XSF Discussion - 2022-05-17

  1. qy

    moparisthebest: you use pleroma? You must be a neonazi, shunnnn /s

  2. qy


  3. Zash


  4. qy

    Legitimately the default response to pleroma users, on mastodon

  5. Zash

    Seems a bit inappropriate for here tho

  6. qy

    ...fair point

  7. menel

    And not really true. There are more mastodon users that dont care then those that respond that way. Its selective perception

  8. moparisthebest

    Yea I really appreciate that XMPP doesn't have that kind of nonsense https://github.com/mastodon/mastodon/issues/11816

  9. moparisthebest

    Political affiliation by software choice just seems nuts :)

  10. Zash

    I think there's a mismatch somewhere with expectation of privacy in this kind of completely public microblogging thing.

  11. Zash

    Scaling human communications to that level seems to be a Very Hard Problem.

  12. jonas’

    scaling humans to that tribe size is a very hard problem

  13. Zash

    XMPP being strong in private chat use cases is probably what spares us from most of that kind of drama.

  14. moparisthebest

    Yea and that doesn't even get into the "Nazi" thing that I still have no idea as to where that came from

  15. jonas’

    do I want to know?

  16. moparisthebest

    That's a good point Zash , never thought about it that way

  17. jonas’

    judging by the amount of drama around s.j.n, I think that is an accurate assessment.

  18. Zash

    jonas’, I don't think it will make you happier to know

  19. jonas’

    Zash, then I pass, thank you very much

  20. moparisthebest

    jonas’: you know all I know, some people seem to legitimately believe you run pleroma and that means you are a Nazi

  21. jonas’

    well that's more than I knew

  22. moparisthebest

    I never looked into origins because it's too stupid of a premise

  23. pep.

    "moparisthebest> Political affiliation by software choice just seems nuts" and yet it happens everywhere. Probably not a surprise that I'm saying this, developers (and/or software designers) make choices and these have an (marginal, or not) effect on people using their software. That's politics for you. What happens with Mastodon is just the contiuation of this, maybe taken to some length already

  24. pep.

    As an xmpp developer, your software shapes the way people communicate and interact, and that isn't a small part in human behaviour

  25. moparisthebest

    pep., you are getting deep and this isn't even surface level

  26. moparisthebest

    this would be the same as if prosody users called ejabberd users nazis for using ejabberd

  27. pep.

    I disagree that this isn't on the same plane

  28. moparisthebest

    I seriously suspect the origin is that a nazi instance ran pleroma and silly users associated it in their mind

  29. Guus

    Some people are nuts. I have been on the receiving end of compassionate and derogatory remarks about members of 'the other team', where the sole difference between that team and us was an arbitrary individual choice made years prior, between one of two team colors. That, somehow, makes you somehow a lesser person in the opinion of some, it appears. It baffles me to this day.

  30. Holger

    Robbers Cave.

  31. Sam

    FWIW it has been my experience as a moderator that all the Nazi instances run pleroma, I'm not sure why. Of course the converse is not true which is why that issue makes no sense.

  32. moparisthebest

    maybe it's that all the *smaller* instances run pleroma ?

  33. Sam

    Could be

  34. jonas’

    correlation does not imply causation

  35. Guus

    Holger: I had to read up on that. Yes.

  36. Holger

    The question whether it makes sense to block Pleroma in order to block Nazis is just about correlation though, no? 🙂

  37. jonas’

    it is

  38. pep.

    Just like Tor is for spammers and child abusers

  39. pep.

    That's why everybody blocks Tor of course

  40. pep.

    I think that's a good comparison to Pleroma blocking :)

  41. Holger

    Or like some XMPP instances block Cyrillic messages?

  42. pep.

    Yeah because correlation definitely imply causation

  43. pep.

    Yeah because correlation definitely implies causation

  44. pep.

    (or does it)

  45. Holger

    Huh? If my goal is blocking Nazi content and the Nazi<->Pleroma colleration seems strong enough, I don't care whether being a Nazi makes you use Pleroma, or Pleroma usage makes you a Nazi, or whether there's no causality?

  46. Holger

    Colleration? Coloration! Stick to easy words, Holger.

  47. pep.

    I do still agree though that software could be more less welcoming to anything far-right

  48. Holger

    Yes so do I. At least I can imagine certain functionality being more relevant to use cases of certain groups of people, and also cultural differences yes.

  49. pep.

    I do still agree though that software could be made less welcoming to anything far-right

  50. moparisthebest

    I could imagine certain software being like that possibly, not XMPP software though, and probably not ActivityPub

  51. pep.

