This should help us cut down on the trolls. We recommend other instances do the same, because they will likely be targeted also.

I apologize for all their gore-posts as well, no one should have to see that. We’ll try to look for more admins from different time-zones as well to get them faster.

The two other possibilities we have currently as options, are turning on required email verification, and as a last resort, closing signups. I personally would rather not do either, but they are options.

Many thanks to @k_o_t@lemmy.ml and @AgreeableLandscape@lemmy.ml for banning those trolls.

Can you set it up so that we can invite friends with referral links (a la mastodon style) and it bypasses the application requirement? Maybe we have to apply to get the referral link activated.

poVoq
link
fedilink
217M

Invite only instances would be also nice for self-hosting.

Dessalines
mod
admin
creator
link
fedilink
197M

Not opposed as long as someone else codes it lol. I’m a bit swamped.

@Tomat0
link
fedilink
5
edit-2
7M

Fantastic idea! I actually never thought about this, this could probably be done fediverse-wide.

@Zerush
link
fedilink
257M

Perhaps to avoid this type of user, a pre-school intelligence test would suffice.

I disagree. The far right users that chose to brigade Lemmy are not dumb, instead their moral compass is screwed up. Trolling requires smartness, even if the bait content itself is not a proof of intelligence.

@Zerush
link
fedilink
3
edit-2
7M

I’m not talking about trolls, I’m talking about Nazis and these guys with fixed ideas, by definition, are never luminaries, less if they are simple guys and not rich people, the latter almost always only sympathize with fascism, because it is the political orientation that most favors the savage capitalism that favors them.

For the rest, the waving flags with the svastica tattooed can be seen as follows https://i.imgur.com/kqHNjpv.gif

You did not need that GIF to tell me the nature of so many people. They are easily identifiable for the most part, so it is not that big of a deal. What we simply need is vigilant and educated users, and Lemmy does have that. Think of the audiences that will never come here permanently – Reddit NSFW users, Gab/Dissenter users, Kik/Omegle/Chaturbate users, /pol/ users (and typical chan users in general).

The majority of users in any herd are followers, that is how the leader concept works. So them having fixed ideas is again not the main concern. It just creates a sheep army, and they can all be defused in the same capacity they come. You find the origin and understand that so more future shepherds get discouraged, and therefore less sheeps mobilise.

@Zerush
link
fedilink
17M

Agree with this, naturally requires vigilance. But these, trolls, spamers and similar fauna, cannot be avoided by adding an email to the registry. Spammers can perhaps be avoided by simply waiting an hour before sending the registration confirmation, since spammers often use temporary emails that expire earlier.

Now is not the time for it. Probably after Reddit goes public and crashes into an endless void, when the influx of users come here, after that phase things might change a lot. Lemmy needs to grow and become more significant in the mainstream.

A platform that forcibly asks for emails or other identifiers is suicide at this stage for a platform that also advocates FOSS, federation, modlog transparency and great civillity. Reddit does not do it, and there is still a lot of meaning to the anonymity they provide, despite being a giant platform.

@Zerush
link
fedilink
27M

Reddit and anonymity? 🤣 Reddit even pass user data to Facebook and worse, TowerData, the last even uses keylogger.

https://themarkup.org/blacklight?url=reddit.com

Data to

https://themarkup.org/blacklight?url=Neustar.com

and

https://themarkup.org/blacklight?url=TowerData.com

This mean, all big tech nows the data from reddit users

I have not needed to allow Facebook or other 3rd party domains with Reddit, so I am unsure. Same goes with keyloggers. Keylogging and 3rd party tracking is a problem for people who use Chrome without ad blockers. Anyone who uses any half decent adblocker (even ABP) or Firefox does not have these issues.

@Zerush
link
fedilink
27M

I use Vivaldi (Chromium) and also don’t have problems with this. But this has nothing to do with the joke that Reddit is anonymous, it’s less anonymous than FB, they are sites which I avoid out of principle and mental hygiene.

Reddit is less anonymous than Facebook? U WOT M8? I have not seen that being true at all.

Reddit does not mandate email, government IDs, phone numbers for account creation, usernames are all anonymous, no photo posting, also allows 3rd party FOSS clients liberally. See what Instagram did to Barinsta.

