this post was submitted on 06 Mar 2024
145 points (80.6% liked)

Fediverse

17735 readers
33 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

founded 5 years ago
MODERATORS
 

Highlighting the recent report of users and admins being unable to delete images, and how Trust & Safety tooling is currently lacking.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 30 points 8 months ago (2 children)

At this point, most of the solutions the ecosystem has relied on have been third-party tools, such as db0’s fantastic Fediseer and Fedi-Safety initiatives. While I’m sure many people are glad these tools exist, the fact that instances have to rely on third-party solutions is downright baffling.

I'm not sure I see the issue here, what's the point of an open ecosystem if you don't make use of any third party tools? Fedi-safety in particular feels like it should not be part of the core project

[–] [email protected] 31 points 8 months ago (3 children)

There's nothing wrong with having good third-party tools, that was not my point. db0 in particular has done some amazing, amazing work.

What's fucked, however, is having a project:

  • whose core infrastructure only offers the most threadbare tools
  • there's zero consideration from development on privacy, user safety, or basic controls to handle when shit hits the bed
  • the devs are stone silent when waves of CSAM crash through instances
  • they openly mock people or say they're "too busy to do this" when it comes to meeting the most basic expectations of how a social platform ought to work.

Like, this is not an attack on Lemmy itself, I think the platform can be a real force for good in the Fediverse. But let's be honest, this project is not going to live very long if nothing changes.

Basic things like having the ability to easily remove images from storage should be part of the core platform. The fact that this still isn't a thing even four years into the project is insane.

[–] [email protected] 21 points 8 months ago (1 children)

The first time some random user files a sue in court the admins of their instance will be in trouble.

Lemmy devs are not affected, but instance admins are and according to the GDPR they are considered "data controllers" and are responsible for the processing of users' data.

As far as I understand it, this lacking feature is an open "challenge" to existing regulation and legislators, maybe also to open people's eyes about the fact that privacy claims are often not enforced even by those who claim to do so.

[–] [email protected] 15 points 8 months ago (2 children)

Its simply not true that we have zero consideration for privacy or user safety. But that is only one aspect of Lemmy, we also have to work on many other things. And we werent silent during the CSAM wave, but most of it was handled by admins and all the related issues are long resolved. Lemmy has 50k active users, its obvious that we are too busy to work on every single thing that some individual user demands.

There is a reason that Lemmy still has version 0.x. If you have such high demands then you shouldnt use it, and switch to another platform instead. And yes you are clearly stoking an attack against Lemmy, I wonder why you hate our project so much.

[–] [email protected] 6 points 8 months ago

Look, no one is ungrateful for the work you and Dessalines are doing. I get it - I helped run a large-scale federated open source social network over a decade ago. It's an amazing, incredible experience - but, it's also grueling, demanding work, and community members and users can be incredibly fickle. Especially when it comes to living off of donations, and having to carve out a technical stack all by yourself. That shit is hard.

Here's the thing: your users, your community, your efforts in general, pretty much ride or die by the people who run instances of your software, advocate for your platform, and develop apps and tools for your ecosystem. If something is broken at a foundational level, it's ultimately your responsibility to decide what to do about it.

Code is not the only fruit of someone's labor here. Your community is doing a lot of labor for you too, and making even less money doing so. At some point, if people don't think their needs are being met to keep running their communities and stave off the worst of the worst, it's going to tank people's confidence. People will leave. And they'll talk on the way out. Optics matter.

I'm not saying you have to drop everything to accommodate some random concern right away. But some of the responses you've given to people that had reasonable asks, that had reasonable use-cases in ensuring smooth operations of instances in compliance of laws...some of your reactions are terrible.

If your default when someone asks you about GDPR compliant features is to scream at people, demand that they do the work for you, make excuses that you're too busy, or belittle someone because you disagree with someone, you're doing community management ass-backwards, and you're burning away community goodwill every time you do it. It's hostile and demoralizing, and people will come to resent you for it.

If you have such high demands then you shouldnt use it, and switch to another platform instead. And yes you are clearly stoking an attack against Lemmy, I wonder why you hate our project so much.

See, this is exactly what I'm talking about. Someone asks for something, points out problematic behavior, gives feedback on how something could be better, and you lean into the myopic belief that this is somehow an attack or an effort to undermine you. My brother in Christ, if there is any ill-will towards how you do things, it is because of your own behavior, not on the merits of your project, your political alignment, or who you are as a person.

I don't hate your project, but you need to pull your head out of your ass, and realize that you're dropping the fucking ball on trust and safety. People hosting instances aren't going to stick around forever if you keep defaulting to hostility.

[–] [email protected] 3 points 8 months ago

There is a stark difference between closing an issue and actually resolving the problem. You're right; lots of those issues are closed. The identified problems remain and don't go away merely because you close an software repo issue on it.

[–] [email protected] 13 points 8 months ago (1 children)

There's no guarantee on third party tools continuing to work with Lemmy. Something as critical as deleting images, which can cause problems like revenge porn and such, must be given priority by the official project.

[–] [email protected] 21 points 8 months ago (2 children)

We will never block third party tools, and will always have an open API.

One of the PRs I've been working on, is an interface to view your image uploads and delete them. This is not trivial, but will probably be in the next release.

[–] [email protected] 6 points 8 months ago

Thank you for your service

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago)

Lemmy providing an open API does not mean that third parties maintain compatibility forever. (Edit: for example, what happens if the third party app gets taken away by a malicious maintainer? Or becomes buggy, or un-maintainable, project dies, etc.)

I don't want to upset you, but I think I have to say this for the sake of the community. The attitude like "we provide an API, so third parties will follow," is what is causing instance admins' distrust in the first place.