this post was submitted on 28 Aug 2023
1746 points (97.9% liked)

Lemmy.World Announcements

28381 readers
2 users here now

This Community is intended for posts about the Lemmy.world server by the admins.

Follow us for server news ๐Ÿ˜

Outages ๐Ÿ”ฅ

https://status.lemmy.world

For support with issues at Lemmy.world, go to the Lemmy.world Support community.

Support e-mail

Any support requests are best sent to [email protected] e-mail.

Report contact

Donations ๐Ÿ’—

If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.

If you can, please use / switch to Ko-Fi, it has the lowest fees for us

Ko-Fi (Donate)

Bunq (Donate)

Open Collective backers and sponsors

Patreon

Join the team

founded 2 years ago
MODERATORS
 

Hello everyone,

We unfortunately have to close the !lemmyshitpost community for the time being. We have been fighting the CSAM (Child Sexual Assault Material) posts all day but there is nothing we can do because they will just post from another instance since we changed our registration policy.

We keep working on a solution, we have a few things in the works but that won't help us now.

Thank you for your understanding and apologies to our users, moderators and admins of other instances who had to deal with this.

Edit: @[email protected] the moderator of the affected community made a post apologizing for what happened. But this could not be stopped even with 10 moderators. And if it wasn't his community it would have been another one. And it is clear this could happen on any instance.

But we will not give up. We are lucky to have a very dedicated team and we can hopefully make an announcement about what's next very soon.

Edit 2: removed that bit about the moderator tools. That came out a bit harsher than how we meant it. It's been a long day and having to deal with this kind of stuff got some of us a bit salty to say the least. Remember we also had to deal with people posting scat not too long ago so this isn't the first time we felt helpless. Anyway, I hope we can announce something more positive soon.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 11 points 1 year ago (3 children)

Couldn't one small change in the picture change the whole hash?

[โ€“] [email protected] 20 points 1 year ago (2 children)

Good question. Yes. Also artefacts from compression can fuck it up. However hash comparison returns percentage of match. If match is good enough, it is CSAM. Davai ban. There is bigger issue however for developers of Lemmy, I assume. It is a philosophical pizdec. It is that if we elect to use PhotoDNA and CSAI Match, Lemmy is now at the whims of Microsoft and Google respectively.

[โ€“] Lmaydev 10 points 1 year ago (1 children)

Honestly I'd rather that than see shit like this any day.

[โ€“] [email protected] 11 points 1 year ago* (last edited 1 year ago) (1 children)

The bigger thing is that hash detection tools don't want to give access to just anyone, and just anyone can run a Lemmy instance. The concern is that you're effectively giving the CSAM people a way to know if they'll be detected.

Perhaps they can allow some of the biggest Lemmy instances to use the tech, but I wouldn't expect it to be available to everyone.

[โ€“] [email protected] 7 points 1 year ago (1 children)

Mod tools are not Lemmy. Give admins and mods an option. Even a paid one. Hell. Admins of Lemmy.world could have us donate extra to cover costs of api services.

[โ€“] [email protected] 16 points 1 year ago

I agree. Perhaps what Lemmy developers can do is they can put slot for generic middleware before whatever the POST request is in Lemmy API for uploading content? This way, owner of instance can choose to put whatever middleware for CSAM they want. This way, we are not dependent on developers of Lemmy for solution to pedo problem.

[โ€“] [email protected] 17 points 1 year ago (1 children)

If they hash the file binary data, like CRC32 or SHA, yes. But there are other hash types out there, which are more like "fingerprints" of an image. Think of how Shazam or Sound Hound can recognize a song playing, despite the extra wind, static, etc that's present. There are similar algorithms for images/videos.

No idea how difficult those are to implement, though.

[โ€“] [email protected] 7 points 1 year ago

There are FOSS applications that can do that (czkawka for example). What I'm not sure it's if the specific algorithm used is available and, more importantly, if the csam hashes are available for general audiences. I would assume if they are any attacker could check first and get the right amount of changes.

[โ€“] [email protected] 4 points 1 year ago

One bit, in fact. Luckily there are other ways of comparing images without actually showing them to human eyes that allow you to calculate a percentage of similarity.