Sorry for the short post, I’m not able to make it nice with full context at the moment, but I want to quickly get this announcement out to prevent confusion:
Unfortunately, people are uploading child sexual abuse images on some instances (apparently as a form of attack against Lemmy). I am taking some steps to prevent such content from making it onto lemm.ee servers. As one preventative measure, I am disabling all image uploads on lemm.ee until further notice - this is to ensure that lemm.ee can not be used as gateway to spread CSAM into the network.
It will not possible to upload any new avatars or banners while this limit is in effect.
I’m really sorry for the disruption, it’s a necessary trade-off for now until we figure out the way forward.
This is sick. Kudos to mods for dealing with this garbage. I hope the posters are all hunted down and punished.
Yeah, the admins deserve all our support on this. Not only to protect themselves as server owners, but to stop the spread. Hopefully a longterm solution will be found soon
Just like self-isolation when you have a cold - the healthy and wise thing to do.
I didn’t like Apple’s idea of scanning private images for such imagery, but I think it would be a fantastic technology to use for social media. If they open sourced it, it could help Lemmy a lot.
I think this is a great move until we have something rock solid to prevent this. There are tons of image hosting sites you can use (most of which have the resources to already try to prevent this stuff) so it shouldn’t really cause much inconvenience.
Quality of posts will go up too. There’s a direct correlation with (worse) quality and image posts.
I prefer image memes, but to each their own.
Images are great when used sparingly
insert image here
less strain on lemmy servers as well
I’m sorry that you and the people on this instance are being subjected to that shit. It’s always despicable but on top of that it just seems absurd to target lemm.ee – a deliberately unprofitable platform – with such illegal means.
And I’m honestly sorry that people are blaming & attacking you and various other Hexbear users for no tangible reason.
I’m surprised people have forgotten already about the attacks against lemmy.world, assumedly executed by a disgruntled ex-moderator long before we ever knew Hexbear existed.
Instead people are jumping to “OhH it’s ThE HexBeArS” when they have not been able to freely browse HB discussions or even talk with you, they’re just shown the worst take from a minority (although tbf HB does the same on c/cth, so it’s kinda funny seeing both sides with one not realising the other is also just a human too, just with differing culture and political stance)
Edit: replaced “guys” with a more neutral term
Thankfully I haven’t seen the takes accusing HB of the recent attacks, though being accused of the attacks on .world was a little annoying. I appreciate the solidarity.
I genuinely have no idea where this recent attack is coming from. The most fried part of my brain says “One of the big companies trying to absorb the fediverse is doing this to undermine their competition,” but I have zero evidence, it’s just the only motive I can even think of beyond it being a rogue crank.
It’s totally conceivable that HB people would spam an instance they don’t like – though this would be against the wishes of the mods and admins – but our site culture is completely antithetical to spamming CSAM and things like that, so I don’t think even a rogue group of users would do it “on our behalf”.
Oh, I just realized it could be one of those fash instances like exploding heads. If any were defeded relatively recently, that would make sense.
Instead people are jumping to “OhH it’s ThE HexBeArS” when they have not been able to freely browse you guys’ discussions or even talk with you, they’re just shown the worst take from a minority (although tbf you guys do the same on c/cth, so it’s kinda funny seeing both sides with one not realising the other is also just a human too, just with differing culture and political stance)
I don’t think I have much to contribute to the “both sides” thing that is useful, but I’m going to talk anyway because I’m thinking about it now.
off-topic
I think if you asked a hexbear user to seriously answer how representative those screenshots are of lemm.ee, they’d probably say that lemm.ee is much more ideologically disjointed on a handful of issues, especially regarding history and geopolitics, and the screenshots are only representative of some of the more annoying tendencies among the neoliberals and poorly-educated “anarchists” (like that dude who decried “tankies” and used Sankara as a counterexample, when we all like Sankara). I also think they would be correct in saying this. I don’t know what the anti-HB people who don’t comment on our instance think, I hardly ever see it, but I can at least tell you that we know much more about neoliberal ideology than they do ML, because we almost all started out as de facto neoliberals and nearly none of them have even a basic understanding of ML theory (which is not really their fault, to be clear).
