cross-posted from: https://jamie.moe/post/113630
There have been users spamming CSAM content in [email protected] causing it to federate to other instances. If your instance is subscribed to this community, you should take action to rectify it immediately. I recommend performing a hard delete via command line on the server.
I deleted every image from the past 24 hours personally, using the following command:
sudo find /srv/lemmy/example.com/volumes/pictrs/files -type f -ctime -1 -exec shred {} \;
Note: Your local jurisdiction may impose a duty to report or other obligations. Check with these, but always prioritize ensuring that the content does not continue to be served.
Update
Apparently the Lemmy Shitpost community is shut down as of now.
I literally am going to give up social media in general if this doesn’t stop
Seen it last night late around 3am shit made me sick I honestly almost cried but I just closed the app and tried not to think about it
Whatever the goal is it’s a stark reminder that there is monsters creeping in the shadows every where you go
Why do these deranged fucks do this
You really think the trolls would pass up on this golden opportunity?
I’d think most trolls would pass up on doing something that can easily get them imprisoned if ever found out …
Archive.org gets crapped up this way, too. Repulsive people posting repulsive stuff, “troll” is too kind a word.
This isn’t trolling, this is just disgusting crime.
The crime happened in the past when the children were abused. This is some weird amalgam of criminal trolling.
Edit: yeah yeah I get that csam is criminal, that’s why I called it an amalgam. It’s both trolling and criminal.
Depending on jurisdiction, I am not a lawyer, etc etc, but I’d imagine with fairly high degree of probability that re-distribution of CSAM is also a crime.
It’s still a crime. Taking the pictures is a crime. Sharing the pictures is also a crime.
The crime happened in the past when the children were abused.
That’s true. You could look at it that way and stop right there and remain absolutely correct. Or, you could also look at it from the eventual viewpoint of that victim as a human being: as long as that picture exists, they are being victimized by every new use of it, even if the act itself was done decades ago.
Not trying to pile on, but anyone who has suffered that kind of violation as a child suffers for life to some extent. There are many who kill themselves, and even more that cannot escape addiction because the addiction is the only safe mental haven they have where life itself is bearable. Even more have PTSD and other mental difficulties that are beyond understanding for those who have not had their childhood development shattered by that, or worse, had that kind of abuse be a regular occurrence for them growing up.
So to me, adding a visual record of that original violating act to the public domain that anyone can find and use for sick pleasure is an extension of the original violation and not very different from it, IMO.
The visual records are kind of a sick gift that never stop giving, and worse still if the victim knows the pics or videos are out there somewhere.
I am well aware not everyone sees it this way, but an extra bit of understanding for the victims would not go amiss. Imagine being an adult and browsing the web, thinking it’s all in the past and maybe you’re safe now, and stumbling across a picture of yourself being raped at the age of five, or whatever, or worse still, having friends or family or spouse or children stumble across it.
So speaking only for myself, I think CSAM is a moral crime whenever it is accessed, one of the most hellish that can be committed against another human being, regardless of the specificities of the law.
I don’t have a problem with much else that people share, but goddamn I do have a problem with that.
Some sick fuck out there kept the files
Ok retard
spreading child pornography is in fact illegal in most of the world
There was a weird JSON error I was getting in the last few minutes. I’m not sure if this is at all related.
big F in chat for those of you dealing with this. my #1 fear about setting upand instance.
It impacts everyone when this shit happens. It takes time for mods/admins to take down. And you can’t unsee it.
I hope nobody else has the misfortune of stumbling on that shit
Yeah you really can’t. I’m pretty desensitized from earlier internet with death and other shock gore content but had managed to avoid CSAM until today. It was a lot worse than I expected, felt my heart drop. Worse, my app autoplays gifs in thumbnail so it kept going while I was reporting it.
I’ve mostly forgotten and it wasn’t on my mind until I saw this thread (happened less than 24hr ago) but even the slightest reminder is oddly upsetting. Wish I’d thought of the Tetris thing.
There have been studies which found playing tetris for an hour or two after seeing something traumatic can prevent it taking root in our longterm memory.
I tried it once after accidentally clicking a link on reddit that turned out to be gore, I can’t remember exactly what it was now (about 9 months later) so it must have worked
This advice is a few hours too late for me. Hope it helps others
I just posted an article explaining the study to the ‘You Should Know’ community, so hopefully some of the people who need to see it do so
Don’t worry, life with hold many more traumas
Cue Homer Simpson: This is the worst thing you’ve seen in your life so far
That’s pretty genious. One way to work with trauma is moving the eyes from side to side along to a moving light. It’s basically to force the brain to work through something that used to stall it. So tetris, since it is highly reactive and logical, also needs spatial thinking, should very much force the brain to work instead of stalling.
Can you please link a study?
If the source deletes the post. Won’t that remove it from all the instances ?
deleted by creator
That’s sounds like a feature request.
I am using the Lemmy easy deploy would this command works?
