- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Context: https://literature.cafe/post/987996
You must log in or register to comment.
This kind of issue is why pawb.social is not open registration. These low effort trolls cause a lot of problems, and i don’t want my server to be responsible for this crap.
Doesn’t matter, you are still effected by this issue since any images from communities you or anyone else on your instance follows get cached on your server, doesn’t matter if you actually looked at them or not. I would advise you to look into this if you are the instance admin and didn’t know this by now.
Correct! I should have specified I mean to prevent our community from being the source of the posts.
I thought it says/should say SCAM. Boy was I wrong…
I don’t get it. Why is this a risk to you? The material isn’t being hosted on your server; your users are just accessing it via your server. If someone accesses illegal content, is their ISP going to be shut down because they provided that user access? No.
When data get cached, then it is being stored on your server. That’s why admins are wiping their caches and images are getting deleted.
Your instance usually downloads a copy of that image to serve faster. It’s not entirely clear cut how this works since it varies, but in this instance the content was cached by pictrs, turning all federated servers subscribed to the community into distributors
If you run a lemmy server, there’s a good chance you’re hosting the content. Servers cache some content, and thumbnails are also generated and cached for external links.
Plus if your server is the one where someone uploaded the content.
Tell it to your local jurisdiction, that gets hot for your data.
I’m sure the dude kicking in your door will understand
(I know this isn’t how Lemmy works and not how the internet works, but fucked dup sheriffs exist the world over)
Here I thought I could create a server and then use that as a instance only to hold my profile where I could then use that to interact across the fediverse
Yeah I have wanted that from day one. I want it to work like mail my identity on my domain that I can bring anywhere, store my comments, posts, subscriptions and that’s it, maybe direct messages or explicitly saved posts. Not every damn post that I read / subscribe.
You can absolutely do that, just make the profile registration private
Is there some guide to it? I was thinking the same!
But the federation issue with CSAM… I don’t want those issues.
deleted by creator
Ok, I think I might be misunderstanding the issue; so it’s more of bad actors rather than a copy of images in cache?
Yes, but people can still browse content from your instance without logging in. There is nothing stopping people from viewing illegal material through your instance.
Section 230 makes this but an issue. It would be like suing the phone company. Especially if you don’t moderate. If you moderate then it can be said what is left had your endorsement. If you don’t moderate, then you are simply a victim of vandalism.
Section 230 is only applicable to the US
Free countries have an equivalent, or else free online discussion space would be impossible. The section 230 compromise is inevitable or the internet would perish.
Bruh I saw that shit. It was fucked up
Please clear your browser cache and take care of yourself in whatever you need to. I am so sorry you had to see it.
Thanks. Can’t unsee it. It was in my app (Memmy), but I should probably clear that cache.
On Android you can long press an app icon to get to app properties (from launcher or app switcher) and look for storage and then wipe cache
This is why federation sucks. It doesn’t fulfill its intended purpose, users are still at the mercy of site administration, and the way it’s structured leaves too many holes for nefarious people to take advantage of. It’s not good for the Internet.
We need a better system.
Why are people like this
Because they can.
And because of trauma, I assume (though I could be wrong).
And it’s easy. Society spends so much time and effort making life easier via improvements like simple image uploading and sharing, so of course some piece of shit will use it for this. Just a few clicks and they’ve created headaches for thousands of people. It requires no ability so the barrier of entry is as low as being the kind of trash that likes that stuff.
Maybe Mozilla could help. I know they’re trying to help make the net less of s toxic place and this is some serious thing.
You can look into Cloudflare’s CSAM setting, but I’m not exactly sure what it does.
I don’t understand how a web host is legally responsible for what their users post as long as there’s active moderation removing it in a timely manner.
FYI in USA the law CDA section 230 only preempts state law but not federal law. If something which is federally illegal lands on your server you need to deal with it ASAP
You are correct, there is safe harbor provisions on the matter. There is a legal responsibility to report and store the content securely when it is reported as an admin.
keep in mind that this does not apply to every country in the world.
It’s like it’s not enough that you deal with all the technical shit, updating to new versions, checking shit out from GitHub, running builds, paying for the goddamn thing, then you are also responsible for babysitting content? Fuck that. Unless you have a good group of mods/admins it is really difficult to do.
That’s why you either sell your users to the advertisers or charge a monthly subscription. Free internet doesn’t work.
The reality of hosting reddit 2.0 is finally starting to sink in.
I can do all of the above, except for police content.
And Reddit of course had unpaid mods to do that.
So like I say, it can be done, you just need the right team of mods/admins for your own server.
Cool, you and your 5 buddies have a great time. Some of us would like to see a viable alternative to reddit who respects privacy, and doesn’t crash every other day.
Fediverse is going to be known as a kiddie porn haven with the level of professionalism and maturity they have with the major servers.
I have yet to see a single problem with Lemmy over months of daily use. An instance may have crashed in that time but I didn’t notice not seeing certain instances when scrolling, and I don’t seek out particular communities. Helps that I’m hosted on a less popular instance, and the lemmy.ca admins seem to run a tight ship.