    Why not, why is that impossible to do with XMPP or AP

  52. pep.

    or not desirable

  53. moparisthebest

    maybe I just don't have that good of an imagination

  54. moparisthebest

    give me an example of how, say, prosody, can be made less welcoming to anything far-right

  55. pep.

    To put away far-right people I'm not entirely sure. You make them unwelcome in the community, but in the software I don't know. You can change the license, that works especially well for liberals that don't like to have to use (A)GPL stuff (they don't care when they're too small and they don't care when they're too big either, but in the middle it's a nice repellent).

  56. pep.

    I'm open for some more ideas

  57. Zash

    Hasn't in in the AP context mostly focused on improving moderation tooling and such?

  58. pep.

    Yeah that's also nice. I don't know about AP in general but lemmy is quite far behind :/

  59. pep.

    I'd say more than XMPP, and that's not really hard to beat

  60. moparisthebest

    right in my experience all "make software stop bad people" advocates do this: 1. say "you should make your software more welcoming to good people / less welcoming to bad people, and if you don't, you are a bad person" 2. answer "well how would you do that" with "I have nfi"

  61. moparisthebest

    I legitimately don't know how to respond to this

  62. Zash

    While I think there is much room for improving moderation in XMPP, it is not as relevant for private chat.

  63. Zash

    Blocking and abuse reporting, which can certainly be improved, but it gets worse in the AP ecosystem with public profiles and posts etc.

  64. Zash

    Technical solutions to social problems?

  65. moparisthebest

    moderation can definitely be improved, but if people are looking for a "report to twitter police" button that's never going to happen in a federated system

  66. msavoritias

    Yeah moderation is pretty bad in xmpp

  67. pep.

    Zash, some part of it is, but I don't know if I want to limit XMPP to just private chat

  68. pep.

    And having moderations tools for that is definitely of help

  69. Kev

    > moderation can definitely be improved, but if people are looking for a "report to twitter police" button that's never going to happen in a federated system It could. There is a logical flow of alerting your admin to issues with federated servers, and the server's admin to issues on their server.

  70. pep.


  71. moparisthebest

    to your admin, or contacts admin yes, but never some central entity with 1 set of policies or whatever

  72. Guus

    are we finally building spam controls? \o/

  73. pep.

    I'd say moderation not just spam

  74. Zash

    I think we're at a decent place wrt spam. If we're discussing the issues faced in the ActivityPub ecosystem then it's more about other kinds of abuse.

  75. Sam

    We don't need a central entity, just a better way to do it. I keep getting spammed by some mov.im user but have no way to report them go my admin or mov.im. That would discourage things.

  76. pep.

    I reported a user to edhelas today

  77. moparisthebest

    there's a terrible thing that happens on the fediverse where 1 person sees 1 person @ another instance that says something they don't like, and tags it with #fediblock trying to get their admin to de-federate from the entire domain https://mastodon.social/tags/fediblock

  78. pep.

    But yeah that's a pretty manual process

  79. Sam

    Or there could be a way for multiple federated servers to share their block lists, that's more centralized but still federated

  80. moparisthebest

    let's *not* even try to replicate that nonsense

  81. pep.

    Sam, server buddies!

  82. Zash

    XEP-0377 does define a reporting mechanism, which can be forwarded to the remote admin

  83. Sam

    Right, multiple servers that have similar policies could ban together to share the moderation workload!

  84. Zash

    Whether more XEP work is needed is uncertain

  85. Zash

    And they could put sanctions on those that don't!

  86. Sam

    Yah, more xep work isn't helpful if there's no interest in server admins doing the work to support it

  87. Sam

    Just because one person over uses the report or #fediblock button doesn't mean we should have no reporting.

  88. Sam

    Admins don't have to block a whole server just because one person reported a user.

  89. Zash

    XEP work such as making this example less intimidating maybe? https://xmpp.org/extensions/xep-0268.html#report

  90. Zash

    Or "just" look up contact addresses and forward there

  91. moparisthebest

    not saying that, just saying that's what it seems to have morphed into on the fediverse "block this entire domain because 1 person is a jerk, we won't even contact admins"

  92. Sam

    I don't think that's actually a thing most instances do, and they probably reported it too.

  93. Sam

    Besides, we don't have the same sort of public posting, so I don't see the relevance to the examples you were countering with that.

  94. Sam

    Anyways, point is that it's easy to imagine making servers, clients, and the network as a whole less welcoming to trolls. The exact implementation doesn't matter, I was just givingvexamples.

