PSA: Since Threads apparently will be federating replies soon, I thought I should post this again, because there's still a lot of people that don't know.
When a normal user uses "block this domain" it's LITERALLY just a MUTE. The blocked server can still see, interact, and reply to your posts, you just won't be able to see them.
It's kinda like sitting in a room with hungry bears while wearing a blindfold. If you're scared of hungry bears, your best bet is to get out of the room, not put a blindfold on. And by this, I simply mean to migrate to an instance where the blocks are up to your standard on the "instance" level.
Stay informed and make informed decisions, no matter what you choose to do with your Fediverse presence.
The main reason other AP implementations have added it (or in the case of #Misskey, made signing objects enabled by default which was a reluctant decision) as well despite Authorized Fetch / #SecureMode not being documented in the spec is that plenty of big #MastoAdmins have enabled it for their instances thinking it will prevent harassment from instances they've blocked (despite the fact that AF is purely #securitytheater), forcing the rest of the #fediverse to adopt it to remain compatible. Even at the cost of performance (no more caching).
This is plain ol' #EmbraceExtendExtinguish or #EEE for short against AP and the fedi by the Mastodon monopoly, and nobody wants to talk about it because it undermines the narrative a lot of Mastodon admins are putting out to justify their fediblocking of #Threads. Would've been fine if they focused on the (real) harms #Facebook did to Burma for example, that's a totally fine reason to block FB. But screaming EEE just makes me roll my eyes on their #hypocrisy. :seija_coffee:
After Israel killed seven aid workers in Gaza, the US says it has not found any incidents of Israel violating international humanitarian law in the past six months. An Al Jazeera probe concluded the World Central Kitchen vehicles were deliberately hit.
an offensive instance, even if it has been posted about (a lot) before (just maybe check if the last 5 posts under the hashtag are not already about that instance)
an instance (currently) spamming (maybe indicate, that a limit is better, than a suspend in this case)
a general useful tip about fighting spam or trolls or whatever (think about whether it doesn't fit better under #FediBlockMeta)
recommendations to unblock an instance that is e.g. no longer spamming
Fediblock isn’t so you can sic the authorities on people who say stuff you don’t like, cop.
A revised Tier0 list (based on @Seirdy's Tier0 list, @gardenfence and the @iftas DNI list)
Other lists going away
git archives of blocklists from .social and other sites Oliphant used to use also going away
And interesting:
"You should still be able to use the Tier 0 Oliphant list and get a respectable list of blocks, though you'll notice certain more contentious entries like qoto and threads won't be on that list anymore"
Looks like at least one corner of the fedvierse is welcoming our new surveillance capitalism overlords!
Yesterday, our mod team began receiving a number of reports about one of our users, who had repeatedly expressed criticism of #TheBadSpace. To the best of our knowledge, this exchange involved a series of comments on a thread about the prospects of collective, decentralized blocklists, followed by a post on their own timeline in which they called out The Bad Space, listed the instances participating as Sources for its rating system, and linked to an article on the subject that was critical of the project. The post framed Kolektiva's inclusion on The Bad Space list as an 'attack on our community', and could be reasonably construed as an effort to rally users to respond to this 'attack.'
While some members of our mod team were already familiar with the controversy around The Bad Space, and the litany of accusations of anti-Black racism and transphobia/transmisogyny associated with these debates, this understanding was not equally shared across our team. It should be mentioned that our moderation team is composed of volunteers who do our best to keep on top of the moderation load as best we can, when we can. Several times since 2020, we have been caught off-guard by a snowballing controversy that most of our active mods needed some time to learn about and properly understand.
In an effort to avoid further escalation and division, and to avoid contributing to a new wave of harassment of Black and trans Mastodon users, one of our mods temporarily froze and limited the #Kolektiva user's account yesterday. This was done to give our team time to all research the issue and discuss it collectively (because that is how Kolektiva operates, for better or worse).
The post calling out The Bad Space and its partipating Source instances has been removed for violating of our code of conduct - specifically our policy against targeted harassment.
We realize that people are going to be upset with Kolektiva actions. Unfortunately, we see that as fairly unavoidable in situations like this.
Members of the Kolektiva mod team share concerns about the potential abuse of power that stems from centralized block lists, and the way that these threats can be magnified by the personal biases of the instance moderators who are tasked with deciding who gets included on these lists. That said, we also fundamentally respect instance operators' right to decide who they want to federate with, and we understand and appreciate the important role that tools like The Bad Space play in seeking to address the very real oppression and harassment faced by marginalized communities on the fediverse. As anarchists, we understand these efforts as manifestations of the principles of autonomy and voluntary association.
