The TikTok ban and Donald Trump's rise to power show how fragile our social media accounts are. We must normalize and invest in decentralized social media.
I feel like it’s only a matter of time before most people just have AI’s write their posts.
The rest of us with brains, that don’t post our status as if the entire world cares, will likely be here, or some place similar… Screaming into the wind.
There might be clever ways of doing this: Having volunteers help with the vetting process, allowing a certain number of members per day + a queue and then vetting them along the way…
@a1studmuffin@ceenote the only reason these massive Web 2.0 platforms achieved such dominance is because they got huge before governments understood what was happening and then claimed they were too big to follow basic publishing law or properly vet content/posters. So those laws were changed to give them their own special carve-outs. We’re not mentally equipped for social networks this huge.
Could do something like discord. Rather than communities, you have “micro instances” existing on top of the larger instance, and communities existing within the micro instances. And of course make it so that making micro instances are easier to create.
A few have registration requirements, but it’s usually something banal like “say I agree in Spanish to prove your Spanish enough for this instance” etc.
This is a choice any instance can make if they want, none are but that doesn’t mean they can’t or it doesn’t work.
Doesn’t matter if they’re shit or not, they don’t want bots crawling their sites, straining their resources, or constantly shit posting, but they do anyway. And if the billion dollar corporations can’t stop them, it’s probably a good bet that you can’t either.
Well, what doesn’t work, it seems, is giving (your) access to “anyone”.
Maybe a system where people, I know this will be hard, has to look up outlets themselves, instead of being fed a “stream” dictated by commercial incentives (directly or indirectly).
I’m working on a secure decentralised FOSS network where you can share whatever you want, like websites. Maybe that could be a start.
If you have some algorithm or few central points distributing information, any information, you’ll get bot problems. If you instead yourself hook up with specific outlets, you won’t have that problem, or if one is bot infested you can switch away from it. That’s hard when everyone is in the same outlet or there are only few big outlets.
Instances that don’t vet users sufficiently get defederated for spam. Users then leave for instances that don’t get blocked. If instances are too heavy handed in their moderation then users leave those instances for more open ones and the market of the fediverse will balance itself out to what the users want.
The sad truth is that when Reddit blocked 3rd party apps, and the mods revolted, Reddit was able to drive away the most nerdy users and the disloyal moderators. And this made Reddit a more mainstream place that even my sister and her friends know about now.
We could ask for anonymous digital certificates. It works this way.
Many countries already emit digital certificates for it’s citizens. Only one certificate by id. Then anonymous certificates could be made. The anonymous certificate contains enough information to be verificable as valid but not enough to identify the user. Websites could ask for an anonymous certificate for register/login. With the certificate they would validate that it’s an human being while keeping that human being anonymous. The only leaked data would probably be the country of origin as these certificates tend to be authentificated by a national AC.
The only problem I see in this is international adoption outside fully developed countries: many countries not being able to provide this for their citizens, having lower security standards so fraudulent certificates could be made, or a big enough poor population that would gladly sell their certificate for bot farms.
Your last sentence highlights the problem. I can have a bot that posts for me. Also, if an authority is in charge of issuing the certificates then they have an incentive to create some fake ones.
Bots are vastly more useful as the ratio of bots to humans drops.
Also the problem of relying on a nation state to allow these certificates to be issued in the first place. A repressive regime could simply refuse to give its citizens a certificate, which would effectively block them from access to a platform that required them.
A simple thing that may help a lot is for all new accounts to be flagged as bots, requiring opt out of the status for normal users. It’s a small thing, but any barrier is one more step a bot farm has to overcome.
Data scraping is a logical consequence of being an open protocol, and as such I don’t think it’s worth investing much time in resisting it so long as it’s not impacting instance health. At least while the user experience and basic federation issues are still extant.
You don’t need blockchain for reputations systems, lol. Stuff like Gnutella and PGP web-of-trust have been around forever. Admittedly, the blockchain can add barriers for some attacks; mainly sybil attacks, but a friend-of-a-friend/WoT network structure can mitigate that somewhat too,
I think a web-of-trust-like network could still work pretty well where everyone keeps their own view of the network and their own view of reputation scores. I.e. don’t friend people you don’t know; unfriend people who you think are bots, or people who friend bots, or just people you don’t like. Just looked it up, and wikipedia calls these kinds of mitigation techniques “Social Trust Graphs” https://en.wikipedia.org/wiki/Sybil_attack#Social_trust_graphs . Retroshare kinda uses this model (but I think reputation is just a hard binary, and not reputation scores).
I dont see how that stops bots really. We’re post-Turing test. In fact they could even scan previous reputation points allocation there and divise a winning strategy pretty easily.
