 Well well well if it isn't cryptocurrency spam coming from the biggest, open instance on the #Fediverse. 👀 I wonder if this is at all related to challenges with moderating an instance of *checks notes* 200k active accounts? Or with moderating new accounts on the only instance actively promoted in the official apps? :thinking_rotate: Thankfully we can always defederate! What's that? It's the biggest instance so there are real concerns about a lot of people losing connections? Whodda thunk it! 202 comments
 @rysiek@mstdn.social the only true solution is deleting or defeding from mastosoc. The size of mastodon.social means that it is hard to moderate current accounts there. The fact that it is promoted as *the* instance by the official apps, combined with the fact that in the public mind fedi is Mastodon, means it's difficult to effectively moderate new accounts. And its size also means that bad actors are not compartmentalized into small, manageable groups on defederate-able instances. This is bad. There was this blogpost I wrote about this huge instance issue, but maybe I should not toot (ha!) my own horn? Ah screw it, seems on-topic and important: The size of mastodon.social is breaking the moderation story of the #Fediverse. Moderation on fedi relies on: 1. instance admins and moderators being able to manage bad actors on their own instance; 2. instance admins being able to silence or defederate from insufficiently moderated instances. Mastodon.social's size and the speed new accounts are set up there means that 1. is very difficult. The size of m.s. and the clout of some of its users means 2. is a hard decision. @rysiek Seriously, who cares about clout? If people want to follow clout then they can join dot social and leave the outside fediverse. Defederate from dot social and let Website Boy have his own personal Twitter. @cutieofchaos clout in the sense of "a lot of people from other instances are following and engaging with them." It's not about some power thing. It's about a social network being social. @rysiek This is the same reason people give over not defederating from Free Speech instances. It doesn't matter. People will move to another instance. Just because this is a form of social media doesn't mean you need to swallow all the trouble instances. Dot social has become a trouble instance. It needs to be cut off. @rysiek  @faduda definitely time to start thinking about it and telling people on m.s it's time to move — or find themselves stranded at some point. Everyone describes the fediverse as similar to email. What would happen if Yahoo refused to send emails through to Gmail because they are too big? Does everyone need ten emails? Some people feel more comfortable on small instances where they feel seen. Some feel more comfortable on a large instance where they blend into a crowd. Let's focus on moderation as the issue and not make people feel guilty for choosing a large instance if it's where they feel most comfortable. > Let's focus on moderation as the issue and not make people feel guilty for choosing a large instance if it's where they feel most comfortable. The problem is, as I have stated repeatedly in this thread, that the size of mastodon.social makes the moderation problem much, much more difficult to deal with. And in the context of the spam attack that started this thread — third in 10 days, all coming from mastodon.social! — the size of mastodon.social *is* the moderation issue. Understood. But think of it this way-- you have people like Neil Gaiman on m.s. with 250k followers. I imagine a good amount of those are not on his instance. You cut him off, and what happens? Do those followers go make an acc on m.s to keep following him, making it even bigger? Does Neil make an account on a smaller instance that very likely can't handle that type of influx?   @rysiek It also relies on having enough tools, like mastodon moderators/admins are helpless when spam waves aren't centralised on a single instance but instead use a bunch of different open-registration servers or a spam software directly targeting ActivityPub.
@pacanukeha yes it does, but that's externalizing the moderation cost to literally all other instances. And also raising this cost substantially, because now every single other instance has to take action on a bad account, instead of just the originating instance.  It's got to be stopped, and it will only get worse the more it grows. I've been keeping an eye on the meter at https://instances.social/mastodon.social and it currently shows mastodon.social as 13.8% of all Fedi users. I know it will be painful for people to defederate from 1 in 7 users, but it will be a lot less painful than 1 in 4, or 1 in 2, or wherever it is heading for on the current course. @FediThing I wonder if a coordinated one or two day temporary defederation from m.s by a lot of other instances, announced ahead, would provide enough of a shock to the system for this to start getting fixed? Yeah, might be worth considering! I'm waiting for the next update of the official app to see if they fix the onboarding. If they leave it as it is, with m.s still promoted as the main way to sign up, that will say a lot about their intentions (IMO). @FediThing wait, did they mention they are considering removing m.s as the blessed default?  @rysiek @FediThing I think a coordinated mass limiting (i.e. "silencing") for a one to two week period might be enough of a shot across the bow without inconveniencing too many users who are caught in the cross fire without being really aware of the issue. Because of their size/default instance for the official app etc. I feel like limiting is the best near term step. Leaves defed as a final option if things continue to go south. @rysiek @FediThing because a portion of this is a political issue, the coordination should include educating/informing the general population about what is happening, what changes they'll experience as a result, what the goals are, when it will resolve (or escalate if not addressed.) Otherwise we may just drive a bunch of people back to Birdchan/Bluesky because they suddenly lost 1/3 to 1/2 of their followers/following. Yes, definitely. Mastodon gGmbH is setting up lots of unwitting users for a nasty shock, it's very irresponsible of Eugen to play "defederation chicken" like this. Maybe we could take a model from real life industrial disputes, where strikes are brief to begin with and become more frequent if the management refuses to talk? @FediThing @rysiek yep. Exactly. While I think that all who are concerned about the current direction are totally in the right, I think it's important to consider how it plays for what is now a large part of the Mastodon user base who doesn't know/doesn't care, and at least make some attempts to bring them along. Reach/teach those that are reachable/teachable anyway. Some still won't care, but at least an attempt can be made. @mrbitterness@exile.social @rysiek@mstdn.social @FediThing@tech.lgbt  Defederation should be a nuclear option only for virtually unmoderated servers in my book. Blocking larger servers doesn’t do any good, doesn’t encourage users to migrate or set up own servers, and seems self-defeating. Better would be help mid to smaller servers do better distributed outreach and onboarding and teach users on big servers the value and ease of moving to smaller servers. And I say this as an admin of a small/medium server.  @tchambers yeah, that's my concern. let's say that everyone does defederate m.s and people do spread across smaller servers, but after some time one of those grows in size and gets hit by a similar wave of spammers. do we repeat the same thing over and over, further fracturing the Fediverse? at some point most people will grow tired of it.  @rysiek @campuscodi it seems unsurprising that a system whose abuse prevention is closely modelled on email turns out to have many of the same flaws as email. Yeah, it's like they don't even bother to check accounts.....cause that is probably too hard and confusing for people. So they make themselves the default onboarding but don't even want to check accounts out........ And the rest of us get spam posts now. Thanks mastodon.social......dickheads. @codesmith @rysiek those are rookie numbers. It needs at least 5 more buzzwords or it will never take off. @rysiek I received the same airdrop message from another mastodon.social account, also with lots of numbers: https://mastodon.social/@ansannigar19794350 @rysiek if you look at their status page, they seem to be aware and are taking action. It does take time to respond to something like this wherever someone strikes from. @rmflight this is the third time in a few weeks this "hit them", and saying it "hit them" makes it seem like it was unexpected and surprising. It was not. It was completely predictable, based on the size of m.s and the fact that it is being actively promoted as the "default" Mastodon instance. Check the very link you sent. May 4th, May 12th, and today. @rmflight the bottom line is: mastodon.social is too big for it's own sake, and too big not to be a risk for the rest of fedi. Other instances already started silencing it or outright defederating from it, because of the amount of work these spam waves bring to every other instance admin out there. This is a good moment to find a new, smaller instance, and move. The more instances defederate from m.s the harder a move will become.  @rysiek Perhaps someone could create a bot that replies to all crypto scams with links to Coffeezilla videos?  @rysiek It's a shame that in Eugen's attempt to grow Mastodon, he's creating the very vulnerabilities that siloed social media has. That and subjecting the rest of us to those risks. This is hedging into the role of dictator. "I am going to change your online experience but I won't bother asking you first. Because I own this instance and don't really care about the collateral effects..." @rysiek @toxomat check the replies to this thread and see how many people got that spam. This thread is proof this is already a nuisance to users. > People *should* be encouraged to join a big instance by default so they can get onboarded quickly. Yes, but they are encouraged to join *the* big instance. We can have a better onboarding process without creating a single point of failure in the network.  @rysiek We need to recognize that as we grow there will be bad actors out there probing our weaknesses and trying to break our systems of moderation. Like all complex systems, we have vulnerabilities at all levels and the means of addressing these are with vigilance and active counter measures. Technology alone can help, but it is not enough. @rysiek What we need is cooperation and a rich arsenal of response to attacks. Certainly mastodon.social as the Gothem here has a key role to play, but just saying the problems are because it is a big city, and the solution is to have no big cities, is too simplistic and ignores that you need effective measures for enforcement of community standards throughout the social fabric.  @rysiek @pearlbear do you have an idea beyond closed registrations for detecting & handling spam? Because these attacks are constantly evolving, and a lot of people are working hard to fight back the attacks & fix federations to propagate suspensions quicker too — defederating can't be the answer because then the attacks will just move to other instances. @thisismissem let's start with closed registrations on the biggest instance out there, which happened to be the source of three major spam attacks over the last 10 days. I'd like to see a fedi where the biggest instance is no larger than 5% of the active accounts; m.s currently is at ~13%. That's simply dangerous. Defederation is not the solution, but it is sometimes necessary with badly moderated instances. @rysiek I've been here since 2018 and I personally see a lot less spam now than I did in the beginning. I see zero spam now due to a lot of blocking and filtering. I can't remember the last time I saw crypto spam. And, FWIW, I never see hate speech or illegality here. I haven't had to report a post in years. That's just my two cents, actual worth will vary. @rysiek @rysiek Automated blocks, like every other method of thwarting spam, leave a window where spam gets through. The "time is limited" part might signal to an algorithm that something is up. Human eyes would see it but 24/7 eyes on every post is unlikely & probably unwanted. An algo that flagged it, and a section for Potential Spam would leave it up to the user, and provide a way for attention to be drawn to it. Might get more reports and thus get into automated blocks for all servers sooner.  @rysiek Right now, with all the talk going on in this thread, it is making me afraid I may soon be forced to switch Mastodon Instances over some #cryptospam that was going on, and I have been on mastodon.social for around a year. Even though I could move the list of who I'm following along with my small mute and block lists over to another instance, I currently have over $1,400+ posts that aren't able to move. @rysiek to add to this thread I'm currently on mastodon.online and very much considering moving. I've tried to contact the staff of this instance multiple times over the last year (using the email address) and never got a single reply. The two main instances are to be avoided at this point because I don't believe they're being managed properly moderation wise. @rysiek   @rysiek Coping with a bit of spam is preferable to facilating the overthrow of society. Have some perspective.  @rysiek |
Gregory's Server
@rysiek time for GFNet
Gargron-Free Network