@Zerush
link
fedilink
1
edit-2
7M

They don’t need your name to track and identify you. Se tracking tecnics used in Big Tech sites. Only TowerData log everything you post there, using it to profile you,

Aso MS, FB uses pixelAPIs, Google geolocations and compare datas from other sites you visit which use Google APIs and analytics, also from Alphabet and NEST, also Google companies. Reddit is the oposit of Lemmy in anonymity. Instagram and WhatsApp naturally have nothing to do with anonymity or privacy, none of the Zuckerbot sites respect this.

Look in the Browserleaks and see what Data can be seen by a website if they want and if you don’t use a protection more than ad/trackerblocker. (Datas shown in my case are all wrong or N/D, only true that I live in Spain (if I don’t use a VPN) and don’t use a Touchscreen. But it has needed a lot of settings which a normal user don’t do or not even knows.

Anyway it’s better to avoid this sites.

I know numerous cross site tracking techniques. This is not how tracking works. Keyloggers need to have JS scripts directly running, which uBO blocks. Same goes for cookies, which get erased upon each browser session, so this is meaningless. Cookies need to persist across sessions to do what you say.

Blacklight detected scripts belonging to the companies Alphabet, Inc., Neustar, Inc. and TowerData, Inc…

These scripts have to run in the first place, which is largely also blocked by Firefox’s Enhanced Tracking Protection.

uBlock Origin is like a condom to use internet at this point.

@Zerush
link
fedilink
17M

In Vivaldi this is also blocked by the inbuild ad and trackerblocker (same filters as uBO and more.). But how much user know this? The most use Chrome or Edge, using FF because they think it’s the most secure, but searching with Google (default in FF, which also send data to Alphabet (Google).

Now Google try another dirty trick with the Trending API to profile the user, same as with Idle and FLoC before.

While surveillance advertising is legal to create revenue for these companies, there is not going to be a truly free internet and a permanent war between Google & co and developers who remove these attempts from the users which take privacy seriously. Cookies since time ago are not a problem, tracking and profiling the user are much more sofisticated, there are pixel tracking, fingerprint, CSS exfill, CDN, among others, even scripts to access cam, mic, keyboard and mouse. Worse in mobile.

I think working against the Chromium/Blink monopoly is very important. Outside of Firefox, browsers with a configurable user.js and userchrome.css does not exist in Chromium land.

Chromium is also not a base for Tor Browser or TailsOS browser and is too leaky. Also gorhill, uBO and uMatrix maker, recommends Firefox over Chromium/Blink browsers.

@Zerush
link
fedilink
17M

It isn’t so, we need to work against surveillance advertising, this is the underlying problem, not the browser engine, apart uservivaldi.css is full configurable, it’s not a simple Chromium like others.

Also Firefox, although in some points more private than Vivaldi and in others less, creates income with surveillance advertising, that is, in collaboration with Google (Alphabet INC and NEST), APIs that in Vivaldi are optional and can be deactivated in the configuration or already they are removed by the devs, but not so in Firefox. What is missing I can put with a catalog of extensions that is ten times that of Gecko.

I also use Firefox for some things, but I don’t really see it as better or more private. But much more basic. Regarding TOR, it is a browser capable of accessing .onion networks, but apart from this, using it without VPN leaves you much more exposed there than with FF or Vivaldi on the normal network, this is not its function. That is to say, using it in the normal network, it is only slower, but it does not protect one iota more, it is a common mistake to believe it. You can check it on Browseleaks.

Nobody cares about catalog of extensions, even though Firefox has larger addon base. What is cared about is how well extensions are allowed to function, and Chromium browsers with complete Manifest V3 implementation has killed ad blockers in its fullest state.

As for surveillance advertising, that will only be killed when capitalism dies, or when the ad blocking users increase so much, the paywalling and privacy invading sites start to further paywall and self kill their websites.

Vivaldi is also closed source, and their reasoning for justifying the closed source code is too shady. https://vivaldi.com/blog/vivaldi-browser-open-source/

Vivaldi browser is part open-source, part closed-source

Of the three layers, only the UI layer is closed-source. This means that roughly 92% of the browser’s code is open-source coming from Chromium, 3% is open-source coming from us and only 5% is our UI closed-source code.

There is nothing like partly open source. What decides open source? 1% closed? 2%? 5%? 10%?