There are simple tests to out LLMs, mostly things that will trip up the tokenizers or sampling algorithms (with character counting being the most famous example). I know people hate captchas, but it’s a small price to pay.
Also, while no one really wants to hear this, locally hosted “automod” LLMs could help seek out spam too. Or maybe even a Kobold Hoard type “swarm.”
Captchas don’t do shit and have actually been training for computer vision for probably over a decade at this point.
Also: Any “simple test” is fixed in the next version. It is similar to how people still insist “AI can’t do feet” (much like rob liefeld). That was fixed pretty quick it is just that much of the freeware out there is using very outdated models.
I’m talking text only, and there are some fundamental limitations in the way current and near future LLMs handle certain questions. They don’t “see” characters in inputs, they see words which get tokenized to their own internal vocabulary, hence any questions along the lines of “How many Ms are in Lemmy” is challenging even for advanced, fine tuned models. It’s honestly way better than image captchas.
They can also be tripped up if you simulate a repetition loop. They will either give a incorrect answer to try and continue the loop, or if their sampling is overturned, give incorrect answers avoiding instances where the loop is the correct answer.
They don’t “see” characters in inputs, they see words which get tokenized to their own internal vocabulary, hence any questions along the lines of “How many Ms are in Lemmy” is challenging even for advanced, fine tuned models.
And that is solved just by keeping a non-processed version of the query (or one passed through a different grammar to preserve character counts and typos). It is not a priority because there are no meaningful queries where that matters other than a “gotcha” but you can be sure that will be bolted on if it becomes a problem.
Again, anything this trivial is just a case of a poor training set or an easily bolted on “fix” for something that didn’t have any commercial value outside of getting past simple filters.
Sort of like how we saw captchas go from “type the third letter in the word ‘poop’” to nigh unreadable color blindness tests to just processing computer vision for “self driving” cars.
They can also be tripped up if you simulate a repetition loop.
If you make someone answer multiple questions just to shitpost they are going to go elsewhere. People are terrified of lemmy because there are different instances for crying out loud.
You are also giving people WAY more credit than they deserve.
Well, that’s kind of intuitively true in perpetuity
An effective gate for AI becomes a focus of optimisation
Any effective gate with a motivation to pass will become ineffective after a time, on some level it’s ultimately the classic “gotta be right every time Vs gotta be right once” dichotomy—certainty doesn’t exist.
Anyway proof of work scales horrendously, and spammers will always beat out legitimate users of that even holds. I think Tor is a different situation, where the financial incentives are aligned differently.
We also need a solution to fucking despot mods and admins deleting comments and posts left-and-right because it doesn’t align with their personal views.
I’ve seen it happen to me personally across multiple Lemmy domains (I’m a moron and don’t care much to have empathy in my writing, and it sets these limp-wrist morbidly obese mods/admins to delete my shit and ban me), and it happens to many people as well.
Freedom of expression does not mean freedom from consequences. As someone who loves to engage on trolling for a laugh online I can tell you that if you get banned for being an asshole you deserve it. I know I have.
Self Moderated is just fine. Why do I need to doxx myself to be online? I’m not giving away my birth certificate or SSN just to post on social media that idea is crazy lmao.
Agreed. But we need a solution against bots just as much. There’s no way the majority of comments in the near future won’t just be LLMs.
I feel like it’s only a matter of time before most people just have AI’s write their posts.
The rest of us with brains, that don’t post our status as if the entire world cares, will likely be here, or some place similar… Screaming into the wind.
That’s going right into /dev/null as soon as I detect it-- both user and content.
Closed instances with vetted members, there’s no other way.
There might be clever ways of doing this: Having volunteers help with the vetting process, allowing a certain number of members per day + a queue and then vetting them along the way…
Too high of a barrier to entry is doomed to fail.
It’s how most large forums ran back in the day and it worked great. Quality over quantity.
@a1studmuffin @ceenote the only reason these massive Web 2.0 platforms achieved such dominance is because they got huge before governments understood what was happening and then claimed they were too big to follow basic publishing law or properly vet content/posters. So those laws were changed to give them their own special carve-outs. We’re not mentally equipped for social networks this huge.
Could do something like discord. Rather than communities, you have “micro instances” existing on top of the larger instance, and communities existing within the micro instances. And of course make it so that making micro instances are easier to create.
I dunno man. Discord has thousands of closed servers that are doing great.
If we’re talking about breaking tech oligarchs hold on social media, no closed server anywhere comes close as a replacement to meta or Twitter.
If you could vet members in any meaningful way, they’d be doing it already.
Most instances are open wide to the public.
A few have registration requirements, but it’s usually something banal like “say I agree in Spanish to prove your Spanish enough for this instance” etc.
