Hello everyone,

We unfortunately have to close the !lemmyshitpost community for the time being. We have been fighting the CSAM (Child Sexual Assault Material) posts all day but there is nothing we can do because they will just post from another instance since we changed our registration policy.

We keep working on a solution, we have a few things in the works but that won’t help us now.

Thank you for your understanding and apologies to our users, moderators and admins of other instances who had to deal with this.

Edit: @[email protected] the moderator of the affected community made a post apologizing for what happened. But this could not be stopped even with 10 moderators. And if it wasn’t his community it would have been another one. And it is clear this could happen on any instance.

But we will not give up. We are lucky to have a very dedicated team and we can hopefully make an announcement about what’s next very soon.

Edit 2: removed that bit about the moderator tools. That came out a bit harsher than how we meant it. It’s been a long day and having to deal with this kind of stuff got some of us a bit salty to say the least. Remember we also had to deal with people posting scat not too long ago so this isn’t the first time we felt helpless. Anyway, I hope we can announce something more positive soon.

  • 𝕯𝖎𝖕𝖘𝖍𝖎𝖙@lemmy.world
    link
    fedilink
    arrow-up
    6
    arrow-down
    13
    ·
    edit-2
    1 year ago

    I read it. Let’s read it together again.

    I hope the devs take this seriously as an existential threat to the fediverse.

    The developers who build lemmy aren’t able to put in CSAM blocking code. That’s not how this works. I assume the commenter meant to say “admins” here, as developers write the code, they don’t admin the sites. If a developer has a lemmy instance they admin, they they are both a dev and an admin. Lemmy wasn’t built for CSAM sharing specifically, it is a site that allows sharing of CSAM as much as reddit or facebook do. The devs can’t do much about this. The admins and mods can.

    Lemmyshitpost was one of the largest communities on the network both in AUPH and subscribers.

    Neat. Irrelevant, but cool.

    If taking the community down is the only option here, that’s extremely insufficient and bodes death for the platform at the hands of uncontrolled spam.

    This I take issue with, and is what I mostly responded to.

    “If taking the community down is the only option here” well no, it’s not. We could just get 100’s of mods to specifically address this one user’s posting of CSAM. Hey, anyone want to moderate the site? Oh right, and they’ll need to be vetted, and they’ll need to keep doing this on the side for free as volunteers since lemmy is volunteer run…

    “that’s extremely insufficient” hard disagree. A community is liable for the content on it. If we put a CSAM post up on a site and leave it around for a few minutes, that’s one thing. If it’s left up for days and weeks, that’s quite another problem entirely. The minute that an admin or mod saw CSAM material, they did the right thing by shutting that down. Even if it means downtime for users. Oh no! Users can’t read lemmyshitpost and now the world is ending.

    “and bodes death for the platform at the hands of uncontrolled spam.” Welcome to the internet, where all platforms are at the risk of uncontrolled spam. At first it was just email, but then it was bulletin boards, and then message boards, and then forums, and then community-moderated forums like reddit and lemmy. This has and will be a problem. This isn’t a new concern for lemmy devs or admins or mods, they all are aware that this can happen and is why they do what they do. Turning off the community is a viable option, and is what has happened in larger companies too while they cleaned up the mess.

    Additionally, it seems you are contradicting your own post from 20 minutes prior to your current comment. Perhaps you responded to the wrong comment?

    I’ve been very consistent in my arguments. Show me the contradiction and I’ll address it.

    TL;DR: users cannot expect to be allowed to post CSAM material on lemmy instances. Allowing CSAM material to be up on lemmy instances constitutes a legal risk for admin owners, and thus we cannot leave it up. Blocking a community (even if it’s like the bestest and most favorited and most subscribed and everyone loves it and wow just super-duper community) is a viable means of blocking all CSAM on that community while it is cleaned up. To suggest that the community should have stayed online is assinine. To suggest that the admins should not have blocked a community to combat CSAM is assinine. Trust admins to do their jobs.

    • wanderingmagus@lemm.ee
      link
      fedilink
      arrow-up
      11
      ·
      1 year ago

      They aren’t asking devs to be admins or for admins to be devs. They specifically called out the developers because code exists to filter child sexual abuse material, disseminated by organizations such as the FBI and law enforcement, which can be implemented for image uploading.

