A High Priority for Moving Away from Lemmy

Gaywallet, 9 months ago

A few observations/thoughts.

• There’s an awful lot of posts basically saying “this is a part of the job of moderation” and I don’t think that’s a particularly empathetic or useful observation. I’ve been on the internet and moderating for long enough to have been exposed to a lot of this, but this is not an inevitability. It’s an outcome of the system we’ve designed, of regulation and law that we have, and of not prioritizing this as a problem strongly enough. Being dismissive of an emotional experience and trauma isn’t particularly helpful.
• I’m not technical enough to explain this, but there are technical and legal issues with CSAM and the lemmy platform that we’ve ran into. For one, there’s no automated scanning tools for this kind of content. My understanding is that even implementing or creating said tools would be difficult because of the way pict-rs and rust are storing images in the first place. You cannot turn off image federation, at all. At best, you can clear the content, but doing so may violate CSAM laws depending on the country and reporting requirements. Someone on the technical side can explain better than I can.
• This isn’t a thread to discuss who’s to blame for CSAM. Please cease all discussions fighting about religion in the comments. I will be removing these comments.

Penguincoder, 9 months ago (edited 9 months ago)

You cannot turn off image federation, at all.

This is correct for Lemmy codebase; but a WIP by the pictrs dev and upstream Lemmy itself.

For now, Beehaw users can go to their settings via the website, and uncheck Show images if they’re so inclined. This should prevent all images in posts and comments from loading automatically for you. This does not translate to other instances, front-ends, or apps. Just the main website. EDIT: Because of the caching, you’ll need to CTRL +F5 after saving this setting, to see it take affect.

retronautickz, 9 months ago

Aren’t there ways to automatically scan the content of posts to detect csam and other disturbed content?

Because completely disallowing images isn’t the solution. For once, people can still share those things through links. And secondly, there are people who need images and the like to communicate.

blackn1ght, 9 months ago

It could be possible to just disable uploading of images on the platform and rely on third parties (such as Imgur etc) who have the tools and experience to tackle this. It would at least solve the issue of images from other federated instances putting on an instance and it’s not the sole responsibility of the admin to sort it.

nosurprises, 9 months ago

From my understanding, beehaw still can get these images from other instances, unless they’ve already disabled that feature like lemm.ee did. Anyway, I think this should be a common effort, because it’s not easy to solve and probably costs a lot of money. Fediverse should be free from CSAM.

Phantaminum, 9 months ago

Hey, Im not a user from this instance, but I feel worried about you OP.

Perhaps take a break, even if you could not erase your memory’s as some people have said please take care of yourself. If it is not restrictive please go to therapy or in case that it is too expensive there is always a free service in a lot of countries.

Kangie, 9 months ago

A software platform that makes it nearly impossible for Beehaw to host, in any way, CSAM.

I hate to say it, but you’ll need to find a text-only platform. Allowing any image uploads opens the door to things like this.

Besides that, if your concern is that no moderator should be exposed to anything like that, well on a text-only site you might have to deal with disguised spam links to gore, scam, etc. You’ll still have to click on links to effectively moderate.

Maybe you should consider if this is a position that you want to put yourself in again. It sounds like this may just not be for you.

Chobbes, 9 months ago

This was my immediate thought as well. It’s unfortunate, but there will probably always be people who abuse online platforms like this. It’s totally okay if you’re not up to the task of moderating disturbing content like that — it sounds like it can be a really brutal job. I don’t know what the moderation tools on Lemmy are like, but maybe there’s a way to flag different kinds of moderation concerns for different moderators (so not everybody has to be exposed to this kind of stuff if they’re not comfortable with it). And maybe there could also be a system where if user’s flag the post it can be automatically marked as NSFW and images can be hidden by default so moderators and other users don’t have to be exposed to it without warning (though of course such a system could potentially be abused as well). But beyond that I’m not sure what else you can do, aside from maybe limiting federation.

lerba, 9 months ago

This post seems highly reactive to me. I’m sorry to hear of you being exposed to such disturbing material, but I fail to see at true connection of that happening and using Lemmy as the platform. I absolutely agree that nobody should have to experience what you did, but I disagree with the platform change proposition.

potterman28wxcv, 9 months ago

I don’t know of any software platform where that would not happen.

Even with a text-only platform people can still post URLs to unsafe content.

