this post was submitted on 28 Aug 2023
1745 points (97.9% liked)

Lemmy.World Announcements

29084 readers
228 users here now

This Community is intended for posts about the Lemmy.world server by the admins.

Follow us for server news 🐘

Outages 🔥

https://status.lemmy.world/

For support with issues at Lemmy.world, go to the Lemmy.world Support community.

Support e-mail

Any support requests are best sent to [email protected] e-mail.

Report contact

Donations 💗

If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.

If you can, please use / switch to Ko-Fi, it has the lowest fees for us

Ko-Fi (Donate)

Bunq (Donate)

Open Collective backers and sponsors

Patreon

Join the team

founded 2 years ago
MODERATORS
 

Hello everyone,

We unfortunately have to close the !lemmyshitpost community for the time being. We have been fighting the CSAM (Child Sexual Assault Material) posts all day but there is nothing we can do because they will just post from another instance since we changed our registration policy.

We keep working on a solution, we have a few things in the works but that won't help us now.

Thank you for your understanding and apologies to our users, moderators and admins of other instances who had to deal with this.

Edit: @[email protected] the moderator of the affected community made a post apologizing for what happened. But this could not be stopped even with 10 moderators. And if it wasn't his community it would have been another one. And it is clear this could happen on any instance.

But we will not give up. We are lucky to have a very dedicated team and we can hopefully make an announcement about what's next very soon.

Edit 2: removed that bit about the moderator tools. That came out a bit harsher than how we meant it. It's been a long day and having to deal with this kind of stuff got some of us a bit salty to say the least. Remember we also had to deal with people posting scat not too long ago so this isn't the first time we felt helpless. Anyway, I hope we can announce something more positive soon.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 92 points 1 year ago (2 children)

Imagine if you were the owner of a really large computer with CSAM in it. And there is in fact no good way to prevent creeps from putting more into it. And when police come to have a look at your CSAM, you are liable for legal bullshit. Now imagine you had dependents. You would also be well past the point of being respectful.

On that note, the captain db0 has raised an issue on the github repository of LemmyNet, requesting essentially the ability to add middleware that checks the nature of uploaded images (issue #3920 if anyone wants to check). Point being, the ball is squarely in their court now.

[–] [email protected] 16 points 1 year ago (1 children)

I think the FBI or eqivilant keeps a record of hashes for a known CASM and middleware should be able to compare to that. Hopefully, if a match is found, kill the post and forward all info on to LE.

[–] [email protected] 14 points 1 year ago (3 children)

Interesting. But aren’t hashes unique to a specific photo? Just a single change to the photo would inevitably change its hash.

I think Apple was going to implement a similar system and deploy to all iPhones/Macs in some iOS/macOS update. However was eventually 86’d due to privacy concerns from many people and the possible for abuse and/or false positives.

A system like this might work on a small scale though as part of moderating tools. Not sure where you would get a constantly updated database of CSAM hashes though.

[–] [email protected] 11 points 1 year ago (2 children)

Interesting. But aren’t hashes unique to a specific photo? Just a single change to the photo would inevitably change its hash.

Most people are lazy and stupid, so maybe hash checking is enough to catch a huge portion (probably more than 50%, maybe even 80% or 90%?) of the CSAM that doesn't bother (or know how) to do that?

[–] [email protected] 1 points 1 year ago

I'm almost positive they've been developing an image recognition AI that will make slightly altering csam photos obsolete.

Here's hoping.

[–] [email protected] 1 points 1 year ago

A hash would change if even one bit changed in that file. This could be from corruption, automated resizing by any photo processing tools (i.e., most sites will resize photos if you give them one too big), saving a lossy file time again (adding more jpg), etc.. This is why there aren’t many automated tools for this detection. Sites that have tried by using skin tones in a photo have failed spectacularly.

I’ve never heard of this FBI middleware. Does anyone have the link to this? I’d like to understand what tools are available to combat this as I’ve been considering starting my own instance for some time now.

[–] [email protected] 5 points 1 year ago (1 children)

In my utopia world, the FBI has a team updating the DB.

The utopia algorithim would do multiple subsets of the picture so cropping or watermarking wouldn't break the test (assume the 'crux' of the CSAM would be most likely unaltered?) , maybe handle simple image transformations (color, tint, gamma, etc.) with a formula.

[–] [email protected] 1 points 1 year ago
[–] [email protected] 1 points 1 year ago

IMO scanning images before posting them to a forum is a distinct and utterly completely different world than having your photo collection scanned. Especially in context and scale

[–] [email protected] 8 points 1 year ago (1 children)

You can already protect your instance using CloudFlare’s CSAM protection, and sorry to say it, but I would not use db0’s solution. It is more likely to get you in trouble than help you out. I posted about it in their initial thread, but they are not warning people about actual legal requirements that are required in many places and their script can get you put in jail (yes, put in jail for deleting CSAM).

[–] [email protected] 1 points 1 year ago (1 children)

The developers of LemmyNet are being asked for the ability to define a subroutine by which uploaded images are to be preprocessed and denied or passed thereafter. There is no such feature right now. Even if they wanted to use CloudFlare CSAM protection, they couldn't. That's the entire problem. This preprocessing routine could use Microsoft PhotoDNA and Google CSAI, it could use a self-hosted alternative as db0 desires or it could even be your own custom solution that doesn't destroy, but stores CSAM on a computer you own and stops it from being posted.

[–] [email protected] 1 points 1 year ago (1 children)

Even if they wanted to use CloudFlare CSAM protection, they couldn't.

? CF’s solution happens at the DNS level. It has absolutely nothing to do with lemmy and there’s nothing the devs could do to change that.

[–] [email protected] 1 points 1 year ago

Yeah I just looked it up. Serving stuff through CF does a check for illicit material. Pretty neat. Be that as it may, the original complaint is that Lemmy is lacking moderation tools. Such a moderation tool would be something that disallows CSAM even being stored in the server in the first place.