As we research this issue further, we encourage people to reach out to members of our mod team to share past or current examples of anti-Black racism or transphobia related to this issue, particularly if you think it provides pertinent context to this current situation.
We thank people for their patience and support, and encourage everyone to avoid playing broken telephone and otherwise furthering divisions between already maginalized groups.
Finally, we refer people to our About section, and specfically to the sections on Targeted Harassment, and the headings SAFETY AND DANGER ON THE FEDIVERSE and DEFEDERATING FROM OTHER INSTANCES.
This instance handles, on average, 6.5 reports of antisemitism a day.
Why is that significant? It's significant because Babka already suspends individual accounts, and Limits entire instances.
Despite this, we deal with ~6.5 new antisemitic accounts per day.
And yet, if we look at the graphs from Fediverse Observer, the number of active users on the Fediverse has gone down!
So what exactly does that mean, if the number of antisemitic accounts continues to grow and the number of active users continues to shrink?
It means that the number of antisemites on the Fediverse is quite large, and what we're seeing isn't new antisemites as much as it is antisemitism being so normalized that people feel comfortable spouting hate, and that despite blocking or silencing thousands of accounts, hate continues to be emboldened.
If a spambot-infested instance cleans up and the admin makes a statement, I remove it from the blocklist. I've done this after reading the following admin statements:
If a spambot-infested instance looks like it's all cleaned up, but the admin doesn't make a statement, I demote it from "Reject" to "Federated timeline removal". Without visibly active administration, I don't know if the instance could be a source of spam in the future; this measure at least proactively takes care of hashtag spam. See the "Federated timeline removal" section of our "About" page for these.
If an instance doesn't remove the spam accounts, even if they appear inactive, it remains suspended. The unmoderated instance remains a vector of spam (among other things) even if the spammers aren't using it at the moment.
As always, defederations on Akkoma don't sever connections; this affords us some flexibility.
Currently sleeping the sleep of the righteous, @andrew was up way too late building tools to fend off the current wave of fedi spam, playing whack-a-mole with bad accounts, and getting fedi friends up and running with their own blocklists.
I’d like to convene a discussion this week or next to do a mini retro on this attack and some #designthiking work around fedi spam fighting tools. If you’re interested in the discussion, @ me your email or send one to spamretro at hypatia dot ca and I’ll loop you in on it 🙏
Would love to have a proper UR/UX person on the call, I’m a mere amateur at that part 😅
Still going through and sending out invites for a retro/postmortem call regarding this weekend's spam attack, but in the interim I also made an asynchronous retro form: https://forms.gle/V4h9zBE6pcTvpQAx8
Also useful if you hate video calls, have a conflict on your calendar, or otherwise prefer writing. Thanks for sharing and/or replying!
someone on a Japanese hacker forum decided it was a good idea to spam the entire Fediverse because they wanted to cancel a minor that DDoSed a Discord bot which apparently made them lost millions (what?)
A Discord bot. I can't make this shit up man.
The real culprit seems to be someone who goes by mumei in the ctkpaarr.org forums, whose first post was literally a threat to ap12, that if they don't delete their "Kuroneko Server" Discord bot, they will spam every blog, forum and SNS and cancel him.
This shit is ridiculous.
The ap12 account from mastodon-japan was actually fake, and this dude impersonated a minor to get all of the Fediverse (us) to bully him.
It seems this happens occasionally on #fedi where malicious users decide to take advantage of instances with poor moderation to spam widely.
There are many solutions, but let me offer a simple change that stops spam dead in its tracks:
#nodebb has a post queue built in. If you have 0 reputation, you need your post to be manually approved. You can adjust this as needed, but even the default (allow regular posting after 1 upvote) is sufficient. Stops 👏spam 👏 cold 👏.
Today's attack proved that the Fediverse is unfortunate pretty vulnerable even to just a skid (or maybe OP who warned the skid).
The cause of the attack includes:
insufficient moderation on some servers allowing mass account creation.
no good methods to filter out even just a keyword for an entire instance.
Even though most of us survived the first wave, we have to prepare for the second and future ones:
Servers should enable the equivalent feature in their software that enables moderators to check if an account is ok first before letting them post anything.
Mastodon, Misskey and major software should implement a regex filter that ignores posts from any instances.
