Follow

an appeal to the fediverse regarding anti-abuse 

Dear fediverse:

Fascism joining the fediverse is extremely bad, and we have to do something about it. But please, please, please: give me two weeks before you roll out any new solutions. Some of the solutions being proposed look like they will make the situation better but will make it much worse.

I am dropping nearly everything to write a demo and spec explaining how to do things right. Please give me two weeks. I've been preparing for this.

an appeal to the fediverse regarding anti-abuse 

As a hint as to why the current solutions aren't going to work, I'll point you to what happened when Mastodon rolled out direct messages with OStatus, but they *weren't really* private messages. An admirable attempt but it needed a different approach.

I believe this could be like that, but 10x worse. I've been studying what will happen under different approaches and trying hard to figure out how to map a solution onto what we have.

an appeal to the fediverse regarding anti-abuse 

Btw, I want to say that I'm not trying to say all this to crap on the hard work that people have been doing to try to do something for this. I've seen @Thib's PR, I know they've worked hard on it, even though I don't think it's the right approach.

The fact that the fediverse is trying and trying hard is a good sign. But I want us to roll out the right thing.

re: an appeal to the fediverse regarding anti-abuse 

@cwebber move deliberately, break as little as possible that should remain unbroken :blobpats:

re: an appeal to the fediverse regarding anti-abuse 

@djsundog Yes, one reason it has taken me so long to write this up is figuring out a path forward that doesn't require boiling the ocean of the current fediverse deployment. I think I have it now.

re: an appeal to the fediverse regarding anti-abuse 

@cwebber I look forward to seeing your ideas get developed and disseminated - thanks for all the thought and effort you put into getting things right.

an appeal to the fediverse regarding anti-abuse 

@cwebber Speaking as director of a group that's whole point is helping folk in really oppressive places talk, I agree with your concerns. Obviously I can't endorse your plan since I haven't seen it, but I'm similarly urging caution.

an appeal to the fediverse regarding anti-abuse 

@emsenn @cwebber same, that's why we stopped some of the things which were almost coming through on our end.

There's both technical and social aspects to take into account here, and while I feel like we're doing pretty okay in the social, the technical need to be well thought through and paced.

Yes there is a sense of urgency, but we've known this was coming, we can wait a little longer if it means doing it right

an appeal to the fediverse regarding anti-abuse 

@cwebber what are their solutions that you find bad?

an appeal to the fediverse regarding anti-abuse 

@wilkie @cwebber more signatures, more metadata leakage, continuation of the authentication as authorization regime

an appeal to the fediverse regarding anti-abuse 

@kaniini @wilkie And it isn't obvious to people why this is bad. At first glance, it *looks* good; for some things it's fine: we can block a Gab or two, but anyone can start a new instance. Eventually we endi up at fediverse nation-states with border patrol guards, or a whitelisting of instances, which quickly results in defederation. Other problems but I'd have to refer to the literature.

A "network of consent" approach is the alternate option.

an appeal to the fediverse regarding anti-abuse 

@kaniini @wilkie On top of that, there are things the network will *no longer be able to do* that are exciting, cool futures if we go this route. Not only will the network degrade, we'll lose the opportunity to grow in ways that are very interesting, to be able to do the kind of rich interactions that aren't even possible on contemporary centralized social networks.

an appeal to the fediverse regarding anti-abuse 

@cwebber @kaniini for me, I often think "is federation the actual goal or is it a consequence of a technology" and for the technical folks it seems to be one thing and for users another

an appeal to the fediverse regarding anti-abuse 

@wilkie That's probably a really hard question for @cwebber to answer, since it'd involve talking about his plan that, as he said, isn't ready.

So I'll try and answer: One issue is they would like to cryptographically-ensure that a communication is proper, which means that the more targeted your server is by harassment, the more costly it will be to continue operating. Another is that it doesn't allow a similar autonomy of moderation as is current.

an appeal to the fediverse regarding anti-abuse 

@emsenn @wilkie @cwebber yeah, i'm really worried about the message encryption proposals incurring O(n^2) costs that are easily DoSable

an appeal to the fediverse regarding anti-abuse 

@emsenn @wilkie @cwebber if you give me a sec, i can show you an example of a proposal someone on here put forward in response to gab that seems reasonable at first glance but actually has some glaring holes

glad you're thinking about this carefully, chris

@emsenn @wilkie @cwebber Please elaborate on the autonomy of moderation point. What do you mean by that?

@Gargron If I understand it right - which I very well might not:

Current discussions of OCAP provide the tools to instance moderators, but don't provide similar tooling for users.

Right now, as I understand it, users can do most of the moderation action moderators can, relative to their own profile: they can autonomously moderate their profile even if their instance doesn't do moderation.

(Again, I could be wrong in understanding how things are or could be.)
@wilkie @cwebber

@emsenn @wilkie @cwebber I don't think that's quite right. Now, I don't know which "some of the solutions" Chris is talking about, because I'm aware of what I'm proposing (authorized fetch, same mechanism as already used for inbox deliveries) and what kaniini is proposing (OCAP), and I am under the impression that Chris's solution is OCAP too. But neither of those would affect any existing self-moderation mechanisms.

@Gargron I didn't think current moderation tools would be changed. As I understand it, kaninii's OCAP is focused on interinstance moderation, not a user moderating their own profile with it. That's my concern: that I will be reliant on my instance admin to handle any abuse that needs to be addressed with OCAP. As I understand it, Chris' solution is OCAP as well, but more generalized so can be an inter-user tool just as easily. (Again, I could be wrong about all this.) @wilkie @cwebber

@emsenn @gargron @wilkie The ways @kaniini and I have currently proposed using ocap stuff are a bit different, though they have overlap. I think it'll be clearer how they can converge once I put it out though.

