This should help us cut down on the trolls. We recommend other instances do the same, because they will likely be targeted also.
I apologize for all their gore-posts as well, no one should have to see that. We’ll try to look for more admins from different time-zones as well to get them faster.
The two other possibilities we have currently as options, are turning on required email verification, and as a last resort, closing signups. I personally would rather not do either, but they are options.
Many thanks to @k_o_t@lemmy.ml and @AgreeableLandscape@lemmy.ml for banning those trolls.
Can you set it up so that we can invite friends with referral links (a la mastodon style) and it bypasses the application requirement? Maybe we have to apply to get the referral link activated.
Invite only instances would be also nice for self-hosting.
Not opposed as long as someone else codes it lol. I’m a bit swamped.
Fantastic idea! I actually never thought about this, this could probably be done fediverse-wide.
Perhaps to avoid this type of user, a pre-school intelligence test would suffice.
I disagree. The far right users that chose to brigade Lemmy are not dumb, instead their moral compass is screwed up. Trolling requires smartness, even if the bait content itself is not a proof of intelligence.
I’m not talking about trolls, I’m talking about Nazis and these guys with fixed ideas, by definition, are never luminaries, less if they are simple guys and not rich people, the latter almost always only sympathize with fascism, because it is the political orientation that most favors the savage capitalism that favors them.
For the rest, the waving flags with the svastica tattooed can be seen as follows https://i.imgur.com/kqHNjpv.gif
You did not need that GIF to tell me the nature of so many people. They are easily identifiable for the most part, so it is not that big of a deal. What we simply need is vigilant and educated users, and Lemmy does have that. Think of the audiences that will never come here permanently – Reddit NSFW users, Gab/Dissenter users, Kik/Omegle/Chaturbate users, /pol/ users (and typical chan users in general).
The majority of users in any herd are followers, that is how the leader concept works. So them having fixed ideas is again not the main concern. It just creates a sheep army, and they can all be defused in the same capacity they come. You find the origin and understand that so more future shepherds get discouraged, and therefore less sheeps mobilise.
Agree with this, naturally requires vigilance. But these, trolls, spamers and similar fauna, cannot be avoided by adding an email to the registry. Spammers can perhaps be avoided by simply waiting an hour before sending the registration confirmation, since spammers often use temporary emails that expire earlier.
Now is not the time for it. Probably after Reddit goes public and crashes into an endless void, when the influx of users come here, after that phase things might change a lot. Lemmy needs to grow and become more significant in the mainstream.
A platform that forcibly asks for emails or other identifiers is suicide at this stage for a platform that also advocates FOSS, federation, modlog transparency and great civillity. Reddit does not do it, and there is still a lot of meaning to the anonymity they provide, despite being a giant platform.
Reddit and anonymity? 🤣 Reddit even pass user data to Facebook and worse, TowerData, the last even uses keylogger.
https://themarkup.org/blacklight?url=reddit.com
Data to
https://themarkup.org/blacklight?url=Neustar.com
and
https://themarkup.org/blacklight?url=TowerData.com
This mean, all big tech nows the data from reddit users
I have not needed to allow Facebook or other 3rd party domains with Reddit, so I am unsure. Same goes with keyloggers. Keylogging and 3rd party tracking is a problem for people who use Chrome without ad blockers. Anyone who uses any half decent adblocker (even ABP) or Firefox does not have these issues.
I downvoted and reported as many posts as I can, I don’t know how much that helped but it was good to check back a couple hours later and see that the trolls’ posts had been removed
Thank you for doing this o7
You do not need to apologize for actions of others, you did your best and you found a solution for this issue which is what at the end counts.
Lemmy does lots of more work than most other platforms I know, admins and mods are often very fast and helpful + resourceful.
My idea was to introduce some sort of reputation based system but the problem is, that bots maybe could abuse the system to upvote themselves to get some sort of credit or reputation, call it what you want. Most boards use captchas and eMail verification systems to workaround this. Maybe an option would be to enable captchas for users who have below x posts as a middle ground, lets say 1 captcha per new submission until you have 5 posts in total.
Edit
After thinking about it, another system without reputation or captchas or emails would be to hold back posts until someone has 5 posts and let the Mods, Admin approve it first.
The Lemmy devs have already decided that karma is just a bottomless pit that just harms users mental health, so it’s highly doubtful we’d ever have a reputation system be introduced, as that’s literally the same thing.
Also, captchas can be preventative to people with certain disabilities, so introducing them (I believe it would be reintroducing, actually) would contradict Lemmy’s disability-inclusive culture. As well, email verification wouldn’t work for people who would prefer anonymity. And nefarious users could just use a spoof mail account, so the introduction of required email account verification would really only harm privacy-focused real users, and do nothing to prevent trolls. Also, while on the subject and though you didn’t mention it, we don’t ban IPs because some VPNs reuse them for multiple people. So banning the IP of a troll might also cause the ban of real users.
These are my thoughts on email too. Using throwaways is so easy for trolls, and legitimate users now have a privacy concern since a lot of the “legitimate” email services are really invasive.
Reputation would just turn this into Reddit, where you can’t do anything or interact unless you use a single account or post what Reddit would like you to post.
Yeah I updated my statement, gave an example. Up until 5 posts. I think that is okay as a middle-way. The system is not meant as competition system or to farm something.
Doing registration form with manual approval is a good first step. My 2 cents is you could also implementing an invite based registration where users are allowed to invite their trusted friends.
Similar to how reputable private trackers works. There is form registration, interview, or invite from existing members. If existing member invites too many leechers, the current member will get a warning and ban eventually. This system is mostly working for private trackers so far.
Are the invite systems usually e-mail based? If so, it would be cool to be able to generate 1-time use codes to invite friends, so that providing an e-mail is not required.
Absolutely, have a code based invitation would be more privacy focused.
Thank you for all the work you do!
No probs!
Unless you can get everyone else on your shared instance list to do the same this is pointless. Look I just made this user on another instance that required email verification. I used a temp email service and am able to post what ever I want here.
You should instead have a period the user has to wait before posting so that you can have a night sleep without worrying about trolls flooding your site.
All of the accounts that were posting in the event were two days old. Having a wait time doesn’t help there.
No, thats not true. They were mostly freshly created and spamming within a few minutes.
The brigading is really unfortunate and thanks to the admins for doing all the work to contain it. As Lemmy grows in usage requiring email verification may be unavoidable, but hopefully having a registration application will do the trick in the immediate term. Something like this was bound to happen sooner or later, so at least this is a useful test case for how such brigading and spam can be addressed going forward.
No worries. I have seen surprisingly few of these types of posts, so you’re currently doing something better then other alternatives and I appreciate your efforts to make things even better.
Thanks a lot! I have implemented this in my instance too. This past week I was also saw several accounts being created to post ads.
Thanks for this. I’d stick to the It’s FOSS channels if I wanted to see loads of fascist crap 🤣 Love being on Lemmy!
I think we need a new permission-level that allows a user to delete comments and ban other non-admin users, so we can have more “site-mods”, without substantially increasing risk of someone doing something undesirable with their power.
Maybe admins need “superuser” status to see / edit the site-config?Admins could also tweak
register_per_secondandregisterparams@dessalines@lemmy.ml what about allowing federation on an allowlist-only basis?
Imo its not necessary to go back to allowlist yet, and I’d rather add malicious instances to our blocklist. We’ve only had to add like 2 so far, but can easily add more.
I think having more admins from more time zones is the best solution, then e-mail verification and then having to fill out a form because it takes time to be reviewed and it takes more time from me because i have to write shit and anyway i can lie.