This is a choice any instance can make if they want, none are but that doesn’t mean they can’t or it doesn’t work.
I was referring to some of the larger players in the space, ie Meta, Twitter, etc.
Right, but they’re shit and don’t good things out of principle.
We, the Fediverse, are the alternative to them.
Doesn’t matter if they’re shit or not, they don’t want bots crawling their sites, straining their resources, or constantly shit posting, but they do anyway. And if the billion dollar corporations can’t stop them, it’s probably a good bet that you can’t either.
Because they want user data over anything.
We want quality communities over anything.
We can be selective, they go bankrupt without consistent growth.
Okay, but the bots work for other people…
It could be cool to get a blue check mark for hosting your own domain (excluding the free domains)
It would be more expensive than bot armies are willing to deal with.
Well, what doesn’t work, it seems, is giving (your) access to “anyone”.
Maybe a system where people, I know this will be hard, has to look up outlets themselves, instead of being fed a “stream” dictated by commercial incentives (directly or indirectly).
I’m working on a secure decentralised FOSS network where you can share whatever you want, like websites. Maybe that could be a start.
I think you replied to the wrong comment.
Well no?
What did I miss?
I’m speaking broadly in general terms in the post, about sharing online.
This conversation was about bots. Yours is about “outlets” and “streams”, whatever that is.
If you have some algorithm or few central points distributing information, any information, you’ll get bot problems. If you instead yourself hook up with specific outlets, you won’t have that problem, or if one is bot infested you can switch away from it. That’s hard when everyone is in the same outlet or there are only few big outlets.
Sorry if it’s not clear.
What is an outlet?
How is it going to be as big as reddit if EVERYONE is vetted?
Why do you want it to be as big as Reddit?
Vetted members could still bot though or have ther accounts compromised. Not a realistic solution.
Can you have an instance that allows viewing other instances, but others can’t see in?
we have to use trust from real life. it’s the only thing that centralized entities can’t fake
Instances that don’t vet users sufficiently get defederated for spam. Users then leave for instances that don’t get blocked. If instances are too heavy handed in their moderation then users leave those instances for more open ones and the market of the fediverse will balance itself out to what the users want.
I wish this was the case but the average user is uninformed and can’t be bothered leaving.
Otherwise the bigger service would be lemmy, not reddit.
Just like classical macroeconomics, you make the deadly (false) assumption that users are rational and will make the choice that’s best for them.
The sad truth is that when Reddit blocked 3rd party apps, and the mods revolted, Reddit was able to drive away the most nerdy users and the disloyal moderators. And this made Reddit a more mainstream place that even my sister and her friends know about now.
We could ask for anonymous digital certificates. It works this way.
Many countries already emit digital certificates for it’s citizens. Only one certificate by id. Then anonymous certificates could be made. The anonymous certificate contains enough information to be verificable as valid but not enough to identify the user. Websites could ask for an anonymous certificate for register/login. With the certificate they would validate that it’s an human being while keeping that human being anonymous. The only leaked data would probably be the country of origin as these certificates tend to be authentificated by a national AC.
The only problem I see in this is international adoption outside fully developed countries: many countries not being able to provide this for their citizens, having lower security standards so fraudulent certificates could be made, or a big enough poor population that would gladly sell their certificate for bot farms.
Your last sentence highlights the problem. I can have a bot that posts for me. Also, if an authority is in charge of issuing the certificates then they have an incentive to create some fake ones.
Bots are vastly more useful as the ratio of bots to humans drops.
Also the problem of relying on a nation state to allow these certificates to be issued in the first place. A repressive regime could simply refuse to give its citizens a certificate, which would effectively block them from access to a platform that required them.
What? I post a lot, but the majority?
…oh, you said LLM. I thought you said LMM.
A simple thing that may help a lot is for all new accounts to be flagged as bots, requiring opt out of the status for normal users. It’s a small thing, but any barrier is one more step a bot farm has to overcome.
Also is data scraping as much of an issue?
Data scraping is a logical consequence of being an open protocol, and as such I don’t think it’s worth investing much time in resisting it so long as it’s not impacting instance health. At least while the user experience and basic federation issues are still extant.
Reputation systems. There is tech that solves this but Lemmy won’t like it (blockchain)
You don’t need blockchain for reputations systems, lol. Stuff like Gnutella and PGP web-of-trust have been around forever. Admittedly, the blockchain can add barriers for some attacks; mainly sybil attacks, but a friend-of-a-friend/WoT network structure can mitigate that somewhat too,
Slashdot had this 20 years ago. So you’re right this is not new.or needing some new technology.