I think OP is referring to some kind of automated scanner but I’m not sure there are publicly available ones. I guess using them would come at a cost - either computational or $$. And even so, there can be false positives so you would probably still have to check the report anyway someday.

GunnarRunnar, 9 months ago

I don’t know what kind of platform would make it impossible to not host csam. Text only, without linking?

Or is the problem here that the post was available to the wider audience, so other than moderation front was able to see it? Lemmy doesn’t do restricted posting? Jesus this platform is at its infancy then.

Rentlar, 9 months ago

I am very sorry you had to go through such a terrible experience.

It is my sincerest hope that you will be able to find a workable solution to this problem, from Lemmy or elsewhere.

I am (and have been) okay with admins taking any action necessary to accomplish the goals of the Beehaw project. So removing image hosting, implementing lemmy-safety, restricting federation severely, do whatever you need.

And please, also do whatever you need to care for yourself, including if it means needing to take a break from the site.

gaytswiftfan, 9 months ago

Im sorry you had to witness that. I grew up on forums and message boards in the mid 2000s and onward and Ive still not forgotten a lot of the shock images and other vile things people would post on forums.

You essentially sacrificed a part of your innocence to aid the community and i find that incredibly selfless and respected, although again I am truly sorry it ever had to come to that.

I know it’s not really my place as a stranger to give unsolicited advice but if you find yourself struggling, there is a form of therapy called EMDR that is supposedly very successful with getting the brain to fully digest traumatic events.

kobold, 9 months ago

i am so sorry you had to see that kind of thing.

noctisatrae, 9 months ago

I can’t imagine how terrible you must feel. You should get some external help… I hear that hypnosis is used for traumatic experiences.

I need to think about what you said. I really want to see the community blossom. We should maybe make an IRC community?

EDIT: I think it’s called EMDR

mojo, 9 months ago

As long as you can post links or upload images, there is an avenue for CSAM to be spammed. Beehaw should probably start with a whitelist and slowly expand. Refuse to federate with anyone that has open registration.

Flax_vert, 9 months ago

How would moving platform help with this? Can’t someone just post them to whatever platform beehaw moves (and dies) on?

Regardless, nobody should ever have to go through that satanic evil that is Child Sexual Abuse or even view the imagery of it.

Zevlen, 9 months ago

deleted_by_moderator

Flax_vert, 9 months ago

Satanic is being used as a synonym for evil here. And there’s nothing evil about Christianity. Just evil satanic people claiming to be Christian

Zevlen, 9 months ago (edited 9 months ago)

deleted_by_moderator

sludge, 9 months ago

deleted_by_moderator

Zevlen, 9 months ago

deleted_by_moderator

Flax_vert, 9 months ago

How is it worse? Have you read the Old Testament in comparison to the New Testament?

sludge, 9 months ago

deleted_by_moderator

Flax_vert, 9 months ago

There are many different institutions based on Christianity scaling from the Roman Catholic Church, Church of England, Presbyterian Church of the United States of America to tiny little churches such as small baptist churches and nondenoms.

So if your criticism is specifically with the Roman Catholic Church, fair enough, but the teachings of Christianity aren’t evil at all and if everyone acted how Jesus acted the world would be a far better place

Flax_vert, 9 months ago

You say to read the Bible, but at what point does the New Testament condone slavery, paedophilia and war? It sounds like you haven’t read it

Zevlen, 9 months ago

deleted_by_moderator

Flax_vert, 9 months ago

Fair enough

Zevlen, 9 months ago

deleted_by_moderator

Flax_vert, 9 months ago

Paedophiles, hate mongerers, etc

Penguincoder, 9 months ago

deleted_by_moderator

sparklepower, 9 months ago

thank you for speaking up, Chris <3 please look into EMDR therapy, it has been incredibly effective for me, specifically for coping with extreme visual imagery.

the internet has a serious culture problem. people enjoy this shit. so many people turn a blind eye to things that make them slightly uncomfortable. i think ppl need to face consequences.

furrowsofar, 9 months ago

People keep talking about going to another platform. Personally I think a better idea would be to develop lemmy to deal with these issues. This must be a fediverse wide problem. So some discussion with other admins and the developers is probably the way to go on many of these things. Moreover you work with opencollective.com, can they help. Beyond this, especially CSAM, there must be large funding agencies where one could get a grant to get some real professional programming put into this problem. Perhaps we could raise funds ourselves to help with this too.