      NOBODY in this comment section is advocating for uploading fucking child sexual abuse material. That is a strawman you are setting up. Nobody is advocating for allowing the uploading of child sexual abuse material, or for the “material to be up on lemmy instances”. NOBODY is suggesting that a single instance going down is “the world is ending”. NOBODY is asking for “100’s of mods to specifically address this one user’s posting of CSAM”.

      You’re setting up a strawman argument nobody is proposing. The criticism is that, at this moment, the developers of Lemmy have not implemented a method for automatically vetting uploaded images for CSAM without requiring “100’s of mods”, which is what resulted in the condition that “taking the community down is the only option here”.

      Perhaps the wording of the original post was not precise and accurate enough for your full and complete understanding of the intent and meaning behind it. In this post, I have attempted to elucidate that intent and meaning to a degree which I hope is understandable to you.

      • 𝕯𝖎𝖕𝖘𝖍𝖎𝖙@lemmy.world
        link
        fedilink
        arrow-up
        3
        arrow-down
        12
        ·
        edit-2
        1 year ago

        They aren’t asking devs to be admins or for admins to be devs. They specifically called out the developers because code exists to filter child sexual abuse material, disseminated by organizations such as the FBI and law enforcement, which can be implemented for image uploading.

        Yeah? I doubt this is true but I could be wrong. You make it sound like preventing CSAM is as simple as importing a library, something I find dubious. Companies have been trying to filter out this material in an automated fashion for decades and yet they still have to employ humans to do it manually because automated means don’t really work. This is why companies like Reddit, facebook have trust and safety teams to do this work.

        Edit: I goggled and could not find this database. I’m thinking it’s a myth.

        NOBODY in this comment section is advocating for uploading fucking child sexual abuse material. That is a strawman you are setting up. Nobody is advocating for allowing the uploading of child sexual abuse material, or for the “material to be up on lemmy instances”. NOBODY is suggesting that a single instance going down is “the world is ending”. NOBODY is asking for “100’s of mods to specifically address this one user’s posting of CSAM”.

        ahem there were users who uploaded CSAM. Those are the users who were advocating for uploading CSAM, becuase they uploaded CSAM.

        I’m literally arguing with people who are saying that they shouldn’t have shut down the community because it’s big and that shutting down the community (not CSAM) poses an threat to the fediverse. Maybe, but CSAM poses a legal threat, which is much greater than the threat of low engagement.

        You’re setting up a strawman argument nobody is proposing. The criticism is that, at this moment, the developers of Lemmy have not implemented a method for automatically vetting uploaded images for CSAM without requiring “100’s of mods”, which is what resulted in the condition that “taking the community down is the only option here”.

        Yeah, that doesn’t exist, as I’ve mentioned previously. You make it sound like getting CSAM off lemmy was as simple as writing some code - if it were, why doesn’t facebook and reddit do this?

        Perhaps the wording of the original post was not precise and accurate enough for your full and complete understanding of the intent and meaning behind it. In this post, I have attempted to elucidate that intent and meaning to a degree which I hope is understandable to you.

        You’re not understanding how CSAM detection works or is handled.

        The grim reality is this: cameras exist, children exist, adults exist, the internet exists, and the second that a crime is committed, it is not added to an FBI database. If such as FBI database existed and IF it was useful (and not just a database of hashes for bit-perfect copies of CSAM) and IF it were updated when evidence of the crime surfaces… IF all of those things are true, THEN it means there’s still likely a huge swath of CSAM material still out there, that could be posted at any time, and that would NOT be detected.

        Again ask yourself, IF such a database existed, then WHY does reddit, twitter, facebook, hell, why doesn’t every or any site use it?

        Pedophiles, instead of downvoting me, why not explain yourself?

        • wanderingmagus@lemm.ee
          link
          fedilink
          arrow-up
          6
          ·
          1 year ago

          As another commenter posted below:

          But tools do exist. PhotoDNA by Microsoft. Although much more user-friendly implementation if you use Cloudflare, related links:

          As far as I am aware, every major site does use it in addition to manual vetting for any flagged “borderline” or “uncertain” results caught up in the filter.

          • 𝕯𝖎𝖕𝖘𝖍𝖎𝖙@lemmy.world
            link
            fedilink
            arrow-up
            1
            arrow-down
            8
            ·
            1 year ago

            As far as I am aware, every major site does use it in addition to manual vetting for any flagged “borderline” or “uncertain” results caught up in the filter.