It’s the Vivaldi brand

The Vivaldi UI is truly what makes the browser unique. As such, it is our most valuable asset in terms of code. The obfuscation is partly there to improve performance, but it also very much is the first line of defense, to prevent other parties from taking the code and building an equivalent browser (essentially a fork) too easily.

We don’t publish it under an open-source license and only release obfuscated versions of it.

​​If a new project based on our code implements features that are fundamentally against our ethics (damaging to human rights or to the environment in some way, for instance)

Even though most of the security-relevant code for Vivaldi browser is in Chromium, there is some security-relevant code in the UI as well.

“human rights” “some security-relevant code in the UI” “only 5% is our UI closed-source code” “to improve performance”

I have rarely seen such weasel reasoning. Brave is worse despite open sourcing because of BAT, but they still do not do such PR talk.

@Zerush
link
fedilink
1
edit-2
7M

The Vivaldi code is 100% accessible by the user and auditable, it is even taught in the community how to modify it, naturally at your own risk. Both Edge and Chrome itself try to mimic Vivaldi’s functions, but not being allowed to fork it (that’s the meaning of ClosedSource in Vivaldi), with a pretty poor result. Releasing these codes, BigTech would have forked Vivaldi, which would have been the end for a small cooperative with a different concept in a market full of abandoned and discontinued projects, which everyone believed that setting their browser as FOSS, simply putting their logo on the Chromium or Gecko would be enough (already more than 70 browsers that ended up like this)

Perhaps the definition of OpenSource requires a review, giving importance in the areas where it makes sense, in the more than 100 different browsers that circulate on the network, it is already irrelevant, especially if then they fall equally into the traffic model with the data of users, because they see that a browser requires an infrastructure, money and maintenance to continue it, apart of a good community.

Mozilla shares data with Coogle, which finances them, Vivaldi has another business model that does not compromise user privacy and also works, in a small company owned by its employees, strictly subject to and exceeding EU privacy regulations that in US companies do not exist.

Who is more capitalist and who is more ethical in their approach? Vivaldi, as the only browser company, is active in campaigns against surveillance advertising and active against Google’s tracking tricks. FOSS FF is conspicuous by its absence there, how strange. Check out Jon’s interview with Linux reps and why Manjaro and FerenOS use the ‘ClosedSource’ Vivaldi currently as the default Browser, other distros will surely follow. https://lemmy.ml/post/80937

Releasing these codes, BigTech would have forked Vivaldi, which would have been the end for a small cooperative with a different concept in a market full of abandoned and discontinued projects

The privacy and security of users is more important than defending one’s own interests by putting users at risk with closed source internet interfacing code. Vivaldi does not prioritise users, but their own benefits.

Perhaps the definition of OpenSource requires a review, giving importance in the areas where it makes sense

Or perhaps… only 100% open source software should be regarded as open source software? Even 1% closed source code means it is not FOSS. You can argue with any FOSS advocate (not grifters like GrapheneOS community) over this and get an answer. The famous Underhanded C Contest tells us about possibilities with obfuscation of code, hence closed source internet interfacing code is far more dangerous.

If Lemmy had 1% closed source code, would it be called FOSS? No. Apple’s OSes have few open sourced components. Nobody calls it FOSS. Signal’s code is not fully FOSS anymore, even though they made clear it is only the spam number database, and there is ample debate on whether to call it FOSS or not.

Mozilla shares data with Coogle, which finances them

This is inherently false, unless you want to mention the optional Google SafeBrowsing list which is built into all Chromium browsers. Having Google search engine as default is not the same as “shares data with Coogle”.

Vivaldi, as the only browser company, is active in campaigns against surveillance advertising and active against Google’s tracking tricks. FOSS FF is conspicuous by its absence there, how strange.

A closed source browser cannot be a FOSS advocate. That is called grifting.

Check out Jon’s interview with Linux reps and why Manjaro and FerenOS use the ‘ClosedSource’ Vivaldi currently as the default Browser, other distros will surely follow.

Distributions that care about reputation and privacy do not switch their default shipped browser to closed source or Chromium based ones (except Ungoogled Chromium). Many Manjaro users changed their distros over the Vivaldi move, or removed Vivaldi altogether. It is not accepted in the FOSS community, especially amongst Arch users (which Manjaro is based on).