I block a couple of communities a day, but that seems to be expected. I also haven’t seen any kiddie porn.
Less discussion than Reddit, and less specific communities, but that’s been easy to forgive because well, fuck Reddit.
If an alternative pops up at some point, I’ll be sure to give it a try. Lemmy is doing just fine for me.
So why not disable images, including thumbnails? Wouldn’t that solve it? Imgur was created because reddit didn’t host images.
then ban nsfw
We did it, Lemmy! Child pornography is no more!
(Someone could just not mark it as nsfw)
the instance im on had to deal with supposed csam on lemmy nsfw
But… but that would be misleading! They cant do that!
Getting spammed by illegal content? Just say no!
Yout hacker can’t legally post on your instance without your consent.
If its a legitimate spam post, the instance has ways of shutting that whole thing down.
Thankfully I was not subscribed to that community so I wasn’t hit by it, but wow it’s a bad situation. I will certainly be more wary and keep an eye on things, ready to purge any images just in case
This is the biggest design flaw of lemmy.
Instances should host separate content, and aggregation of separate instances should be up the client.
Instead we got the worst of all worlds. It means that lemmy can never truly scale performance wise or survive legal wise.
Hopefully they solve it in some way, but I don’t see how unless they do the above and totally remove cross instance caching
aggregation of separate instances should be up the client.
Yea you’ll have a problem with overloaded requests
Example:
A post is located at Instance A, it has 100 users and can handle up to 150 connections at a time
Instance B has 100 users
Instance C has 100 users
Assuming all these users are from the same timezone and have the same one hour of free time after coming home from work
All users at Instance B and C wants to see the post at Instance A
200 requests gets sent to Instance A
Instance A also receive 100 requests from it’s own users
Instance A receives a total of 300 requests at around the same time. Instance is overloaded.
All of Intances A, B, and C would need at least 300 connection capacity in order for this to work.
Imaging there being 10 instances. All of them would need at least 1000 connection capacity. Each one of them.
Instances need to cache other instances to reduce redundant requests. This way the requests are reduced to 1. Only one copy needs to be sent to each other instance, instead of being sent to each individual user of those instances.
All 100 of each user at an instance could just use that 1 copy at their instance.
So now in this scenario:
Instance A has a post everyone wants to see, Instance A gets 100 requests + 1 from each other instance. Even with 10 total instances (including themself), there’d be only 109 requests, a far more manageable number than 1000.
I would love to have the EFF chime in, but there are some protections for you as a host under the Online Copyright Infringement Liability Limitation Act (OCILLA) - or safe harbor provision in the USA.
As to how that has been tested legally on federated content, I don’t know. Perhaps another elder of the internet can tell me how Usenet servers handle it.
You are right, there is safe harbor protections here. It’s a legal mess that must be navigated carefully. We will see how things progress.
While correct, you still may end up having to deal with the law about it. The whole “you can’t beat the ride” thing. Could be a ton of hassle and legal fees.
What are you implying here? That @gabe should never have bothered with running a server? What about the server you are connected to right now? Should they shut down because of what may travel across it?
No.
They’re protected under the same rules as somebody running a WiFi hotspot at a coffee shop. As long as they are doing everything within reason to be a good steward of their local network (which is what Gabe is doing) then they are protected.
I’m not suggesting anyone should or shouldn’t do anything, nor that I’m not grateful for people that do. Just saying it’s a potential downside that people should seriously consider before hosting any public access systems.
They’re protected under the same rules as somebody running a WiFi hotspot at a coffee shop. As long as they are doing everything within reason to be a good steward of their local network (which is what Gabe is doing) then they are protected
Hopefully, yeah. But again, there’s still this potential of the coffee shop of having all their equipment seized and having to deal with a law enforcement investigation and maybe even the courts. Even if the risk of actual jail time and monetary penalties is low, it’s something people should consider before doing it.
This is one of the reasons I’m not running a public access network or TOR exit node at home even if I think those are worthwhile things to do.
Doesn’t seem like he was implying anything. Just stating the fact that part of the burden of citizenship is sometimes having to interact with law enforcement, maybe even go to trial, even if you’ve done nothing wrong.
Pretty eloquent way of saying what I was trying to express. Thanks
FYI not all jurisdictions deal with website hosting (storage and distribution) as equivalent to hotspot/ internet services (dumb relay)
LW is not hosted in USA.
Wait are images federated too? Can’t u disable it?
I think only links to the images are federated.
EDIT: I am from the programming.dev instance, and this post links to https://lemmy.ca/pictrs/image/22411ac1-3f76-4904-9f0e-8522311c4ee1.jpeg which seems to come from lemmy.ca and not lemmy.ml where this community is originally from.
Maybe it was cross posted? Not sure.
The thumbnails are hosted on your home instance.
And the content itself? And it’s hosted on the home instance of the uploader or on every home instance and then served to their own users from that one?
It’s just hosted on their home instance. If all the content would be synced, it would be impossible to set up smaller and personal instanced without massive storage capacities.
I see, thanks for the explanation.
