XSF Discussion - 2022-05-17

moparisthebest: you use pleroma? You must be a neonazi, shunnnn /s

#JustFediThings

Ehrm.

Legitimately the default response to pleroma users, on mastodon

Seems a bit inappropriate for here tho

...fair point

And not really true. There are more mastodon users that dont care then those that respond that way. Its selective perception

Yea I really appreciate that XMPP doesn't have that kind of nonsense https://github.com/mastodon/mastodon/issues/11816

Political affiliation by software choice just seems nuts :)

I think there's a mismatch somewhere with expectation of privacy in this kind of completely public microblogging thing.

Scaling human communications to that level seems to be a Very Hard Problem.

scaling humans to that tribe size is a very hard problem

XMPP being strong in private chat use cases is probably what spares us from most of that kind of drama.

Yea and that doesn't even get into the "Nazi" thing that I still have no idea as to where that came from

do I want to know?

That's a good point Zash , never thought about it that way

judging by the amount of drama around s.j.n, I think that is an accurate assessment.

jonas’, I don't think it will make you happier to know

Zash, then I pass, thank you very much

jonas’: you know all I know, some people seem to legitimately believe you run pleroma and that means you are a Nazi

well that's more than I knew

I never looked into origins because it's too stupid of a premise

"moparisthebest> Political affiliation by software choice just seems nuts" and yet it happens everywhere. Probably not a surprise that I'm saying this, developers (and/or software designers) make choices and these have an (marginal, or not) effect on people using their software. That's politics for you. What happens with Mastodon is just the contiuation of this, maybe taken to some length already

As an xmpp developer, your software shapes the way people communicate and interact, and that isn't a small part in human behaviour

pep., you are getting deep and this isn't even surface level

this would be the same as if prosody users called ejabberd users nazis for using ejabberd

I disagree that this isn't on the same plane

I seriously suspect the origin is that a nazi instance ran pleroma and silly users associated it in their mind

Some people are nuts. I have been on the receiving end of compassionate and derogatory remarks about members of 'the other team', where the sole difference between that team and us was an arbitrary individual choice made years prior, between one of two team colors. That, somehow, makes you somehow a lesser person in the opinion of some, it appears. It baffles me to this day.

Robbers Cave.

FWIW it has been my experience as a moderator that all the Nazi instances run pleroma, I'm not sure why. Of course the converse is not true which is why that issue makes no sense.

maybe it's that all the *smaller* instances run pleroma ?

Could be

correlation does not imply causation

Holger: I had to read up on that. Yes.

The question whether it makes sense to block Pleroma in order to block Nazis is just about correlation though, no? 🙂

it is

Just like Tor is for spammers and child abusers

That's why everybody blocks Tor of course

I think that's a good comparison to Pleroma blocking :)

Or like some XMPP instances block Cyrillic messages?

Yeah because correlation definitely implies causation ✏

(or does it)

Huh? If my goal is blocking Nazi content and the Nazi<->Pleroma colleration seems strong enough, I don't care whether being a Nazi makes you use Pleroma, or Pleroma usage makes you a Nazi, or whether there's no causality?

Colleration? Coloration! Stick to easy words, Holger.

Yes so do I. At least I can imagine certain functionality being more relevant to use cases of certain groups of people, and also cultural differences yes.

I do still agree though that software could be made less welcoming to anything far-right ✏

I could imagine certain software being like that possibly, not XMPP software though, and probably not ActivityPub

Why not, why is that impossible to do with XMPP or AP

or not desirable

maybe I just don't have that good of an imagination

give me an example of how, say, prosody, can be made less welcoming to anything far-right

To put away far-right people I'm not entirely sure. You make them unwelcome in the community, but in the software I don't know. You can change the license, that works especially well for liberals that don't like to have to use (A)GPL stuff (they don't care when they're too small and they don't care when they're too big either, but in the middle it's a nice repellent).

I'm open for some more ideas

Hasn't in in the AP context mostly focused on improving moderation tooling and such?

Yeah that's also nice. I don't know about AP in general but lemmy is quite far behind :/

I'd say more than XMPP, and that's not really hard to beat

right in my experience all "make software stop bad people" advocates do this: 1. say "you should make your software more welcoming to good people / less welcoming to bad people, and if you don't, you are a bad person" 2. answer "well how would you do that" with "I have nfi"

I legitimately don't know how to respond to this

While I think there is much room for improving moderation in XMPP, it is not as relevant for private chat.

Blocking and abuse reporting, which can certainly be improved, but it gets worse in the AP ecosystem with public profiles and posts etc.