Anyone on any instance federated with hexbear is welcome to post questions to c/askchapo. If they are relatively polite and not presumptuous, we’ll be happy to answer. If people are still mean, report it. You can let me know and I will personally nag the mods to address the matter properly. Just recently we had a thread from a .ml user who wanted us to state our opinion on Trump for the record for the hundredth time, so about a hundred users chimed in that they all hate his guts (I also made a comment to that effect). We’re happy to discuss things openly and it would be good for us to improve community relations to avoid things like one group accusing the other of doing something as heinous as what the OP describes.
trump
To be fair, some of the rhetoric you all use makes your political compass difficult to navigate.
As I said, the question is welcome no matter how tedious I might personally find it, just like any question asked in good faith.
Complete aside: polcomp is a bad way of attempting to understand politics. It has no way of understanding Marxism.
Here is an alternative Piped link(s): https://piped.video/watch?v=9nPVkpWMH9k
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source, check me out at GitHub.
This is a cool bot!
That video could have easily been 5 minutes. Phweew.
Say something bad about communism.
off-topic
About “communism” itself? What is the scope here? Token criticism is meaningless but I will humor you: I dislike the Khmer Rouge.
I don’t care to hear you say something bad about neoliberalism because it’s the most prized action by anarcho-bidenists to say “NATO bad” and then agree with NATO about most of its enemies.
Everyone should be able to point out flaws in a system, as no system is perfect. Not even communism. So, point out the flaws in communism, in plain English.
political compass
Anyone that uses this to navigate politics is themselves politically illiterate.
Ahhh yes, someone who cannot read between the lines to understand the true meaning. Thank you for this wonderful example.
“I’m scared of having my political illiteracy exposed and dunked on so I only ever write intentionally vague responses.”
I felt it was pretty understandable. We can have a nice conversation, or we can stop. Up to you.
Its really not complicated.
Just communist/anarchist/far more left than normal western discourse with a large amount of cynicism.
CSAM sourcing?
Where do these people get that much CSAM. somebody once said that to the best of their understanding, it was new CSAM images each time, meaning not many repeats. My collection of reddit memes costs me ~15-30GB, all of sbubby costs ~5GB. where is it pooled from?
The most fried part of my brain says “One of the big companies trying to absorb the fediverse is doing this to undermine their competition,” but I have zero evidence
Most companies that build CSAM detectors, by nature of their work, have a lot of it. likely thousands of photos and videos were willingly handed over to put into some vault to fight against it’s existance. If its a large corperation attacking is, it nesisarly means a leak from a CSAM vault wether it was intentional (an authorized attack) or not (opsec mistakes or insiders). Or it means there was no vault (negligence) or it wasnt tranfered securely (opsec mistakes).
it’s just the only motive I can even think of beyond it being a rogue crank.
Its not hard to build a bot that scrapes a webpage of its images, they can easly aggrogate that much content over decades.
Yeah, it’s kind of weird. Doesn’t whatever gets posted eventually get sent over to the other federated servers? Like every server saves a copy? Like the dumbest attack on another server would be this.
We had to deal with something similar on lemmygrad a while ago. All power to you for destroying these annoying bastards.
they are more disgusting than annoying tbh
hear hear
How did you guys deal with this?
We doubled the amount of mods, and banned anything remotely resembling the things on-site. Sadly many times it had to be a brave lemmygrad to check it first and take the bullet for us to report it. I was one of those people on several occasions. I still cringe at the memories. It lasted a few months iirc.I haven’t seen whatever is hitting you guys, but our bots had some recognizable features, usually hiding their spam behind spoilers or links.
It really was just a mobilization, lockdown, and purging everything that was suspicious until it stopped. That or they found a way to block those bots. I wasn’t in the command center by any means so the internal decisions I don’t know too much about.
condolences for having to deal with this and full support of your actions.
My honest reaction to this:
[removed externally hosted image]
bro they banned images did you not read the post lol
deleted by creator
autism strikes again
I am my own worst enemy
deleted by creator
Can I just say - wholesome :3
I know there are automated tools that exist for detection CSAM- given the challenges the fediverse has had with this issue it really feels like it’d be worthwhile for the folks developing platforms like lemmy and mastodon to start thinking about how to integrate those tools with their platforms to better support moderators and folks running instances.
I just shut down my instance because of this attack. Once there are better controls to prevent this, I will stand it back up.