            I think this is where you could be wrong here. I appreciate the links, I’ll look into those in more detail. My best understanding is that these tools generate so many false-positives and false-negatives that it’s not worth using them. It may be a first line of defense until real humans get to see them, but my point is that humans are still needed. When humans are included because the system isn’t 100%, it means humans do the labor and as such, with limited time, humans need to determine when they can do the labor - sometimes shutting down a community is the best way to stop the flood while they clean up the mess.

            • Richard@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              1 year ago

              This is just a matter of confirmation bias from your side now. You stubbornly refuse to accept factual information very helpfully delivered to you by users who have many better things to do than respond to your inquiries, and you dogmatically refuse to acknowledge that there are advanced and reliable automation tools available for the use case in question. And while you do all that, you belittle the other users in the community by referring to your supposedly superior knowledge and experience, however somehow failing to provide any data or secondary sources to back up your claims.

              • This is just a matter of confirmation bias from your side now. You stubbornly refuse to accept factual information very helpfully delivered to you by users who have many better things to do than respond to your inquiries, and you dogmatically refuse to acknowledge that there are advanced and reliable automation tools available for the use case in question. And while you do all that, you belittle the other users in the community by referring to your supposedly superior knowledge and experience, however somehow failing to provide any data or secondary sources to back up your claims.

                Hello Richard, thanks for taking the time to present your criticism. I take some issue with it, but I believe it’s due to a misunderstanding. I’ll explain.

                This is just a matter of confirmation bias from your side now.

                I do think there is some confirmation bias at play here but I’m thinking you may be surprised where it’s coming from.

                You stubbornly refuse to accept factual information very helpfully delivered to you by users who have many better things to do than respond to your inquiries, and you dogmatically refuse to acknowledge that there are advanced and reliable automation tools available for the use case in question.

                This factual information, to the best as I can understand from reading the comments is that these tools exist. I don’t deny that they exist. I didn’t deny they exist.

                users who have many better things to do than respond to your inquiries

                Unfortunately, it would seem you are wrong here, as they have responded to my inquiries. Or, are you talking about the people who haven’t responded to my inquiries? Either way, I agree that there are people who have or haven’t responded to my inquiries that do have better things to do. What is also true is that the people who responded to my inquiries, even if they had better things to do, still responded to my inquires.

                you dogmatically refuse to acknowledge that there are advanced and reliable automation tools available for the use case in question.

                But, I didn’t, is the thing. In the cases where people have provided links to projects, I’ve thanked them. I’ve mentioned my skepticism and I’ve also wished them well on their projects.

                “Advanced and reliable” are marketing terms, and I don’t really care to use them as they have no meaning. Advanced how? In that it uses neural networks? NEAT! reliable how? in that they work 100% of the time? That they don’t generate false-positives or false-negatives? That they don’t degrade the user experience? These are questions worth asking… but… let me be clear: they are questions worth asking for the sake of improving these tools and maintaining the user experience; these are not meant to discourage use of such tools. I believe admins should use all tools available to them, including turning the servers off if they need to - in that toolbelt includes ai based tools and scripts.

                And while you do all that, you belittle the other users in the community by referring to your supposedly superior knowledge and experience, however somehow failing to provide any data or secondary sources to back up your claims.

                Richard, is it, or can I call you dick?

                Either way, Richard, I don’t claim to have superior knowledge. I honestly thought that would come across in my username. Sorry that it did not. I’m a dipshit.

                Like, an actual dipshit. I’m dumber than a lot of people on here. That doesn’t mean that I’m the dumbest, but it doesn’t mean I’m the smartest either. I’m far from being the smartest on this site, and that’s not impostor syndrome. If I sound smart it’s just because I do know a bit on some topics relating to technology and development, and because I have many interests in many topics. What I have at best is a baseline understanding, and I try to remain humble about it. I got pretty emotional in this thread, calling people who disagreed with my very much hard-to-disagree-with stances that “CSAM bad” and “admins should feel free using all tools available to remove and prevent CSAM” names that got me a 3-day ban. A ban which is now ending, allowing me to finally respond to you.

                You see the problem here is that the people I’ve been responding to are people who are misunderstanding some things, which I’m trying to clear up. I believe this is one of the main draw to any message board system, for most people. We like to communicate and share knowledge.

                however somehow failing to provide any data or secondary sources to back up your claims.