Technical solutions to social problems?

moderation can definitely be improved, but if people are looking for a "report to twitter police" button that's never going to happen in a federated system

Yeah moderation is pretty bad in xmpp

Zash, some part of it is, but I don't know if I want to limit XMPP to just private chat

And having moderations tools for that is definitely of help

> moderation can definitely be improved, but if people are looking for a "report to twitter police" button that's never going to happen in a federated system It could. There is a logical flow of alerting your admin to issues with federated servers, and the server's admin to issues on their server.

Yes

to your admin, or contacts admin yes, but never some central entity with 1 set of policies or whatever

are we finally building spam controls? \o/

I'd say moderation not just spam

I think we're at a decent place wrt spam. If we're discussing the issues faced in the ActivityPub ecosystem then it's more about other kinds of abuse.

We don't need a central entity, just a better way to do it. I keep getting spammed by some mov.im user but have no way to report them go my admin or mov.im. That would discourage things.

I reported a user to edhelas today

there's a terrible thing that happens on the fediverse where 1 person sees 1 person @ another instance that says something they don't like, and tags it with #fediblock trying to get their admin to de-federate from the entire domain https://mastodon.social/tags/fediblock

But yeah that's a pretty manual process

Or there could be a way for multiple federated servers to share their block lists, that's more centralized but still federated

let's *not* even try to replicate that nonsense

Sam, server buddies!

XEP-0377 does define a reporting mechanism, which can be forwarded to the remote admin

Right, multiple servers that have similar policies could ban together to share the moderation workload!

Whether more XEP work is needed is uncertain

And they could put sanctions on those that don't!

Yah, more xep work isn't helpful if there's no interest in server admins doing the work to support it

Just because one person over uses the report or #fediblock button doesn't mean we should have no reporting.

Admins don't have to block a whole server just because one person reported a user.

XEP work such as making this example less intimidating maybe? https://xmpp.org/extensions/xep-0268.html#report

Or "just" look up contact addresses and forward there

not saying that, just saying that's what it seems to have morphed into on the fediverse "block this entire domain because 1 person is a jerk, we won't even contact admins"

I don't think that's actually a thing most instances do, and they probably reported it too.

Besides, we don't have the same sort of public posting, so I don't see the relevance to the examples you were countering with that.

Anyways, point is that it's easy to imagine making servers, clients, and the network as a whole less welcoming to trolls. The exact implementation doesn't matter, I was just givingvexamples.

yes I don't really think it'll be a problem with private reporting to admins

I suspect the problem on the fediverse is people do it for internet points because it's public

https://www.penny-arcade.com/comic/2004/03/19/green-blackboards-and-other-anomalies

I think they probably do it because it helps other admins, but sure. I've avoided a spam wave on our server because I saw the #fedublock hash tag, it's very useful.

Fedi, even.

Hm, federation level votekick?

just browsing the ones that showed up on the page I linked it looks like approx 75% trash reports "user said something I didn't like" and about 25% good ones "spam and I contacted moderator who was unwilling to moderate"

Nah, not voting, just sharing information quickly where it's needed.

but yes, Zash 's comic hit it on the head

So? Users will make bad reports whether it's public or private. If the signal to noise ratio is too high it's not useful but in my experience it's mostly obvious and easy to use the info. And if you don't like it then don't use it. There's no voting or binding anything.

There's https://github.com/JabberSPAM/blacklist for those that don't keep their (public) servers in check. And that pubsub based thing that can ban people from participating MUCs at the same time.

I think users will make many many many more bad reports if it's public

That is probably true (see above comic)

moparisthebest, I'm not arguing in favor of cancelling, I think cancelling is misguided at best, but let's not forget these people are also marginalised people and they're trying to repair an injustice that's been done to them, for literaly as long as they've been "a thing" they haven't been socially accepted by the majority. So maybe we can nuance our speech. It's not an "oppression olympics" or to "gain internet points" for the majority of them

Maybe, but it has still been very useful to me

Yes there's always "the one case", on every side

And even if it is… who cares? Just ignore those people and when a giant wave of reports comes in for the same instance investigate it

I was mentioning "the one case" to avoid having it said back to me ✏

Sam, right, so how does it being public help with that

Public means that I can get to it and make use of it, but I don't care if it's public or not really as long as I can get to it somehow

And if you don't like it, again, just don't go to that hash tag. Or filter it, even.

isn't going to the admin of your instance + admin of remote instance enough?

