this post was submitted on 01 Sep 2023
890 points (96.0% liked)
Memes
45753 readers
2147 users here now
Rules:
- Be civil and nice.
- Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
On feddit.de, lemmy.world is only temporarily defederated because of CSAM until a patch is merged into Lemmy that prevents images from being downloaded to your own instance.
So I'll just be patient and wait. It's understandable the admins don't want to get problems with law enforcement.
Makes quite a bit of sense
Depending on jurisdiction it can be pretty hairy if your instance downloads it
IANAL but I'm pretty sure that in the US you have a "duty to report" and you can have legal protections if you end up getting it and then reporting it
But IANAL so I'd recommend looking into it with an actual lawyer if you run a website that hosts content
Won't that lead to some horrible hug-of-death type scenarios if a post from a small instance gets popular on a huge one?
Yes, but arguably it was never very scalable for federated software to store large media. It gets utterly massive quick. Third party image/video hosts that specialize in hosting those things can do a better job. And honestly, that's the kinda data that is just better suited for centralization. Many people can afford to spin up a server that mostly just stores text and deals with basic interactions. Large images or streaming video gets expensive fast, especially if the site were to ever get even remotely close to reddit levels.
If you're only responsible for caching for your own users, you don't unduly burden smaller instances.
Maybe a system where the files federate after 3 upvotes from outside the original instance?
That'd still be exploitable. You could just run 3 of your own instances. Coming up with a system to stop malicious users that can't be gamed would be tricky.
Caching only if some number of your own users upvote might work.
This is what I'm waiting for before I host my own as well. Rather not have to worry that much about constantly having to admin out CSAM.
Not to shill but I just found the other day that cloudflare has a csam scanning and reporting engine built into their proxies. In theory it gives them a window into the data stream by them decrypting and re-encrypting that could snatch a password hash, but 2FA makes that useless after a minute. Basically it scans anything that gets put in the cache and reports it, notifies you to pull it down, and automatically puts up a 451 block on the link.
❤️
Feddit is defed from so many instances it's actually not usable for me.