                I don’t walk around with sources handy for everything I say, ready to cite them in every single post. I also don’t see many people doing this. I don’t lie, and I’m happy to provide links, sources, whatever - when asked for them. No one’s asked for sources for my claims that “CSAM bad” or that “admins should feel free using all the tools available to them…” or even when I say that AI tools aren’t perfect and lead to false-positives and false-negatives. But, I can give them to you if you want to see them. I don’t talk out my ass. One easy example I’ve been giving people is what’s happening and has been happening for years to this one youtuber, who constantly gets her videos flagged as having a child in them, despite her being 30 and only having herself in her videos. Her experience is valid, as there are some people who will constantly be falsely identified (which again is just stating facts, not suggesting these tools shouldn’t be used - that would suggest that these tools cannot be improved, which they can and are).

                Richard, your comment was a slam-dunk. I’m just not sure you hit the right net. Please let me know if I am misunderstanding anything.

                Yours, Dipshit.

    • utopianfiat@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      The developers who build lemmy aren’t able to put in CSAM blocking code. That’s not how this works.

      They absolutely can, and every forum under the sun has tools and extensions to help with this. Fucking 4chan has code specifically dedicated to deal with CSAM. You have no clue what you’re talking about.

      Oh no! Users can’t read lemmyshitpost and now the world is ending.

      Replace this with [email protected], or [email protected], or [email protected]. “Oh no, users can’t read the entire site” yes that is the definition of the end of the site.

      You’re not seeing that this isn’t a lemmyshitpost issue, it’s an “any popular community on lemmy” issue. Snarkily taking potshots at lemmyshitpost as a community doesn’t change it.

      Turning off the community is a viable option

      It’s not “not an option”, it’s the last resort. It’s like saying that your only option to seeing a roach in your apartment is to burn the whole building down. Because doing it means you don’t have a community anymore, and without communities the site has no purpose.

      • 𝕯𝖎𝖕𝖘𝖍𝖎𝖙@lemmy.world
        link
        fedilink
        arrow-up
        3
        arrow-down
        9
        ·
        1 year ago

        They absolutely can, and every forum under the sun has tools and extensions to help with this. Fucking 4chan has code specifically dedicated to deal with CSAM. You have no clue what you’re talking about.

        Cool, name them and give me links then. I could not find such on the internet. There is software that tries to detect this, but even youtube’s algorithm is incorrectly flagging fully clothed 30 year old women as children.

        Links or you’re talking out your ass.

        Replace this with [email protected], or [email protected], or [email protected]. “Oh no, users can’t read the entire site” yes that is the definition of the end of the site.

        Replace a site with CSAM and you’ll find it’s not a site you’ll want to go to in the first place. READ the original post where it was mentioned this is a stop-gap measure.

        You’re not seeing that this isn’t a lemmyshitpost issue, it’s an “any popular community on lemmy” issue. Snarkily taking potshots at lemmyshitpost as a community doesn’t change it.

        You’re… offended that I had snark on the topic of lemmySHITPOST? surely, you are joking.

        My point is not that this community is shit and that’s why this happened.

        My point is that this is a community on a lemmy instance that was flooded with CSAM, and was shutdown because of the flood of CSAM.

        It’s not “not an option”, it’s the last resort. It’s like saying that your only option to seeing a roach in your apartment is to burn the whole building down. Because doing it means you don’t have a community anymore, and without communities the site has no purpose.

        You do see how turning a community off and then on again isn’t the same thing as burning down a house (and unburning it again?)

        You do realize that we’re talking about a literal crime against children vs your ability to see memes? Fuck off with your self-importance.

        • utopianfiat@lemmy.world
          link
          fedilink
          English
          arrow-up
          7
          ·
          1 year ago

          Replace a site with CSAM and you’ll find it’s not a site you’ll want to go to in the first place.

          Are you being intentionally dense or do you not understand that it’s my point? If someone can flood lemmy with CSAM so easily that the only way to stop it is a site shutdown, then there are not sufficient mitigation measures in place.

          • 𝕯𝖎𝖕𝖘𝖍𝖎𝖙@lemmy.world
            link
            fedilink
            arrow-up
            3
            arrow-down
            9
            ·
            1 year ago

            Are you being intentionally dense or do you not understand that it’s my point? If someone can flood lemmy with CSAM so easily that the only way to stop it is a site shutdown, then there are not sufficient mitigation measures in place.