Space is much more developed. Would need ever improving dynamic proof of personhood tests
I think a web-of-trust-like network could still work pretty well where everyone keeps their own view of the network and their own view of reputation scores. I.e. don’t friend people you don’t know; unfriend people who you think are bots, or people who friend bots, or just people you don’t like. Just looked it up, and wikipedia calls these kinds of mitigation techniques “Social Trust Graphs” https://en.wikipedia.org/wiki/Sybil_attack#Social_trust_graphs . Retroshare kinda uses this model (but I think reputation is just a hard binary, and not reputation scores).
I dont see how that stops bots really. We’re post-Turing test. In fact they could even scan previous reputation points allocation there and divise a winning strategy pretty easily.
Do you have a proof of concept that works?
https://docs.ergoplatform.com/eco/reputation-system/
There are simple tests to out LLMs, mostly things that will trip up the tokenizers or sampling algorithms (with character counting being the most famous example). I know people hate captchas, but it’s a small price to pay.
Also, while no one really wants to hear this, locally hosted “automod” LLMs could help seek out spam too. Or maybe even a Kobold Hoard type “swarm.”
Captchas don’t do shit and have actually been training for computer vision for probably over a decade at this point.
Also: Any “simple test” is fixed in the next version. It is similar to how people still insist “AI can’t do feet” (much like rob liefeld). That was fixed pretty quick it is just that much of the freeware out there is using very outdated models.
I’m talking text only, and there are some fundamental limitations in the way current and near future LLMs handle certain questions. They don’t “see” characters in inputs, they see words which get tokenized to their own internal vocabulary, hence any questions along the lines of “How many Ms are in Lemmy” is challenging even for advanced, fine tuned models. It’s honestly way better than image captchas.
They can also be tripped up if you simulate a repetition loop. They will either give a incorrect answer to try and continue the loop, or if their sampling is overturned, give incorrect answers avoiding instances where the loop is the correct answer.
And that is solved just by keeping a non-processed version of the query (or one passed through a different grammar to preserve character counts and typos). It is not a priority because there are no meaningful queries where that matters other than a “gotcha” but you can be sure that will be bolted on if it becomes a problem.
Again, anything this trivial is just a case of a poor training set or an easily bolted on “fix” for something that didn’t have any commercial value outside of getting past simple filters.
Sort of like how we saw captchas go from “type the third letter in the word ‘poop’” to nigh unreadable color blindness tests to just processing computer vision for “self driving” cars.
If you make someone answer multiple questions just to shitpost they are going to go elsewhere. People are terrified of lemmy because there are different instances for crying out loud.
You are also giving people WAY more credit than they deserve.
Well, that’s kind of intuitively true in perpetuity
An effective gate for AI becomes a focus of optimisation
Any effective gate with a motivation to pass will become ineffective after a time, on some level it’s ultimately the classic “gotta be right every time Vs gotta be right once” dichotomy—certainty doesn’t exist.
@NuXCOM_90Percent @brucethemoose would some kind of proof of work help solve this? Ifaik its workingnon tor
Somehow I didn’t get pinged for this?
Anyway proof of work scales horrendously, and spammers will always beat out legitimate users of that even holds. I think Tor is a different situation, where the financial incentives are aligned differently.
But this is not my area of expertise.
We also need a solution to fucking despot mods and admins deleting comments and posts left-and-right because it doesn’t align with their personal views.
I’ve seen it happen to me personally across multiple Lemmy domains (I’m a moron and don’t care much to have empathy in my writing, and it sets these limp-wrist morbidly obese mods/admins to delete my shit and ban me), and it happens to many people as well.
Yeah you can go fuck yourself for pinning your flavor of bullshit on ADHD. Take some accountability for your actions.
So much irony in this one
Good job chief 🤡
Freedom of expression does not mean freedom from consequences. As someone who loves to engage on trolling for a laugh online I can tell you that if you get banned for being an asshole you deserve it. I know I have.
Who is the asshole here?
That tells me all I need to know
Yes
I do indeed fuck myself, every day, thanks.
You have that tool, it’s called finding or hosting your own instance.
lemm.ee and lemmy.dbzer0.com both seem like very level-headed instances. You can say stuff even if the admins disagree with it, and it’s not a crisis.
Some of the big other ones seem some other way, yes.
Lemm.ee hasn’t booted me yet? Much like OP, I’m not the most empathetic person, and if I’m annoyed then what little filter that I have disappears.
Shockingly, I might offend folks sometimes!
Just create your own comm.
Communities should be self moderated. Once we have that we can really push things forward.
Self Moderated is just fine. Why do I need to doxx myself to be online? I’m not giving away my birth certificate or SSN just to post on social media that idea is crazy lmao.