Lemmy.world is temporarily disabling open signups and moving to an application-required signup process, due to ongoing issues with malicious bot accounts.

We know this is a major step to take, but we believe that it’s the right one for both us and our community right now.

We’re working on a better long-term technical solution to these bots, but that will take time to create, test, and verify that it doesn’t cause any problems with federation and how our users use our site, and we’d rather make sure we get it right than have a site that’s broken.

We’re making this change on 28 Aug 2023, and don’t have a specific timeline for how long registrations will require an application, but we will post an update once our new anti-abuse measures are in place and working.

Take care, LW Team

  • Machefi@lemmy.world
    218·
    1 year ago

    Wasn’t the argument for having open sign-ups that some Lemmy apps redirect straight to Lemmy.world for registration?

      • GONADS125@lemmy.world
        32·
        1 year ago

        I hope you guys are doing okay having to see all that shit… No shame in reaching out to mental health professionals. Makes me sad imagining you guys picking up emotional baggage and trauma having to see all that to protect the community.

        I appreciate you guys looking out for us, but I hope you all have proper support yourselves.

  • kadu@lemmy.world
    1452·
    1 year ago

    No place is safe from this, unfortunately. I moderated 2 big brazilian subreddits, and then decided to volunteer to help a smaller one. I had a day (and to be honest, an entire week) absolutely ruined when somebody did indeed set a bot to post large amounts of CSAM to the subreddit. Luckily I was online to quickly purge it all, and Reddit’s admins did remove the accounts pretty much instantly, but I feel for every Lemmy admin that even caught a glimpse of this material and now have to purge their computers and honestly, their minds, from that. Sorry to hear it happened.

        • KairuByte@lemmy.dbzer0.comEnglish
          241·
          1 year ago

          Yeah, the term CP (Child Porn) has always been a terrible name for it. It sounds weird, but “Child Porn” sounds much less dramatic than it is, like some sort of fringe porn. Meanwhile CSAM (Child Sexual Abuse Material) make it a lot more clear that there is a child being abused.

        • eric@lemmy.world
          172·
          1 year ago

          Same, and to make sure no one else has to have it in their search history, CSAM stands for “Child Sexual Abuse Material.”

    • Ab_intra@lemmy.world
      141·
      1 year ago

      I saw one of these videos in my feed last night and it was very obvious to me what it was. Thankfully it wasn’t anything that was to bad, but It still gives me the creep that something like that was in my feed.

  • input@lemmy.world
    1082·
    1 year ago

    Hope it restricts the attack surface, why do people have to be such knobs

    • pretzelz@lemmy.world
      10315·
      1 year ago

      Not wanting to be too conspiratorial, but it isn’t necessarily people simply doing this out of the badness of their hearts. The fediverse is a disruptive platform and there are many parties with deep pockets that might happily funnel a little bit of cash to certain consultancies in certain countries to stop things and add friction to this platform before it really takes off. Nothing like a little bit of corporate sabotage!

      • givesomefucks@lemmy.worldEnglish
        363·
        1 year ago

        The alt right instance has been fucking with world since they were defederated…

        This is something right up their alley, so the simplest solution is they’re doing it.

      • Steeve@lemmy.ca
        327·
        1 year ago

        Come on people, Lemmy’s user base is what, a few hundred thousand? A million tops? Which “parties with deep pockets” is this disrupting? The Lemmy userbase is a rounding error on the number of users of other popular social medias.

        “Don’t want to be too conspiratorial, but let me continue to drop a ridiculous conspiracy with no evidence”

        • Grabbels@lemmy.world
          185·
          1 year ago

          And big corp wants to smother it before it’s bigger. It perfectly makes sense. It’s so much more difficult to kill a service/movement when it’s already widely adopted and popular. Identifying small, new players in the field and disrupting those takes very few resources for them, a rounding error, if you will.

          The fediverse has the potential to be a threat to some big corps out there, and Lemmy is just one speck in a sea of a lot of specks. Together those specks are growing the fediverse, and the only way to disrupt it is to get rid of those specks.

