Seems odd that they mention Mastodon as a Twitter alternative in this article, but do not make any mention of the fact that Twitter is also rife with these problems, more so as they lose employees and therefore moderation capabilities. These problems have been around on Twitter for far longer, and not nearly enough has been done.
It points out that you upload to one server, and that server then sends the image to thousands of others. How do those thousands of others scan for this? In theory, using the PhotoDNA tool that large companies use, but then you have to send the every image to PhotoDNA thousands of times, once for each server (because how do you trust another server telling you it’s fine?).
The report provides recommendations on how servers can use signatures and public keys to trust scan results from PhotoDNA, so images can be federated with a level of trust. It also suggests large players entering the market (Meta, Wordpress, etc) should collaborate to build these tools that all servers can use.
Basically the original report points out the ease of finding CSAM on mastodon, and addresses the challenges unique to federation including proposing solutions. It doesn’t claim centralised servers have it solved, it just addresses additional challenges federation has.
Yeah I was mostly just complaining about the poor quality of mainstream tech articles. The original report is a much pretty read and brings up some great points.
“We got more photoDNA hits in a two-day period than we’ve probably had in the entire history of our organization of doing any kind of social media analysis, and it’s not even close,”
How do you have “probably” and “it’s not even close” in the same sentence?
Here’s the thing, and what I’ve been saying for a long time about The Fediverse:
I don’t care what platform you have, if it is sufficiently popular, you’re GOING to have CSAM. You’re going to have alt-right assholes. You’re going to have transphobia, you’re going to have racism and every other kind of discrimination.
People point fingers at Meta for “allowing” this but there’s no amount of money that can reasonably moderate 3 b-b-billion users. Meta, and probably every other platform that’s not Twitter or False social, does what they can about this.
Masto and Fedi admins need to be cognizant of the amount of users on their instances and need to have a sufficient number of moderators to manage those users. If they don’t have them, they need to close registrations.
But ultimately the Fediverse can also create safe-havens for these sorts of things. Making it easy to set up a discriminatory network that has no outside moderation. This is the downside of free speech.
Ultimately, it’s software. Even if my home instance does a good job of enforcing it’s CoC, and every instance it federated with does as well, someone else can spin up their own instance, load up on whatever, and I’ll never know or even be aware if it’s never federated with my instance.
No, cause then you end up with a case like the guy who lost 15+ years of emails, his phone number, all his photos, his contacts, and everything else he had tied to a google account, because Googles automated detection triggered on a naked photo of their baby, that they sent to the doctor during covid, that the doctor requested, about a rash on the babies diaper area… and no amount of common sense would stay their hand or reverse their ignorant judgement that this man was a child pornographer, and even called the police on him.
But how that platform deals with/fights it is what makes the platform good or bad.
Take Facebook for example in horrible… Facebook is rife with the stuff, and it regularly gets reported… and nothing happens. To the point that a Reporter once confronted them about it during an interview, and Facebook proved it did have the capability to contact law enforcement… by calling them on the reporter who showed them the evidence of it on their platform.
As a parent, I’m always worried about any policy with “protect the children” as the main argument. There are lots of stupid policies proposed and sometimes implemented that are justified this way, such as:
facial recognition to prevent underage kids from playing certain video games
proof of ID to access social media and porn
complicated parental controls on devices and services
And so on.
Most of these have easy ways to circumvent these rules and absolutely violate privacy, so I will be teaching my kids how to do that. In fact, once our home Internet gets fast enough, I may route all traffic through a VPN just to avoid most of these stupid rules and instead rely on trust with my kids to keep them safe on the Internet.
These articles are written by idiots, serving the whims of a corporate stooge to try and smear any other than corporate services and it isn’t even thinly veiled. Look at who this all comes from
The article written by WaPo and regurgitated by The Verge is crap, but the study from Stanford is solid. However, it’s nowhere near as doom and gloom as the articles, and suggests plenty of ways to improve things. Primarily they suggest better tools for moderation.
The study from Stanford conflates pencil drawings of imaginary characters with actual evidence of child rape.
Half the goddamn point of saying CSAM instead of CP is to make that difference blindingly obvious. Somehow, they still missed it. Somehow they are talking about sexual abuse as if it’s something that can happen to pixels.
After reading it, I’m still unsure what all they consider to be CSAM and how much of each category they found. Here are what they count as CSAM categories as far as I can tell. No idea how much the categories overlap, and therefore no idea how many beyond the 112 PhotoDNA images are of actual children.