By the by if you haven't heard, I interviewed @ArtistMarciaX for the most recent issue of Logic(s) Magazine about Blackness and the #Fediverse, #Fediblock (they're the creator of the hashtag) among other related topics. They're a brilliant mind and also they're a damn good DJ, check out #AMXRadio!!!!
What are people's feelings on using the FediBlock tag for calling out individual accounts? Personally, I find it mildly annoying at best, in that most of these accounts are already acted upon by staff, but potentially harmful at worse if people are going there instead of immediately clicking the report button, or even worse, using it to call out a user by finding one of their worst out of context posts and putting it on blast.
Honestly, I'm using it as a tool to scope out instances that we need to block because they are literal Nazis, literal pedos, literally attempting to harass people off of the network, or otherwise bad faith. I would rather it not come into play for individual accounts, but be advance warning for when the actual staff of a server is the problem.
What do people think though? Is there a perspective I'm missing?
okay but fr, I don't see why this is shocking news. #mastodon, by default, works under the assumption that every instance is good unless proven otherwise. this is also true for many other Fediverse software.
the result is that anyone can get a new domain and mastodon will presume they're a new friendly neighborhood instance. most instances block both gab dot com and gabfed dot com for this exact reason.
(1/2) https://wedistribute.org/2023/12/authorized-fetch-circumvented
the only way to truly solve this is whitelisting instances instead of blacklisting. what #Mastodon calls "limited federation mode".
there's many ways to do this, including stuff like federating allowlists or using a semi-centralised trust source.
but in the end, it still comes down to whitelists.
that's something the vast majority of the Fediverse just doesn't do at the moment, but it may have to change at some point. we'll have to wait and see.
fb decides to block servers that most of fedi tends to block, including spinster, poast, gleason's mostr bridge, etc
gleason complains and spins up a server to evade the block
imagine if the best thing to happen out of threads federating would be FB initiating legal action against gleason
(edit: ok, that last line may make me look a bit pro-FB, but it's christmas day and I've been known to upset people by barely thinking about posts before making them. that said: going against FB in this way - evading blocks they set - seems like massive fuck around and find out behaviour)
that said: gleason has now implemented a feature in soapbox/rebased that allows evading of AUTHORIZED_FETCH by using a different domain to sign activitypub requests
Is #Mastodon just really shit at moderation tools or is mastodon.world just shit at moderating? Shouldn't there be some spam filter or some shit to prevent posts like this from even being published? Idfk because I'm not a #MastoAdmin. #fediblockmeta
There is a diversity of servers and a diversity of ways admins can act regarding Threads like:
Federating (users can still opt-out by blocking the domain)
Limiting (users won’t see threads posts by default, but can still opt-out even more by blocking the domain)
Blocking Threads (defederating) denying the choice from users. In this configuration the users have no other choice but to have Threads blocked or move to another server
But here’s one new intermediate option admins can choose (if softwares other than pixelfed implements it or admins manipulate their databases):
Blocking Threads by default, but leaving the option for users to opt-in.
This has, as far as I’m aware, never been done before, but it would avoid like 90+% of the defederation dramas. If an admin want to block an instance to protect their users, but there is still legitimate reasons to federate with them, then opt-in is absolutely the way to go.
User-level Authorized Fetch also seems like a great idea to me. More security without taking too much ressources.
Pixelfed is full of great ideas like this. For example, replies control, something that exists on instagram since forever, that bluesky is working on and has been a discussion for a long time on the fediverse with no real implementation before pixelfed.
Am seeing some (to my memory) mistaken history on the Fediverse organizing that I was senior in, that successfully fought to #isolategab back in the day. Was thinking about writing up a detailed, sourced account of that movement as I was very much on those front lines advocating to block. I’d also list differences between then and now with Meta in my view. What do you think?
imo servers should only be blocked for not policing users that are assholes to users on other servers, cause that can make the whole network unwelcoming. post as much crap you want if you're not tagging people who you aren't sure want to see that. responding to a conversation you're not part of with a controversial opinion is an edge case. do it carefully and apologize and back off if people react negatively.
I'd love to know the thinking behind all isolated servers. #fediblockmeta
So annihilation.social, which seems to be an instance with known issues, is running a bot to identify and post about instances that are blocking #threads.
Other users are then using those posts to send messages to the instance admins asking them to justify their decision (to harass admins of instances that block #Meta, basically).
US says Israel has not violated international law during Gaza war ( www.aljazeera.com )
After Israel killed seven aid workers in Gaza, the US says it has not found any incidents of Israel violating international humanitarian law in the past six months. An Al Jazeera probe concluded the World Central Kitchen vehicles were deliberately hit.