No, I literally just gave an example for why it's not

if they have some system to share it automatically with like-minded instances then good

A bunch of servers were blocking a Nazi spam wave. It hadn't reached our instance yet so we got no reports, and obviously the spamming instances didn't care. I used the tag and blocked themz we avoided the worst of it that way

I just seriously suspect the signal:noise ratio will go from maybe 10:1 being private to 1:100 at least, making moderation *less* effective

in extreme cases admins could post publicly of course

does anyone remember how public reporting in operators@ went not so long ago ? that's what public reporting looks like

It doesn't make things worse, that specific tool goes away and you're just left with reports like you had before

So what are you arguing for, moparisthebest? no moderation?

I don't even remember what was reported or why, I do remember walls of text and needing to ban people :P

pep., of course not, reporting to admins, not publicly

Isn't that.. the same? Except it's public. Just as Sam says, don't follow the tag if you don't want to see it?

Anyways, servers federating block lists with other servers that trust them seems like a good place to start

Reporting in operators@ is bad because it's not the only kind of info that gets there, also it's not the same kind of medium

I agree Sam

Perhaps what you're after here is a public audit log of blocked instances?

Rather than the reports themselves

probably also good

pep., not the same at all, see previous conversation: > https://www.penny-arcade.com/comic/2004/03/19/green-blackboards-and-other-anomalies > I just seriously suspect the signal:noise ratio will go from maybe 10:1 being private to 1:100 at least, making moderation *less* effective

It also depends on the governance model. I personally don't want to be just a one-person thing doing all the moderation. I think that should be a community thing

No one person taking the shots

right, so what Sam / Zash said about public / shared block lists ?

that has no bearing on whether the *actual reports* are public

So if i want to report an account i need to know who my admin is and privately message them now? Or find the operators room?

currently you private message your admin yes, but obviously that could and should be made better :)

in an ideal world everyone has a server where they personally know their admin...

Yeah. I would like a simple report button

And the block to actually block

I agree with the shared blocklists too. And i would say even subrcribe and share blocklists would be nice. And extending them to users

We have ways to advertise and discover contact methods for a service <https://xmpp.org/extensions/xep-0157.html>

And it's certainly a good idea to know who runs your service

And 377 is also a thing, or could be pretty easily

moparisthebest, well if I want the community to know I'd rather have it public, at least to the community

instance-wide, in fedi terms

pep., the blocklist, or the reports ? blocklist fine, reports problematic

Depends on the reports

even making admin-approved reports public would be fine

I guess the community could mandate a moderation group that can have access to private reports, but as long as that's not a thing, that's public reports all the way for this governance model

but if they are *all* public by default you'll see the signal:noise ratio go off the charts like you do on the fediverse

Well that's a choice I'm willing to make to have everybody chip in instead of making one-sided decisions ✏

it sounds like you are talking about a moderation team, ie group of admins, obviously they could see everything, but that's not public

Why does it matter to you if my instance's moderation reports are public, really

Why does it matter to you if a group of people want to make their moderation reports public. You can just not look at it, as Sam said earlier (again)

Yeah why not just not specify or make it a choice

Maybe having the reports public help people come together as stronger, maybe not, maybe they do want whoever has been decided to handle this to handle it privately. But please let's not bake that into the protocol

(Or whatever this way)

pep., it doesn't matter to *me personally* but there is ample evidence this *will* inundate you with more trash reports than good ones, glhf :D

private reports should be "baked into the protocol"

if the recipient chooses to make them public then it's on them

Or let's bake it in a way it makes sense, rather. I guess using 0377 atm people (developers?) would certainly assume it's sent to the server privately and there's no mention of what happens with the data is there. It seems to imply it's being reported to the server operator "somehow". So I guess that's up to the privacy policy or ToS or community guidelines to specify behaviour ✏

seems sensible

I'd like to prevent clients saying anything about the data being private though..

You keep insisting that the signal to noise ratio is off the charts. I, an admin, still say it's useful. Not perfect by any means, but still useful.

Asserting your statement that it's too high as fact doesn't seem right.

not "too high" just "more noise than signal"

they'll both scale with volume

I'm not sure even that is true

Could be, I'm not asserting that it's not, but it seems useful enough that I'm not so sure

Sam, what's useful? reports? or public reports only? the latter is what I'm having trouble seeing

I'm not sure what to tell you then. The example I gave is a real world one that has happened on our server.

Sam, and a shared blocklist would have done the same except you wouldn't have even had to react right? so better?

Maybe, maybe not. Depends how widely it was shared and which services were being impacted when. This isn't an either/or situation.

sure, not like someone can never post publically, just having that as the only mechanism is pretty poor

I dont think anybody here said public as the only option though. I can imagine some cases where the user may want to report privately

On fediverse it's only public unless you PM admins, that's the UI we should avoid