          • Steeve@lemmy.ca
            114·
            1 year ago

            You’re delusional if you think the Fediverse, a totally open protocol that “competitors” can (and plan to) join instead of having to “defeat”, poses a threat big enough to corporations with hundreds of millions or even billions of users to warrant the spamming of child porn.

        • Ensign_Crab@lemmy.worldEnglish
          7·
          1 year ago

          Not from a big corporation, no. It’s probably 4chan types. They tend to get deeply offended when people don’t want nazis around.

        • mommykink@lemmy.world
          31·
          1 year ago

          IIRC there was a post a few weeks ago that had the total number of active accounts somewhere around 60,000. Yeah, we’re definitely not big enough to attract that kind of directed attack

      • maegul (he/they)@lemmy.mlEnglish
        171·
        1 year ago

        I like conspiracy theories as much as the next person. But let’s be real for a moment … this is shitty people doing shitty things. In part because Lemmy is a vulnerable and maybe relatively easy target by being indie software with indie instance management and relatively young. They might have a general purpose, such as being alt-right and defederated. But at it’s core, I think it’s gotta be just the “pleasure” they get out of breaking someone else’s shit … these people exist, we know they exist.

      • PsychedSy@sh.itjust.works
        41·
        1 year ago

        Eh. It’s a new platform with new instances and a lot of potential attack vectors. With new users it’s becoming a valid target for them.

      • T156@lemmy.worldEnglish
        52·
        1 year ago

        No, Lemmy is nowhere near big enough for that. If it was, it would be simply bought out by one of those companies, and then shut it down, like with XMPP. They have no rhyme or reason to skulk around in the shadows.

        In its current state, it is still very much in its infancy. A company would see more threat in the competing social networks trying to copy their model, or people just leaving outright than Lemmy for the time being. Mastodon would be more of a threat by comparison.

      • BitOneZero @ .world@lemmy.world
        41·
        1 year ago

        Nothing like a little bit of corporate sabotage!

        The software developers who created Lemmy openly criticize systems of government and economics. These are nation-state battlegrounds too. The barrier to entrance is very low, as Lemmy doesn’t even do routine tracking of account creation, rate-limiting alone isn’t really defensive. 15 years ago sites like Reddit had major vote manipulation detection logic behind the scenes. This is pretty much unleashed playground for a lot of known tactics.

      • ekZepp@lemmy.worldEnglish
        33·
        1 year ago

        With the American election next year and all the chaos on sXitter, no unlikely.

  • DelvianSeek@lemmy.worldEnglish
    671·
    1 year ago

    Good call. Thank you for doing what you need to do to support the site and protect the users as necessary. And as always, the honesty and transparency is appreciated.

    • Axisential@lemmy.nz
      61·
      1 year ago

      Oh Christ, really? That’s just sickening. I often sort by new, sounds like I’ve been very lucky to miss it entirely…

        • SupraMario@lemmy.world
          141·
          1 year ago

          I’m guessing they’re not even flagging that shit as NSFW? I’ve been using liftoff and have the NSFW stuff hidden. I haven’t run into of it yet but that’s fucked up, hopefully it gets under control with this.

          Maybe mods of each section can turn on manual approvals of submissions?

    • Lakija@lemmy.world
      561·
      1 year ago

      Are you serious? Holy shit. I haven’t seen any at all. But just the thought that someone is posting it. I hate people sometimes.

  • no banana@lemmy.world
    61·
    1 year ago

    I think it’s the right call honestly. We’ve grown so quick that it must be hard to manage by now.

  • scarabic@lemmy.worldEnglish
    42·
    1 year ago

    If you could give me the numbers of new accounts monthly I would look into CloudFlare. If I can afford it I will even pay for it.

  • The Picard Maneuver@lemmy.world
    30·
    1 year ago

    Is image posting temporarily turned off for lemmy.world users too?

    Since last night, I’ve been unable to post (tested in memes@lemmy.world, memes@lemmy.ml, and lemmyshitpost@lemmy.world). Switched to an alt account on a different instance and had no issue.

    (getting JSON error: unexpected character at line 1 column 1)

  • Candelestine@lemmy.worldEnglish
    232·
    1 year ago

    Glad to hear. Obviously this is less than ideal, but working towards solutions is what’s important.