112 instances of known CSAM of actual children, (identified by PhotoDNA)
713 times assumed CSAM, based on hashtags.
1,217 text posts talking about stuff related to grooming/trading. Includes no actual CSAM or CSAM trading/selling on Mastodon, but some links to other sites?
Drawn and Computer-Generated images. (No quantity given, possibly not counted? Part of the 713 posts above?)
Self-Generated CSAM. (Example is someone literally selling pics of their dick for Robux.) (No quantity given here either.)
Personally, I’m not sure what the take-away is supposed to be from this. It’s impossible to moderate all the user-generated content quickly. This is not a Fediverse issue. The same is true for Mastodon, Twitter, Reddit and all the other big content-generating sites. It’s a hard problem to solve. Known CSAM being deleted within hours is already pretty good, imho.
Meta-discussion especially is hard to police. Based on the report, it seems that most CP-material by mass is traded using other services (chat rooms).
For me, there’s a huge difference between actual children being directly exploited and virtual depictions of fictional children. Personally, I consider it the same as any other fetish-images which would be illegal with actual humans (guro/vore/bestiality/rape etc etc).
If we took this to its logical conclusion, most popular games would be banned. How many JRPGs have underage protagonists? How many of those have some kind of love story going on in the background? What about FPS games where you’re depicted killing other people? What about fantasy RPGs where you can kill and control animals?
Things should always be legal unless there’s a clear victim. And communities should absolutely be allowed to filter out anything they want, even if it’s 100% legal. So the lack of clear articulation of the legal issues is very worrisome since it implies a moral obligation to remove legal but taboo content.
Mastodon is a piece of software. I don’t see anyone saying “phpBB” or “WordPress” has a massive child abuse material problem.
Has anyone in the history ever said “Not a good look for phpBB”? No. Why? Because it would make no sense whatsoever.
I feel kind of a loss for words because how obvious it should be. It’s like saying “paper is being used for illegal material. Not a good look for paper.”
What is the solution to someone hosting illegal material on an nginx server? You report it to the authorities. You want to automate it? Go ahead and crawl the web for illegal material and generate automated reports. Though you’ll probably be the first to end up in prison.
I get what you’re saying, but due to federated nature, those CSAMs can easily spread to many instances without their admins noticing them. Having even one CSAM in your server is a huge risk for the server owner.
This could be a really big issue though. People can make instances for really hateful and disgusting crap but even if everyone defederates from them it’s still giving them a platform, a tiny tiny corner on the internet to talk about truly horrible topics.
Again if it’s illegal content publically available, officials can charge those site admins with crime of hosting. Everyone just has a duty to defederate.
Those corners will exist no matter what service they use and there is nothing Mastodon can do to stop this. There’s a reason there are public lists of instances to defederate. This content can only be prevented by domain providers and governments.
phpbb is not the host or the provider. Its just something you download and install on your server, with the actual service provider (You, the owner of the server and operator of the phpbb forum) being responsible for its content and curation.
Mastadon/Twitter/social media is the host/provider/moderator.
This seems like a very normal thing with all social media. Now if the server isn’t banning and removing the content within a reasonable amount of time then we have major issues.
Seems like if you talk about Mastodon but not Twitter or Facebook in the same post it makes it feel like one is greater than the others. This article seems half banked to get clicks.
Nothing you can do except go after server owners like usual. Has nothing to do with the fedi. Mastodon has nothing to do with either because anyone can pop up their own alternative server. This is one of many protocols they have or will use to distribute this stuff.
This just in: criminals are using the TCP protocol to distribute CP!!! What can the internet do to stop this? Oh yeah, go after server owners and groups like usual.
Things are a bit complicated in the fediverse. Sure, your instance might not host any pedo community, but if a user on your instance subscribe/interact with those community, the CSAMs might get federated into your instance without you noticing. There are tools to help you combat this, but as an instance owner you can’t just assume it’s not your problem if some other instance host pedo stuff.
That is definitely alarming, and a downside of the fedi, but seems like a necessary evil. Unfortunately admins and mods of small communties in the fedi will be the ones exposed to this. There has been better methods if handling this though. There are shared block lists out there and they already have lists that block out undesirable stuff like that, so it at least minimizes the amount of innocent eyes of mods, who are just regular unpaid people, from seeing disgusting stuff. Also, obviously those instances should be reported to the police, fbi, or whatever the heck
There is a database of known files of CSAM and their hashes, mastodon could implement a filter for those at the posting interaction and when federating content
Add comment