Poor @cwebber announces he's dropping everything to work on a thing and by nature of doing so gets a bunch of folk beeping to ask about the thing he hasn't finished working on. Bless instant global communication. @Gargron @wilkie @kaniini

@cwebber @emsenn @Gargron @wilkie
The pattern @kaniini published as "Lice" some time back addresses instance moderation only. They've hinted that subsequent work is vastly better and that code, if enabled, would break federation with Mastodon

There's a broad range of philosophies on the fedi largely centered on personal autonomy, especially wrt labor. This is a good time to be mindful of that common bond

@cwebber @emsenn @Gargron @wilkie @kaniini Yeah I will be really interested to see where y'all land. I'll get it integrated into go-fed. The last time kaniini and I were able to have a solid chat was exactly about this OCAP kind of stuff and the differences between proposals.

@cj @cwebber @emsenn @Gargron @wilkie @kaniini

Maybe somebody or two could get a proof of concept or two deployed where other people can test them?

@bhaugen
Thanks. In a few months I'll have a good base for testing, but I do have to finish the damn thing. If my day wasn't already shot by a virus, I wouldn't be near this conversation

The lack of communication has been frustrating, but I understand enough for now and I'm behind on my own work
@cj @cwebber @emsenn @Gargron @wilkie @kaniini

@yaaps @wilkie @Gargron @emsenn @cwebber @cj @bhaugen

hehe I'm mostly in a holding pattern right now waiting on cwebber to bring it all together. but we are close!

@emsenn @wilkie @cwebber OCAP as well as authorized fetch are primarily about how to allow/disallow another server to retrieve public data from yours, specifically in the case of domain blocks.

Personal blocks, mutes, filters and the rest operate on a logically higher level than that.

@Gargron Ahh so OCAP is not used to forbid/permit an individual but a domain? I had thought that was dependent on implementation, not an intrinsic quality of the feature.

I think it's clear the one thing I was right on is that I don't know what I'm talking about. :D
@wilkie @cwebber

@emsenn @gargron @wilkie ocap on its own has nothing to do with domain-level authority decisions, that's a specific suggestion of how to do something semi-ocap'y for that purpose

@Gargron
The issue isn't the UI for individual tools, but the effectiveness of such tools in an environment where the server administers keys and shares data without regard for scopes on the remote. Discovering scopes on the remote is a vector for targeted abuse. Individually authenticated access is a DoS risk. OCaps provide the benefits of authenticated fetch with a profile less conducive to DoS
@emsenn @wilkie @cwebber

@yaaps @emsenn @wilkie @cwebber DoS wise, if OCAP generates unique URLs (say, with a token query param), then it's just as uncacheable as authorized fetch, the difference being that a token needs to only be looked up against a local database, and authorized fetch sometimes needing to resolve a remote account through a synchronous HTTP request. However, in most cases only a database look up would be used, and we could also cheat and not do look-ups if the account isn't already known.

@yaaps @emsenn @wilkie @cwebber Regarding what the remote server does internally, I don't think OCAP is going to change anything significantly about that.

@yaaps @emsenn @wilkie @cwebber Let me correct myself: I think OCAP would help some behaviour rules be enforced when otherwise the state between servers is for some reason out of sync, as long as it's a good-willed server. But the point of attack that authorized fetch addresses aren't good-willed servers, but rouge actors.

@Gargron
Thanks

I'm making an argument from lesser to greater first. Even with only instance level effectiveness, the difference means being 2 hops instead of 3 from certain instances

The next step is whether you accept @cwebber's claim to provide a migration path from the current shared inbox to one where these scopes are possible. Worst case, abuses become an enforceable part of the social contact
@emsenn @wilkie l

re: an appeal to the fediverse regarding anti-abuse 

@cwebber @Thib

i think the work Thib is doing is a good bandaid. my problem is that we need to do better than the bandaid. his work is the quick fix, our work is the long fix.

an appeal to the fediverse regarding anti-abuse 

@cwebber Really, my only fear about this is maintainers that don't care to implement.

Like, if I had a steady income stream and wasn't stressed about living, and had some help, I could maybe pull off the effort to write a new implementation with moderation controls as a first concern?

As it is, like, even glitch-soc has problems and frustrations?

an appeal to the fediverse regarding anti-abuse 

@cwebber
thanks for all the time and effort you're putting into this ❤️

an appeal to the fediverse regarding anti-abuse 

@cwebber

The point is: the fascism is not joining the Fediverse, fascism doesn't exist anymore, most people don't even know what fascism was, they confuse fascism with authoritarianism.

an appeal to the fediverse regarding anti-abuse 

@alexl I suggest you to ask Alessandra Mussolini about that and look at the defining features of fascism.

an appeal to the fediverse regarding anti-abuse 

@schmittlauch LOL is it a joke? Please tell me it's a joke

an appeal to the fediverse regarding anti-abuse 

@alexl No, it isn't.

an appeal to the fediverse regarding anti-abuse 

@cwebber I know several researchers trying to reinvent the wheel because they don't like the current Mastodon interface and think it doesn't support moderation. Looking forward to sharing what you write.

@cwebber Thank you! We look forward to working with you and other developers to improve platform safety.

If there is anything we can do to help, let us know!

an appeal to the fediverse regarding anti-abuse 

@cwebber I'm all ears to solutions to the fascist problem. it's already serious enough. I hope you can get it done nicely and it works fine.

re: an appeal to the fediverse regarding anti-abuse 

@cwebber just understand that people will probably hack up whatever they can to solve the problem short-term, and it'll probably be good enough for them that they won't really look at what your proposal is

an appeal to the fediverse regarding anti-abuse 

Sign in to participate in the conversation
Octodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!