Oh so you’re saying all Reddit users literally eat babies?

/s. The vitriol on that site was just exhausting.

Lol dude got the exact things wrong about Lemmy - clear they haven’t spent much time here. Fediverse is NOT privacy focused, in fact it’s the opposite. You blast your content out to everyone. The only privacy is your username, and that aint much. It’s user owned, that’s the saving grace, that corporate doesn’t own it. We sacrifice fake corporate privacy for open standards.

Right? Failed by who’s standards? For me, I’m pretty goddang happy here. I get enough content, I don’t feel constantly anxious or angry, the people are generally pretty nice. Is OP deciding it failed? Or are others?

Then getting mad when we call them out on their trolling

This is what excites me the most. There are huge potentials for plugins, and I think it’ll ease some of the strain from the core engineers. Most of the “ideas” I see posted really could be plugins. Things like badges on posts, verification of links, etc etc could all be plugins that individuals could make. The problem with developing against the core repo is that you have to learn and understand the core repo, so you don’t removed up something else in some other place accidentally. Plugins are a neat way where we can say “I’m a function that does one thing, just do the thing here, and then do what you need to with that data”

I fully understand that, and I explained it in my reply to nutomic. It’s not that I wanted to just pile on, but rather at an emergency like that, an all-stop would have been justified in my opinion, to stop all work and go into emergency “What can we all do to stop this and prevent it”. All other issues were secondary in that moment compared to stopping CSAM, and it didn’t feel that way. They added it to the pile of issues, and I’m glad to see changes came out, but in that moment I didn’t see much if any support from them

I was not handling it fine, it was generally chaotic, and in the Matrix chats I remember it being chaotic, for both attacks. Luckily by the second one we had db0’s tooling to help a bit more, but there still many of us who were exposed to the images. We lost a lot of instances during those two attacks from admins who justifiably didn’t want to take on the risk.

I completely understand how crazy it was, but the lack of response from you guys was disheartening, it really did make me wonder if I should continue hosting or if I should bail out. Ultimately, I decided to stay obviously, but had to do some hard extra steps, like reducing privacy and registering with the feds for CSAM.

So like I said, I’m torn. I respect you guys for everything you do, but that was a moment where all other development should have stopped to immediately address a real problem, and while you think a roundtable would have just been feel good, I think we could have kept a lot of instances online if it had been done. Assurances that yes, new changes are coming, and official suggestions like “Here are the endpoints to delete the images”, or nominating db0 or someone as the person in charge of the outbreak. It was honestly a scary time, and for us owners who accept a lot of risk, for many of them it was too much.

Anyway, I have a habitual case of foot in mouth disease, so it was immediately after posting that comment that I heard about 0.19.4, and immediately felt stupid. I tried it last night but I kept getting timeout errors and something about “Could not get user’s /inbox” or something, I’ll try 0.19.5 today. Thank you for bringing additional mod tools, they’ve been hugely needed. I know they’re not glamorous to make, but they keep the communities healthy and strong.

Edit: 0.19.5 also failed. I wrote up a github bug on it, until then I unfortunately have to stay on 0.19.3 https://github.com/LemmyNet/lemmy/issues/4850

(instance admin here, but for a small one) woof well, for me, I agree, but I wouldn’t use that wording.

Lemmy for sure isn’t a plug and play site. Setting it up took leaps and bounds, learning way more about nginx than I ever really cared to, and figuring out documentation that was very clearly out of date. Very little logging or error messaging exists to help with that problem.

Very little errors exist at all, it’s very much a “happy path” project. That’s why we get constant spinners everywhere, because when an HTTP error occurs there’s no actual error message. (Come on guys, just add it to your standard HTTP messages, if statusCode < 200 || >= 300 then show a toast message).

