensive, but this saga has turned me completely off of that idea, even just for myself.

This actually makes me wonder how much reddit mods deal with this type of thing instead of paid employees like facebook, which has a paid army dealing with content moderation on facebook. Oh, and talking about xitter now which has neither volunteer mods and no moderation team since Elon fired them all, I assume that the freaks have just decided that's their hosting platform of choice.

[–] robotrash@lemmy.robotra.sh 4 points 1 year ago (1 children)

I'll be honest, I'm probably just going to do a scheduled wipe of the pictrs directory of my local instance every week or whatever. I've done them manually a few times and they've had zero affect on my experience.

[–] KairuByte@lemmy.dbzer0.com 1 points 1 year ago (1 children)

If your local instance is just you, and you never post on your local instance, you could likely just wipe the local images nightly without any issue. Unless I am mistaken, any missing images would simply be downloaded again, since they all originated from another instance.

[–] robotrash@lemmy.robotra.sh 1 points 1 year ago

Yep, just me. That not a bad idea. Even I post something would other instances reference mine or would it matter once it's synced?

[–] Maajmaaj@lemmy.ca 7 points 1 year ago (1 children)
[–] pinkdrunkenelephants@sopuli.xyz 8 points 1 year ago* (last edited 1 year ago) (1 children)

It's serious flaw of federation #19865438736 that'll go ignored even when innocent instance admins end up getting jailed or killed over it

[–] PsychedSy@sh.itjust.works 2 points 1 year ago

It's software currently in development so hopefully they'll find alternative ways to handle it.

[–] rob64@startrek.website 12 points 1 year ago

I think it was an issue where the CSAM was being copied to servers via normal federation with the instance(s) being spammed.

[–] 01189998819991197253@infosec.pub 16 points 1 year ago (1 children)

I'm glad s/he was able to nuke the CSAM, even if other material was nuked with it. This crap is why I'm not hosting.

Please, call it CSAM (child sexual abuse material) and not CP (child pornography). The children in these photos/videos can't make pornography, they're sexually abused into making this material. CP insinuates that it's legitimate porn with children. CSAM, on the other hand, calls it what it is: sexual abuse of children.

[–] Tranus@programming.dev 22 points 1 year ago (10 children)

That is needlessly pedantic. I have never heard of anyone using the word pornography to imply legality or moral acceptability. There is no such thing as "legitimate" CP, so there is no need to specify that it's not ok every time it is mentioned. No one in their right mind would presume he's some kind of CP supporting monster for failing to do so.

[–] TheFrirish@jlai.lu 7 points 1 year ago

If we spent more time fixing things rather than naming them the world would be a better place.

[–] 01189998819991197253@infosec.pub 2 points 1 year ago* (last edited 1 year ago) (1 children)

No one in their right mind would assume that OP is. But the term was created to legitimize the material. So, while you're correct in that it is picky, it is also picky for a reason. Words are powerful. We should fight to not empower the legitimation of that term, among other things.

[–] Tranus@programming.dev 1 points 1 year ago* (last edited 1 year ago)

But the term was created to legitimize the material.

Do you have a source for that? I can't find anything that states the origin of the term itself is seedy. Besides, it's just a plain description: it's pornography with children in it.

The only sources I can find that support CSAM over CP claim that CP somehow implies consent. But I'm saying that simply isn't the case. I am not saying that words arent powerful. I am not saying that no words ever need to be changed. I am saying that these words don't need to be changed.

Based on those same sources, I'd speculate that this outrage is just misplaced anger. They almost immediately start talking about how bad sexual abuse is, which is not really relevant to whether it should be called CP or CSAM. Just because CP is bad, does not mean the term CP is bad.

load more comments (8 replies)
[–] Andrew15_5@mander.xyz 11 points 1 year ago (1 children)
[–] neeeeDanke@feddit.de 7 points 1 year ago

I know that guy Tobias Fünke, althought he also is a analysist. He had some clever abreviation for that as well!

[–] pinkdrunkenelephants@sopuli.xyz 9 points 1 year ago (2 children)

I'm not gonna lie, I'm surprised it took this long for some dipshit to try something like this. Lemmy's security has more holes in it than a piece of Swiss cheese and we're fools if we think it's viable enough for it to serve as a long-term home for new social media.

We really, really need a better social structure than federation.

[–] KairuByte@lemmy.dbzer0.com 12 points 1 year ago (1 children)

Lemmy’s security has more holes in it than a piece of Swiss cheese

This has very little to do with security. There's inherently "insecure" about posting CSAM, since the accounts and images were likely posted just like any other.

What really needs to happen, is some sort of detection of that kind of content (which would likely require a large change to code) or additional moderation tools.

[–] pinkdrunkenelephants@sopuli.xyz 6 points 1 year ago (1 children)

The lack of those tools is what I was talking about

[–] KairuByte@lemmy.dbzer0.com 11 points 1 year ago (1 children)

Ah okay, those arent generally considered security but I can understand why you went that route I suppose.

[–] pinkdrunkenelephants@sopuli.xyz 3 points 1 year ago (1 children)

Does anyone know why they were never put in?

[–] KairuByte@lemmy.dbzer0.com 5 points 1 year ago

Software development is a balancing act. You need to pick and choose not only what features to add, but when to add them. Sometimes, mistakes are made in the planning and you get a situation like this.

What likely happened, is that these kinds of features were deemed less likely to be needed, since the majority of lemmy users will never run into the need of them and there is technically a way to handle the situation (nuking your instances image cache.) But you'll likely see a reshuffling of priorities if these kinds of attacks become more prevalent.

[–] lemann@lemmy.one 8 points 1 year ago (1 children)

Lemmy's security

I think you mis-spelled moderation tools, nice quick fix would have been to block posts from new users on X instance and have a pinned post briefly covering why - they'll eventually run out of instances that don't have open signups IMO or just give up.

Another mod tools option would be rate limiting of posts, i.e. users can only make a new shitpost every 10-15min, rather than unlimited times per minute

Those are all fundamental aspects of Lemmy's security that should be there but are not

[–] A10@kerala.party 8 points 1 year ago

Bless you ❤️

[–] csolisr@communities.azkware.net 6 points 1 year ago (1 children)

In the meanwhile, my YunoHost based instance that still hasn't managed to make Pict-RS work and therefore can't even store images even if it wanted to is doing juuuuust fine

[–] Etienne_Dahu@jlai.lu 4 points 1 year ago

Come to think of it, if you're the only user, it's kinda protecting you, isn't it? (hello fellow Yunohost user!)

load more comments
view more: next ›