You’ll need to find where the actual container files are being stored. I’m unfortunately not familiar with Lemmy Easy Deploy, but you should have a folder that has some files/folders like
docker-compose.yml,volumes,lemmy.hjson.The important one is the
volumes/pictrs/filesfolder, take the full path of that folder and replace it with the/srv/lemmy/example.com...path from the original post, and then that command should work.
blocked lemmyshitpost some time age because it is trash anyway
What’s CSAM?
Just google it.
Edit: Not Safe For Life
I kind of suspected it’s better not to google it at work.
deleted by creator
Child sexual abuse material - underage porn. For obvious reasons, you don’t want this to be something you’re hosting automatically out of your basement server.
That’s what I thought. Back in my days it was called CP.
I’ve been listing to the audiobook for American Prometheus: The Triumph and Tragedy of J. Robert Oppenheimer and the number of times they say “CP” as an abbreviation for “Communist Party” is too damn high.
Also last time I went to the amusement park Cedar Point they’ve got “CP” as an abbreviation on all sorts of stuff.
Made me chuckle, but I do think it’s perhaps time to move to the abbreviation CSAM since it’s less likely to get used for other purposes.
Youtube literally flat banned any channel with CP in it. Regardless of what CP actually stood for, like say combat power in pokemon go… Lots of bigger YouTubers got hit with account closures for like a week before it got reversed.
https://www.techspot.com/news/78814-youtube-bans-several-pokmon-go-channels-over-mistaken.html
Csam is an objectively better name.
‘Porn’ implies consent.
There’s a lot of porn that wasn’t made consensually either. I don’t care what we refer to csam as but I think it’s important to acknowledge that.
In what world anyone would think that CP implies consent? I mean, the word ‘child’ is right there. Do you think that the term ‘child soldiers’ implies consent? I don’t have anything against the term CSAM but if it was created because of doubts around consent it was a silly reason to create it.
The term originates from professionals - psychiatrists etc - who work in that field, because they knew even decades ago that “pron” is the wrong word for this kind of material.
I think it’s more likely some people working in those fields wanted to improve their career by popularizing a new term.
I think it has less to do with the existence of non-consensual porn as with the possibility and, indeed, existence of vast amounts of consensual porn. Consent is very much possible in adult porn, it isn’t with CSAM. It’s also possible with soldiers, though of course conscription exists and ask a random Ukrainian they’d rather not have to be a soldier for their loved ones to be protected.
Child sexual abuse material
I was looking into self hosting. What can I do to avoid dealing with this? Can I not cache images? Would I get in legal trouble for being federated with an instance being spammed?
Someone else here mentioned not running "pictrs” at all
Refer to this comment chain from this same thread https://poptalk.scrubbles.tech/comment/577589
Likely Spez’s personal jailbait collection
I went ahead and just deleted my entire pictrs cache and will definitely disable caching other servers images when it becomes available.
Anyone know if this work is tracked anywhere? I’m suddenly really suspicious of continuing to run my own instance.
https://github.com/LemmyNet/lemmy/pull/3897
It does say “thumbnails” but as far as I know, Lemmy (or pictrs) makes a copy of the full image too. I don’t know if this PR includes full images.
Likely scum moves from reddit patriots to destroy or weaken the fediverse.
I remember when Murdoch hired that Israeli tech company in Haifa to find weaknesses is TV smart cards and then leaked it to destroy their market by flooding counterfit smart cards.
They are getting desperate along with those DDOS attacks.
Could be, but more likely it’s just the result of having self hosted services, you have individuals exposing their own small servers to the wilderness of internet.
These trols also try constantly to post their crap to mainstream social media but they have it more difficult there. My guess is that they noticed lemmy is getting a big traction and has very poor media content control. Easy target.
Moderating media content is a difficult task and for sure centralized social media have better filters and actual humans in place to review content. Sadly, only big tech companies can pay for such infrastructure to moderate media content.
I don’t see an easy way for federated servers to cope with this.
Yeah exactly. This is the main reason I decided not to attempt to self host a Lemmy instance. No way am I going to let anyone outside of my control have the ability to place a file of their choosing on my hardware. Big nope for me.
Self hoster here, im nuking all of pictrs. People are sick. Luckily I did not see anything, however I was subscribed to the community.
- Did a shred on my entire pictrs volume (all images ever):
sudo find /srv/lemmy/example.com/volumes/pictrs -type f -exec shred {} \;-
Removed the pictrs config in lemmy.hjson
-
removed pictrs container from docker compose
Anything else I should to protect my instance, besides shutting down completely?
deleted by creator
How would I exclude any files that I uploaded, though?
You don’t, those are the collateral damage.
IMO it’s better to just nuke every image from the last 24 hours than to subject yourself to that kind of heinous, disgusting content
How desperate to destroy Lemmy must you be to spam CSAM on communities and potentially get innocent people into trouble?
Maybe you’re a dev on the Reddit team and own a lot of shares for what you know is about to go public?