            Yes, this is the Internet. Take your statement and replace “lemmy” with “reddit” “facebook” “9gag” “imgur” etc… No site has “sufficient mitigation measures in place” as CSAM continues to flood the internet.

            “Flooding” a site with CSAM is a matter of opinion. If one person posted one image of CSAM on my instance, that would be flooding - that’s one image too many. It’s not like there’s some magic threshold of the amount of CSAM allowed on a site. All sites use human moderators to detect CSAM and all sties who do this have teams that are far too small and far too underpaid for the most part.

            Underpaid being the keyword here, as lemmy admins are volunteers. I would think that the threshold for “flooding” a lemmy instance with CSAM would be far lower than that of a major for-profit site.

            • cubedsteaks@lemmy.today
              link
              fedilink
              arrow-up
              2
              ·
              1 year ago

              Yes, this is the Internet. Take your statement and replace “lemmy” with “reddit” “facebook” “9gag” “imgur” etc… No site has “sufficient mitigation measures in place” as CSAM continues to flood the internet.

              it’s true, if I remember correctly, tumblr was removed from the App Store because of CSA issues. I could be remembering wrong and maybe it was the Google Play Store.

              • 𝕯𝖎𝖕𝖘𝖍𝖎𝖙@lemmy.world
                link
                fedilink
                arrow-up
                3
                arrow-down
                3
                ·
                1 year ago

                This is likely going to be an issue for any site that hosts nsfw content. It’s easier to have mods just ban all NSFW content without trying to go into trying to figure out if the people in the content are consenting adults.

                If the admins of nsfw instances aren’t already on high alert, they should be now.

                • cubedsteaks@lemmy.today
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  1 year ago

                  It’s easier to have mods just ban all NSFW content without trying to go into trying to figure out if the people in the content are consenting adults.

                  Yeah, I fully agree with that. If people want porn, they should go to porn sites.

        • cubedsteaks@lemmy.today
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          Cool, name them and give me links then. I could not find such on the internet. There is software that tries to detect this, but even youtube’s algorithm is incorrectly flagging fully clothed 30 year old women as children.

          have you ever talked to janitors and mods on 4chan? Good luck getting any info out of them.

          • 𝕯𝖎𝖕𝖘𝖍𝖎𝖙@lemmy.world
            link
            fedilink
            arrow-up
            1
            arrow-down
            4
            ·
            1 year ago

            Do you realize that 4chan isn’t the full internet? That these programs that you already know of can exist outside of 4chan? I’m asking you - the person who knows of these apps - to provide links to back up your claims.

            • cubedsteaks@lemmy.today
              link
              fedilink
              arrow-up
              4
              ·
              1 year ago

              I’m not the other person you responded to and I never claimed to have an apps or links.

              I’m just telling you how this works on 4chan. I’m aware that’s not the entire internet obviously - your sarcasm needs work considering we are both here on Lemmy, ie, not 4chan.

              If anyone on there is using these programs/apps/whatever, they’re not just gonna tell other people about them.

              And as far as I know, I haven’t been on 4chan in like 3 years not but they region ban for CSAM.

              • 𝕯𝖎𝖕𝖘𝖍𝖎𝖙@lemmy.world
                link
                fedilink
                arrow-up
                2
                arrow-down
                3
                ·
                1 year ago

                I don’t really keep track of who I’m responding to. I just respond to comments. Sorry if I got mixed up here.

                My comments still stand, though the snark isn’t directed towards you specifically.

                I just want people to understand that there isn’t a solution that we all think exists in other places and not here. The solution is largely people. People who get PTSD from viewing and moderating these images. It’s not a good solution but it’s the best solution we have so far.

                The other truth of the matter is if the Internet itself were to hypothetically shut down, this content will just be distributed via other means. The one nice thing about the internet is that lots of stuff is tracable back to the person who posted the infringing material.

                • cubedsteaks@lemmy.today
                  link
                  fedilink
                  arrow-up
                  7
                  ·
                  1 year ago

                  I just want people to understand that there isn’t a solution that we all think exists in other places and not here

                  I agree with you on this. I agree with a lot of things you’re saying.

                  part of responding means you know who you are talking to. I know it can be easy to forget someone is behind the screen here but there are in fact other human beings responding to you.

                  Just try to be more considerate, if anything.