  95. moparisthebest

    yes I don't really think it'll be a problem with private reporting to admins

  96. moparisthebest

    I suspect the problem on the fediverse is people do it for internet points because it's public

  97. Zash


  98. Sam

    I think they probably do it because it helps other admins, but sure. I've avoided a spam wave on our server because I saw the #fedublock hash tag, it's very useful.

  99. Sam

    Fedi, even.

  100. Zash

    Hm, federation level votekick?

  101. moparisthebest

    just browsing the ones that showed up on the page I linked it looks like approx 75% trash reports "user said something I didn't like" and about 25% good ones "spam and I contacted moderator who was unwilling to moderate"

  102. Sam

    Nah, not voting, just sharing information quickly where it's needed.

  103. moparisthebest

    but yes, Zash 's comic hit it on the head

  104. Sam

    So? Users will make bad reports whether it's public or private. If the signal to noise ratio is too high it's not useful but in my experience it's mostly obvious and easy to use the info. And if you don't like it then don't use it. There's no voting or binding anything.

  105. Zash

    There's https://github.com/JabberSPAM/blacklist for those that don't keep their (public) servers in check. And that pubsub based thing that can ban people from participating MUCs at the same time.

  106. moparisthebest

    I think users will make many many many more bad reports if it's public

  107. Zash

    That is probably true (see above comic)

  108. pep.

    moparisthebest, I'm not arguing in favor of cancelling, I think cancelling is misguided at best, but let's not forget these people are also marginalised people and they're trying to repair an injustice that's been done to them, for literaly as long as they've been "a thing" they haven't been socially accepted by the majority. So maybe we can nuance our speech. It's not an "oppression olympics" or to "gain internet points" for the majority of them

  109. Sam

    Maybe, but it has still been very useful to me

  110. pep.

    Yes there's always "the one case", on every side

  111. Sam

    And even if it is… who cares? Just ignore those people and when a giant wave of reports comes in for the same instance investigate it

  112. pep.

    I was talking about "the one case" to avoid having it said back to me

  113. pep.

    I was mentioning "the one case" to avoid having it said back to me

  114. moparisthebest

    Sam, right, so how does it being public help with that

  115. Sam

    Public means that I can get to it and make use of it, but I don't care if it's public or not really as long as I can get to it somehow

  116. Sam

    And if you don't like it, again, just don't go to that hash tag. Or filter it, even.

  117. moparisthebest

    isn't going to the admin of your instance + admin of remote instance enough?

  118. Sam

    No, I literally just gave an example for why it's not

  119. moparisthebest

    if they have some system to share it automatically with like-minded instances then good

  120. Sam

    A bunch of servers were blocking a Nazi spam wave. It hadn't reached our instance yet so we got no reports, and obviously the spamming instances didn't care. I used the tag and blocked themz we avoided the worst of it that way

  121. moparisthebest

    I just seriously suspect the signal:noise ratio will go from maybe 10:1 being private to 1:100 at least, making moderation *less* effective

  122. moparisthebest

    in extreme cases admins could post publicly of course

  123. moparisthebest

    does anyone remember how public reporting in operators@ went not so long ago ? that's what public reporting looks like

  124. Sam

    It doesn't make things worse, that specific tool goes away and you're just left with reports like you had before

  125. pep.

    So what are you arguing for, moparisthebest? no moderation?

  126. moparisthebest

    I don't even remember what was reported or why, I do remember walls of text and needing to ban people :P

  127. moparisthebest

    pep., of course not, reporting to admins, not publicly

  128. pep.

    Isn't that.. the same? Except it's public. Just as Sam says, don't follow the tag if you don't want to see it?

  129. Sam

    Anyways, servers federating block lists with other servers that trust them seems like a good place to start

  130. pep.

    Reporting in operators@ is bad because it's not the only kind of info that gets there, also it's not the same kind of medium

  131. moparisthebest

    I agree Sam

  132. Zash

    Perhaps what you're after here is a public audit log of blocked instances?

  133. Zash

    Rather than the reports themselves

  134. moparisthebest

    probably also good

  135. moparisthebest

    pep., not the same at all, see previous conversation: > https://www.penny-arcade.com/comic/2004/03/19/green-blackboards-and-other-anomalies > I just seriously suspect the signal:noise ratio will go from maybe 10:1 being private to 1:100 at least, making moderation *less* effective

  136. pep.

    It also depends on the governance model. I personally don't want to be just a one-person thing doing all the moderation. I think that should be a community thing

  137. pep.

    No one person taking the shots

  138. moparisthebest

    right, so what Sam / Zash said about public / shared block lists ?

  139. moparisthebest

    that has no bearing on whether the *actual reports* are public

  140. msavoritias

    So if i want to report an account i need to know who my admin is and privately message them now? Or find the operators room?