So frankly I would like to see Beehaw solve the issues with lemmy, rather then just move to some other platform that will have its own issues. The exception may be if the Beehaw people think that being a safe space creates too big a target that you have to leave the Threadiverse to be safe. That to me seems like letting the haters win. It is exactly what they want. My vote will always be to solve the threadiverse issues rather then run away.

Just my feeling. There may be more short term practical issues that take precedence and frankly it is all up to you guys where you want to take this project.

snowe, 9 months ago

The solution is to use an already existing software product that solves this, like CloudFlare’s CSAM Detection. I know people on the fediverse hate big companies, but they’ve solved this problem already numerous times before. They’re the only ones allowed access to CSAM hashes, lemmy devs and platforms will never get access to the hashes (for good reason).

furrowsofar, 9 months ago

They will still need to have a developer set this up and presumably it should be added as an option to the main code base. I thought I heard the beehaw admins were not developers.

There are a number of other issues that are driving the admins to dump lemmy. Same applies there.

snowe, 9 months ago

Not sure what you mean. You do not need to be a developer to set up CloudFlare’s CSAM detection. You simply have email the NCMEC, get an account, then check a box in CF, input some information about your NCMEC account, and then you’re good to go.

furrowsofar, 9 months ago

How does the scan happen? It has to be linked in some how. Are you saying that choosing cloudflair as your CDN that will flag at distribution time? Or at upload time?

snowe, 9 months ago

If you use CloudFlare as your proxy then all your instances traffic gets routed through CF before ever making it to your server. If someone tries to upload CSAM it will immediately be flagged (before ever making it to your server). CloudFlare then quarantines it and automatically files a report with the National Center for Missing and Exploited Children. There’s more to the prices, but the point is that putting it in the lemmy software is not a good solution, especially when industry standard proven solutions already exist. You don’t have to use CF. You can also use solutions from Google, FB, Microsoft, Thorn, etc.

furrowsofar, 9 months ago

Interesting. Thanks.

thySatannic, 9 months ago

Wait… why is no access to csam hashes a good thing? Wouldn’t it make it easier to detect if hashes were public?! I feel like I’m missing something here…

snowe, 9 months ago

Giving access to CSAM hashes means anyone wanting to avoid detection simply has to check what they’re about to upload against the db. If it matches then they simply modify the image until it doesn’t. It’s literally guaranteed to make the problem worse, not better.

thySatannic, 9 months ago

Ah thanks, hadn’t thought of that!

sarmale, 6 months ago

Question, from what I saw it seems like every CSAM image ever is assigned a new hash. Isnt it unscalable to asign a separate hash for everything? does that mean that most CSAM images were detected before?

jarfil, 9 months ago (edited 9 months ago)

Those images are burnt into my mind and I would love to get rid of them but I don’t know how or if it is possible

I’m very sorry this happened to you, and I wish I could offer you some advice… but that’s the main reason I stopped hosting open community stuff many years ago. I thought I was hardened enough, but nope; between the spam, the “shock imagery” (NSFL gore, CSAM), the doxxing, and toxic users in general… even having some ads was far from making it all worthwhile. There is a reason why “the big ones” like Facebook or Google churn through 3rd world mods who can’t take it for more than a few months before getting burnt out.

I wish I could tell you that you’ll eventually forget what you’ve seen… but I still remember stuff from 30 years ago. Also don’t want to scare you, but it’s not limited to images… some “fanfiction” with text imagery is evil shit that I still can’t forget either.

Nowadays, you can find automated CSAM identification services, like the one run by Microsoft, so if you integrated that, you could err on the side of caution and block any image it marks as even suspicious. This may or may not work in your jurisdiction, with some requiring you to “preserve the proof” and submit it to authorities (plus different jurisdictions having different definitions of what is an what isn’t breaking the law, and laws against swamping them with false positives… so you basically can’t win). This will also do nothing for the NSFL or text based imagery.

A way to “shield yourself” from all of this as an admin, is to go to an encrypted platform where you can’t even see what’s getting posted, so you never run the risk of seeing that kind of content… but then you end up with zero moderation tools, pushing all the burden onto your users, so not suitable for a safe space.

Honestly, I don’t think there is an effective solution for this yet. It’s been a great time abusing the good will of the admins and mods staying on Beehaw, but if you can’t find a reasonable compromise… oh well.