@Zerush
link
fedilink
16M

You are free to use FOSS and continue to be driven by Big Tech to finance it, if you think this is better. I care more about the ethics towards the user and TOS/PP of the product I use, worse in Mozilla than in Vivaldi. Worse in American products than in European, much worse. All the tracking APIs of Google, FB and others are FOSS, the worst malware is too, Google and MS itself have the most extensive catalog of FOSS and there are still those who believe that FOSS is a guarantee of freedom, privacy, security and ethics. No, it is not at all, perhaps it is for some individual apps or to share new products and developments, which is in browsers, in a market saturated with them completely irrelevant, in these other factors count.

Cheers

Well, that logic also leads to Tor network being DARPA funded, and Mozilla being Google funded, and Tor Browser being Mozilla Firefox based. Do you not use Tor for communications at all?

Likewise, Vivaldi uses Chromium code, made by Google. Does that not make it unethical, since Google serves as the AI of US military drones that bomb people?

Likewise, the food that is produced has plenty closed source machinery and software involved, and not 100% processes are ethical. Why not grow your own food entirely? Oh wait, the fertilisers you want to buy may also not be 100% ethically produced or shipped.

Idealism debates go in more directions than you think. Eventually, you and I have to work with realism in mind, and that is the only thing that matters at the end of the day. Virtue signalling, even for oneself, does not work that well when you get into more nuances than you calculate for.

@Zerush
link
fedilink
16M

No, I don’t use TOR, it’s not really more anonym in the ordinary web than other browsers, it’s only slower and less secure. Certainly Chromium is made by Google, but as OpenSource, the script can be modified, well as degoogled Chromium or let the user decide which Google APIs need and which not in the settings, as Vivaldi do, because there are also users which need some services for their work. A lot of online services and profesional sites need services que offers Google and which don’t have valid alternatives. Because of this, also Gecko use them, but you have to modify the script to eliminate it, in Vivaldi you can do it in the settings or at least in flags. As you can see, FOSS have advantages for devs, but not so much for a normal user who need certain features for his work, study or activities. Privacy and security has nothing to do if te product is FOSS or not. The normal user need a good tecnical support and devs which respects the need of the user (most features are added by request made by the users in the community of Vivaldi where the devs and even von Tetzchner itself particpate). Nothing to do with the habits of Big Tech and prefab FAQ pages as support, or implement or rest functions, without consens of the users, as FF do… Where are here the advantage of FOSS over a product OpenSource who use 5% auditable and customizable by the user but proprietary code?

@TheAnonymouseJoker
link
fedilink
1
edit-2
6M

https://www.cactusvpn.com/vpn/is-tor-safe/

I am not going to hear opinions from a VPN seller on Tor onion network. This is just bad. Moreover, CactusVPN is nowhere near a reputed VPN provider.

Certainly Chromium is made by Google, but as OpenSource, the script can be modified, well as degoogled Chromium or let the user decide which Google APIs need and which not in the settings, as Vivaldi do

Likewise Firefox has no issues, and user.js functionality does not exist in other browsers. Therefore, no hardening is possible on those, and Manifest V3 implementation ensures gorhill’s recommendation is true.

Gecko use them, but you have to modify the script to eliminate it, in Vivaldi you can do it in the settings or at least in flags

This is false. Vivaldi cannot be hardened.

Privacy and security has nothing to do if te product is FOSS or not

This is BAD. I will prefer stopping the discussion here. This is straight up GrapheneOS community tier reasoning.

I will warn you responsibly though. You have fallen for Vivaldi’s marketing, hook, line and sinker.

@DerPapa69
link
fedilink
247M

Thank you for all the work you do!

Dessalines
mod
admin
creator
link
fedilink
177M

No probs!

Mossy
link
fedilink
207M

I downvoted and reported as many posts as I can, I don’t know how much that helped but it was good to check back a couple hours later and see that the trolls’ posts had been removed

Dessalines
mod
admin
creator
link
fedilink
117M

Thank you for doing this o7

The brigading is really unfortunate and thanks to the admins for doing all the work to contain it. As Lemmy grows in usage requiring email verification may be unavoidable, but hopefully having a registration application will do the trick in the immediate term. Something like this was bound to happen sooner or later, so at least this is a useful test case for how such brigading and spam can be addressed going forward.

