mike, 3 months ago

@hello Stop building it. Next question.

tek, 3 months ago

@hello looks like wordpress click bait

hypolite, 3 months ago

@tek @hello Content Nation or the We Distribute article? In both cases it misses the point.

hypolite, 3 months ago

@hello Goodness gracious, it’s so much worse than I thought, thank you @deadsuperhero for your work, you’re doing good!

thisismissem, 3 months ago

@hello specifically, it wasn't that "someone loaded CSAM onto your server", it was "I federated with the entire internet, including servers known to publish CSAM and showed all that content along side totally normal legal content"

That is, there was a failure to do approval-based federation or to implement domain blocks for well known bad domains.

It doesn't take much to discover DNI instances.

The act done was simply seeing CSAM via their feature & reporting it to their webhost.

thisismissem, 3 months ago

@hello like, I'm not saying reporting to the webhost first was the right move, but as a commercial entity, Sascha's lawyers should've advised him that allowing anyone to serve arbitrary content on his site without having a user account, is a really terrible idea.

Starting in limited federation would have been a better idea, along with restricting search of remote content to logged in users.

Those two things would've largely mitigated this problem & likely the backlash.

thisismissem, 3 months ago

@hello as you know, I'm working on a site for a guide to trust & safety features for the Fediverse.

I'm also working on challenging this ill-conceived notion that federating automatically with the entire internet.

The internet is largely a cesspool, and as such you need to build Fediverse services to account for that.

thisismissem, 3 months ago

@hello yes, I think it is a spec failure to not account for that and to guide implementers towards building safer software.

thisismissem, 3 months ago

@hello Btw, you may want to edit your database and set a "preferredUsername" on this account of "weDistribute" instead of "hello"

deadsuperhero, 3 months ago

@thisismissem @hello actually, we were taking a different approach here, in that Hello is simply an outreach / syndication channel. It’s a little weird, but felt less weird than wedistribute@social.wedistribute.org 😅

Eventually, the hope is to set up several different channels and some automation to pipe things around. You can kind of see that in progress with @decentered. though it isn’t perfect.

thisismissem, 3 months ago

@deadsuperhero yeah, like you can still use hello locally, but have a preferred username on other servers of wedistribute instead, iirc.

julian, 3 months ago

@hello One of my dream projects (not as in "pipe dream" but actually in realistic reach) is an ActivityPub interface for ORCID records: https://fietkau.social/@julian/112004249891946278

Being able to follow scientists' new publications even if they aren't personally on here would be useful. But the Bridgy Fed harassment has given me some pause. Academics are incentivized to be as public as possible about their articles, so I'm having trouble imagining backlash. Then again I didn't imagine the Bluesky bridge backlash...

box464, 3 months ago

@julian @hello This is the most disappointing part of building things in the fediverse. I’ve had a few fun ideas using the Mastodon API, but don’t release or follow through because of the nastiness I’ve seen around other projects that stretch beyond the current functionality. I’m sure I’m not the only one.

atomicpoet, 3 months ago

@hello What do you know about whoever spread CSAM on that server? Or who was in favour of it?

These people should be reported to the authorities. And for my own protection, I’d like to #Fediblock them.