Yeah, there was a gardening instance run by a great guy who just did the same
What do you think the purpose of these attacks are? The fediverse is so small in the grand scheme that I can only assume the worst.
Good thing my instance is only friends and friends of friends, otherwise I’d have to do the same
What was your instance?
That’s fucking dope, thank you very much for the link to the issue!
Good, its an API that can fit diffrent tools even if one is promoted. Upgrading means switching out a binary file. Posix modularization FTW.
fucking disgusting, and I’m sorry you and your mods, admins and users were subjected to this
I honestly think this is the reason why message boards generally don’t have the feature to attach images to posts anymore.
Large public message boards, anyway
No apologies necessary.
This is really sad and disgusting. It affects the whole platform but especially smaller instances that can’t keep up. Despite being a lemm.ee user, I was particularly upset about thegarden.land shutting down because of that spam. It had my favourite gardening community on here.
I really hope this gets sorted out, and the spammers end up where they belong.
Wait, they shut down? That’s sad, they were great
😢
I’d really love to start a small instance just to play host to a couple of niche interests I don’t see around yet, but yeah, hearing about this fucked to behavior is making me hold off.
It has a real chilling affect on users, which is so unfortunate for a platform that is mostly made up of well meaning people
deleted by creator
Damn this sucks.
This is why we can’t have nice things.
Honestly, some people are just the worst. Why on earth anyone would waste their time doing something so vile is absolutely beyond me…
If one enjoys the twisted pain inflicted on children, then inflicting pain that makes most adults want to use eye-bleach by showing off their plunders is to them well executed revenge on the people they dont like.
It’s honestly sad that some well-intentioned laws can be used to attack online platforms.
I mean, the nuclear option should be used here even if there wasn’t legal liability because that shit just shouldn’t be here.
that shit just shouldn’t be here
Yes, I agree. Maybe my wording suggested otherwise. But my point was that it wouldn’t be the uploader that’s punished but the instance itself. That’s kinda weird.
I kinda wonder though, how would go about making a law against cp but doesn’t hurt small sites like lemm.ee?
The issue is that you really can’t. The laws are written specifically to prevent plausible deniability. Because pedos would be able to go “lol a troll sent it to me” and create some doubt in a jury. Remember that (at least in America) the threshold for conviction is supposed to be “beyond a reasonable doubt.” So if laws were focused on intent, all the pedos would need to do is create reasonable doubt, by arguing that they never intended to view/own the CSAM.
This was particularly popular in the Napster/Limewire days, when trolls would upload CSAM under innocuous titles, so people looking for the newest episode of their favorite show would find CSAM instead. You could literally find CSAM titled things like “Friends S10E9” because trolls were going for the shock factor of an innocent person opening a video only for it to end up being hardcore CSAM. Lots of actual pedos tried using the “I downloaded it by accident” defense.
So instead, the laws are written to close that loophole. It doesn’t matter why you have the CSAM. All that matters is you have it. The feds/courts won’t give a fuck if it was due to you seeking it out or if it was due to a bad actor sending it to you.
How is that not extremely problematic? What stops someone from using Tor and a bunch of dummy accounts to send CSAM to someone else and get them arrested?
And that’s pretty much where we are now. Bad actors creating bot accounts on multiple instances, to spam the larger (most popular) instances with CSAM.
I think they have oversimplified the situation to the point that it is wrong.
-
Arguably, Lemmy instance providers (depending on where they live) are protected in the same way Facebook or other content hosts are. So long as you are acting in good faith you are protected against any illegal content your users upload. This does mean you need to remove illegal content as you become aware of it, you can’t just ignore what your users are doing.
-
There have been cases where although a user technically ‘possessed’ CSAM, it was shown that they did so unknowingly via thumbnails or it being cached. The police do investigate where it came from. It’s not as simple as just sending it to someone and you can have them convicted.
Oh okay, that’s good. So if you could show that you were trying to block it, you’d be safe.
Yes, you’d just need to show that you actively moderate/apply content policies.
This will vary by jurusduction, but most of the West has laws similar to this I believe.
-
Lemmy instances are likely already protected in many countries legally so long as they act in good faith, ie actively moderate.
Fuck the legal part, I wouldn’t want to stay on platform infested with cp. Thank you so much for all the awesome people combating this <3