@stopit
link
fedilink
147M

No worries. I have seen surprisingly few of these types of posts, so you’re currently doing something better then other alternatives and I appreciate your efforts to make things even better.

CHEF-KOCH
banned
link
fedilink
14
edit-2
7M

You do not need to apologize for actions of others, you did your best and you found a solution for this issue which is what at the end counts.

Lemmy does lots of more work than most other platforms I know, admins and mods are often very fast and helpful + resourceful.

My idea was to introduce some sort of reputation based system but the problem is, that bots maybe could abuse the system to upvote themselves to get some sort of credit or reputation, call it what you want. Most boards use captchas and eMail verification systems to workaround this. Maybe an option would be to enable captchas for users who have below x posts as a middle ground, lets say 1 captcha per new submission until you have 5 posts in total.

Edit

After thinking about it, another system without reputation or captchas or emails would be to hold back posts until someone has 5 posts and let the Mods, Admin approve it first.

@obbeel
link
fedilink
107M

Reputation would just turn this into Reddit, where you can’t do anything or interact unless you use a single account or post what Reddit would like you to post.

CHEF-KOCH
banned
link
fedilink
37M

Yeah I updated my statement, gave an example. Up until 5 posts. I think that is okay as a middle-way. The system is not meant as competition system or to farm something.

The Lemmy devs have already decided that karma is just a bottomless pit that just harms users mental health, so it’s highly doubtful we’d ever have a reputation system be introduced, as that’s literally the same thing.

Also, captchas can be preventative to people with certain disabilities, so introducing them (I believe it would be reintroducing, actually) would contradict Lemmy’s disability-inclusive culture. As well, email verification wouldn’t work for people who would prefer anonymity. And nefarious users could just use a spoof mail account, so the introduction of required email account verification would really only harm privacy-focused real users, and do nothing to prevent trolls. Also, while on the subject and though you didn’t mention it, we don’t ban IPs because some VPNs reuse them for multiple people. So banning the IP of a troll might also cause the ban of real users.

Dessalines
mod
admin
creator
link
fedilink
87M

These are my thoughts on email too. Using throwaways is so easy for trolls, and legitimate users now have a privacy concern since a lot of the “legitimate” email services are really invasive.

@Akimoto
link
fedilink
127M

Doing registration form with manual approval is a good first step. My 2 cents is you could also implementing an invite based registration where users are allowed to invite their trusted friends.

Similar to how reputable private trackers works. There is form registration, interview, or invite from existing members. If existing member invites too many leechers, the current member will get a warning and ban eventually. This system is mostly working for private trackers so far.

Salamander
link
fedilink
57M

Are the invite systems usually e-mail based? If so, it would be cool to be able to generate 1-time use codes to invite friends, so that providing an e-mail is not required.

@Akimoto
link
fedilink
57M

Absolutely, have a code based invitation would be more privacy focused.

@analbeeds@fapsi.be
banned
link
fedilink
-3
edit-2
7M

removed by mod

I think having more admins from more time zones is the best solution, then e-mail verification and then having to fill out a form because it takes time to be reviewed and it takes more time from me because i have to write shit and anyway i can lie.

Salamander
link
fedilink
107M

Thanks a lot! I have implemented this in my instance too. This past week I was also saw several accounts being created to post ads.

@Echedenyan
admin
link
fedilink
107M

What does a person need to apply as admin or moderator? (this last one in general communities driven by admins or thought at site level like asklemmy)

@AgreeableLandscape
mod
admin
link
fedilink
15
edit-2
7M

This is just my opinion. Applications are reviewed on a case by case basis and is up to a vote by the existing admins.

Must haves:

  • A history of quality activity on Lemmy.ml or another instance we federate with, such as amicable discussion, links to reputable web resources, etc.

  • Frequently online. I’d say at least once a day is ideal, but I also understand that you’re a volunteer, and will reasonably have other things going on where you might be missing for several days or otherwise intermittent at times.

  • An interest in helping to develop the Lemmy community and ecosystem.

  • No recent violation of instance rules or Lemmy project code of conduct.

  • Is not currently banned from Lemmy.ml on another account.

Optional but could help your application:

  • History of reporting rule breaking content, particularly spam.