  141. moparisthebest

    currently you private message your admin yes, but obviously that could and should be made better :)

  142. moparisthebest

    in an ideal world everyone has a server where they personally know their admin...

  143. msavoritias

    Yeah. I would like a simple report button

  144. msavoritias

    And the block to actually block

  145. msavoritias

    I agree with the shared blocklists too. And i would say even subrcribe and share blocklists would be nice. And extending them to users

  146. Zash

    We have ways to advertise and discover contact methods for a service <https://xmpp.org/extensions/xep-0157.html>

  147. Zash

    And it's certainly a good idea to know who runs your service

  148. pep.

    And 377 is also a thing, or could be pretty easily

  149. pep.

    moparisthebest, well if I want the community to know I'd rather have it public, at least to the community

  150. pep.

    instance-wide, in fedi terms

  151. moparisthebest

    pep., the blocklist, or the reports ? blocklist fine, reports problematic

  152. pep.

    Depends on the reports

  153. moparisthebest

    even making admin-approved reports public would be fine

  154. pep.

    I guess the community could mandate a moderation group that can have access to private reports, but as long as that's not a thing, that's public reports all the way for this governance model

  155. moparisthebest

    but if they are *all* public by default you'll see the signal:noise ratio go off the charts like you do on the fediverse

  156. pep.

    Well that's a choice I'm willing to take to have everybody chip in instead of making one-sided decisions

  157. pep.

    Well that's a choice I'm willing to make to have everybody chip in instead of making one-sided decisions

  158. moparisthebest

    it sounds like you are talking about a moderation team, ie group of admins, obviously they could see everything, but that's not public

  159. pep.

    Why does it matter to you if my instance's moderation reports are public, really

  160. pep.

    Why does it matter to you if a group of people want to make their moderation reports public. You can just not look at it, as Sam said earlier (again)

  161. msavoritias

    Yeah why not just not specify or make it a choice

  162. pep.

    Maybe having the reports public help people come together as stronger, maybe not, maybe they do want whoever has been decided to handle this to handle it privately. But please let's not bake that into the protocol

  163. pep.

    (Or whatever this way)

  164. moparisthebest

    pep., it doesn't matter to *me personally* but there is ample evidence this *will* inundate you with more trash reports than good ones, glhf :D

  165. moparisthebest

    private reports should be "baked into the protocol"

  166. moparisthebest

    if the recipient chooses to make them public then it's on them

  167. pep.

    Or let's bake it in a way it makes sense, rather. I guess using 0377 atm people (developers?) would certainly assume it's sent to the server privately and there's no mention of what happens with the data is there. It seems to imply it's being reported to the server operator "somehow". So I guess that's up to the privacy policy or ToS or community guidelines..

  168. pep.

    Or let's bake it in a way it makes sense, rather. I guess using 0377 atm people (developers?) would certainly assume it's sent to the server privately and there's no mention of what happens with the data is there. It seems to imply it's being reported to the server operator "somehow". So I guess that's up to the privacy policy or ToS or community guidelines to specify behaviour

  169. moparisthebest

    seems sensible

  170. pep.

    I'd like to prevent clients saying anything about the data being private though..

  171. Sam

    You keep insisting that the signal to noise ratio is off the charts. I, an admin, still say it's useful. Not perfect by any means, but still useful.

  172. Sam

    Asserting your statement that it's too high as fact doesn't seem right.

  173. moparisthebest

    not "too high" just "more noise than signal"

  174. moparisthebest

    they'll both scale with volume

  175. Sam

    I'm not sure even that is true

  176. Sam

    Could be, I'm not asserting that it's not, but it seems useful enough that I'm not so sure

  177. moparisthebest

    Sam, what's useful? reports? or public reports only? the latter is what I'm having trouble seeing

  178. Sam

    I'm not sure what to tell you then. The example I gave is a real world one that has happened on our server.

  179. moparisthebest

    Sam, and a shared blocklist would have done the same except you wouldn't have even had to react right? so better?

  180. Sam

    Maybe, maybe not. Depends how widely it was shared and which services were being impacted when. This isn't an either/or situation.

  181. moparisthebest

    sure, not like someone can never post publically, just having that as the only mechanism is pretty poor

  182. msavoritias

    I dont think anybody here said public as the only option though. I can imagine some cases where the user may want to report privately

  183. moparisthebest

    On fediverse it's only public unless you PM admins, that's the UI we should avoid

  184. phryk

    You talking about the moderation system?

  185. Sam

    What? There's an actual moderation system too where you alert the admins of both servers