But yeah, the moderation tools have to be the worst. Lemmy has an amazing development group that’s separate from the main developers who have patched together a good set of tools, from automods to CSAM and illegal scanning, huge props to them - but these issues are routinely ignored by the main devs. I was shocked, honestly shocked that when we were under CSAM attacks that there was not an immediate roundtable of the head devs to try to solve the problem officially. Here was a problem that 99% of countries would immediately and gladly throw us, the instance admins, in jail over and they just handwaved it away. In fact, I don’t know that there was ever an official post about it, or even that there are things coming to help with it.

I love Lemmy and being here, and the devs have done a great job at building this platform for us, but we’re at a critical point right now. It’s no longer software that is just fun side projects and building stuff that looks cool, it has some real issues now that it has a real userbase. I’m definitely one to say “But it’s FOSS, and other people can pick up and submit a PR” - but it also says something when the head devs just completely ignore a massively huge issue with it.

Bugs and caches and that sort of thing I can overlook. Those I can wait on and see them get smoothed out over time. Actual issues that could land me in jail or get the feds to beat down my door? Those I kind of expect a fast response.

So, I’ll say I’m extremely conflicted. I want to host lemmy long term, and I’m happy to bring the fediverse to a few more people, but the csam attacks really altered my view of the devs.

Edit - because my favorite manager said “Bring me solutions, not problems” a few things that would really help immediately -

• Integrate db0’s CSAM checker natively, more or less a plug and play option, or a checkbox. His checker sits at an endpoint. The admin page of lemmy could easily have you plop in the endpoint and it would start checking
• Have an image management portal, with capabilities to:
  • Auto remove images after X time (to help with ballooning storage costs)
  • Perma-delete images and users (maybe blurred too if the CSAM checker flagged it, so I don’t need eye bleach) (Edit again, 0.19.4 might have fixed this, I need to upgrade so I’ll see)
  • Federating image purges, so one purge on one server will force purge it on everyone else’s
  • ~~Disabling of caching other server’s images ~~ (Edit again, I see 0.19.4 just dropped which has this, so this is good). This way I’m only responsible for my own users.
  • View images that are not related to a post (DM’d messages that I’m hosting, or people just uploading images to my site)
• Bring in a logging system into the UI itself, so I can keep tabs on the error logs. I can pipe them somewhere, but this would be a major plus as an admin

ah your instance has debugging enabled. Message your instance admins to remove it.

I’ve had this argument with other people, but essentially at this point there is no licensing beyond server ownership here, and most servers don’t have any licenses defined. Even if they do, then sure they did something wrong… but how would you ever prove it or enforce it? The only way to actually disallow them is to switch from open federation to closed - which goes against what we’re trying to build with federation.

It doesn’t combine them (because different people are subbed to different communities, although what you bring up has been discussed on the github for a while). The biggest thing though is discoverability, where your post is shown in multiple communities easily. Another added benefit is that there are less duplicated posts, your app/device can see that it was crossposted and show you only one in your feed rather than 3,5, 10 duplicate posts (and then you can tab between them)

Fully agree. The annoyances of free and open are vastly outweighed by the negatives

This is the only way I see it being acceptable. How do we add this to instances?

Only algorithm I need is posts I subscribe to, in descending order. That’s about it

This is what I’ve been saying the entire time. It sucks, and it’s wrong, but the fediverse is built from the ground up as an open sharing platform, where amour data is shared with anyone. It shouldn’t be, and it’s wrong, but there is nothing to stop anyone from doing it. To change that would alter federation at a core level

That’s how they were reported to fediseer iirc, or at least they care… So… Instant defed for me.

it’s a big pedo instance iirc

This is what I had to do. Kind of a weird round about way to do it

Stopped reading at "Mastodon BDFL (Benevolent Dictator for Life) ".

Giant eyeroll. It even mentions there’s a dozen forks already, just upset that none of the changes have been merged to the origin upstream.

Make an argument without devolving to namecalling in the first 2 paragraphs.

No worries, there’s a new coin that a billionaire told me to buy 5 thousand dollars of, it should retain it’s value for a while