  • Has participated in discussions on Lemmy development or the the direction the Lemmy community is going.

  • Already a moderator of a community, or an admin on another instance (we will use your moderation history to assess your application).

  • Activity on the Lemmy Matrix rooms (please Link your Matrix).

  • Activity on the Lemmy project GitHub or other source control site that Lemmy is on, either as a code contributor or making/discussing pull requests (please Link your GitHub/other source control website).

It would also help to specify your time zone and the languages you know.

@Echedenyan
admin
link
fedilink
9
edit-2
7M

Must haves:

  • To check by you if my history is enough
  • I connect to Lemmy.ml three times a day at minimum to read mostly.
  • Yes, I have. I use to try to even promote Lemmy here but it is difficult given the main focus in English content (by now).
  • To check too.
  • No

Optional:

  • To check as I don’t track myself on that since recently.
  • I think I can say that I did and do.
  • No, never thought on applying until now. I was not sure if I could hold the responsibility.
  • I am not in Lemmy Official Matrix room(s), I only helped to mount the unofficial spanish one ( https://matrix.to/#/#lemmy-es:mozilla.org ) and my Matrix account is @echedeylr:mozilla.org.
  • A little but my account is https://github.com/EchedeyLR.

Timezone: one less than Nutomic’s one

Languages: Spanish and English (not native, B1 certified)

@AgreeableLandscape
mod
admin
link
fedilink
37M

I’ve forwarded your application to the admin Matrix room, thanks!

@Echedenyan
admin
link
fedilink
47M

Thanks to you too.

Must haves:

  • My 2 year old history with 1600+ comments is up for everyone.
  • Online twice a day. Also, active communication with users.
  • Have put myself on the frontlines multiple times. See soferman incident as example. https://lemmy.ml/post/69058
  • I have repeatedly stopped many incidents from happening.
  • I use zero sockpuppets and actively advocate against them, and have expertise in identifying sockpuppets via my stylometry, OSINT and OPSEC skills.

Optional:

  • Active moderator of c/privacy and c/technology, also c/privatelife
  • I contribute via comment suggestions and sometimes even modmail, to help improve Lemmy. This goes hand in hand with putting myself on the frontlines, and putting myself at risk in between crossfire.
  • I report a lot of issues and actively moderate reported posts and comments.

I am from India and I speak Hindi and English, so I can serve not just a wide timezone gap, but moderate a different kind of audience as well, compared to non-Indian foreigners here.

@AgreeableLandscape
mod
admin
link
fedilink
27M

Forwarded, thanks!

Dessalines
mod
admin
creator
link
fedilink
37M

For admins, you can express interest here, and we’ll look them over.

cc @k_o_t@lemmy.ml @AgreeableLandscape@lemmy.ml @nutomic@lemmy.ml @kixiQu@lemmy.ml

@AgreeableLandscape
mod
admin
link
fedilink
3
edit-2
7M

I provided my two cents!

Lionel C-R
link
fedilink
107M

Also,it would be nice to have some sort of moderation/ban federation to avoid having to do the work on each instance.

I’m sure it’s easier said than done but would be very beneficial to the project and community.

@seahorse
link
fedilink
87M

I second this. If someone/something is banned and removed from an instance it shouldn’t still be visible on a linked instance. If this isn’t already a pending feature request I’ll happily make one for it.

Dessalines
mod
admin
creator
link
fedilink
67M

I think there is an open issue for federating bans. Once @nutomic@lemmy.ml gets some time he said it wouldn’t be too difficult.

mtumishi
link
fedilink
107M

After upgrading to 0.15.1, I activated the signup form. I haven’t had to deal with the daily trolls. Not ideal but it helps.

Tmpod
link
fedilink
87M

Thanks, I’ve done the same over on lemmy.pt. Hope this helps :)

Thanks for this. I’d stick to the It’s FOSS channels if I wanted to see loads of fascist crap 🤣 Love being on Lemmy!

Lemmy Announcements


Feel free to announce new communities here.

Other than that, this is reserved for admin use only.

  • 0 users online
  • 1 user / day
  • 9 users / week
  • 47 users / month
  • 249 users / 6 months
  • 16.8K subscribers
  • 361 Posts
  • 2.99K Comments
  • Modlog