this post was submitted on 24 Jun 2023
208 points (95.2% liked)

Lemmy

2172 readers
1 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to [email protected].

founded 4 years ago
MODERATORS
[email protected]
208
Proof that bots are manipulating content (lemmyonline.com)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
145 comments fedilink hide all child comments
 

See THIS POST

Notice- the 2,000 upvotes?

https://gist.github.com/XtremeOwnageDotCom/19422927a5225228c53517652847a76b

It's mostly bot traffic.

Important Note

The OP of that post did admit, to purposely using bots for that demonstration.

I am not making this post, specifically for that post. Rather- we need to collectively organize, and find a method.

Defederation is a nuke from orbit approach, which WILL cause more harm then good, over the long run.

Having admins proactively monitor their content and communities helps- as does enabling new user approvals, captchas, email verification, etc. But, this does not solve the problem.

The REAL problem

But, the real problem- The fediverse is so open, there is NOTHING stopping dedicated bot owners and spammers from...

  1. Creating new instances for hosting bots, and then federating with other servers. (Everything can be fully automated to completely spin up a new instance, in UNDER 15 seconds)
  2. Hiring kids in africa and india to create accounts for 2 cents an hour. NEWS POST 1 POST TWO
  3. Lemmy is EXTREMELY trusting. For example, go look at the stats for my instance online.... (lemmyonline.com) I can assure you, I don't have 30k users and 1.2 million comments.
  4. There is no built-in "real-time" methods for admins via the UI to identify suspicious activity from their users, I am only able to fetch this data directly from the database. I don't think it is even exposed through the rest api.

What can happen if we don't identify a solution.

We know meta wants to infiltrate the fediverse. We know reddits wants the fediverse to fail.

If, a single user, with limited technical resources can manipulate that content, as was proven above-

What is going to happen when big-corpo wants to swing their fist around?

Edits

  1. Removed most of the images containing instances. Some of those issues have already been taken care of. As well, I don't want to distract from the ACTUAL problem.
  2. Cleaned up post.
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 39 points 1 year ago* (last edited 1 year ago) (34 children)
What, corrective courses of action shall we seek?

(Tagging large instance owners)

I sent messages to these users, notifying them to come to this thread.
  1. https://startrek.website/u/ValueSubtracted (startek.website)

They were able to get back with me- and provided this comment:

Thank you - we increased our security and attempted to purge our bots three days ago - if further suspicious activity is detected, we want to hear about it.

  1. https://oceanbreeze.earth/u/windocean (oceanbreeze.earth)
  2. https://normalcity.life/u/EuphoricPenguin22 (normalcity.life)

User returned this comment to me:

We just banned and subsequently deleted well over 2500+ of these accounts. We’ve just switched to closed registration as well.

[–] eekrano 3 points 1 year ago

I haven't spun up an instance, so I don't have a good idea what the DB looks like, but are IP addresses captured on either account signup and/or vote casting?

It's isn't a silver bullet, but it's prohibitively more expensive to spin up instances to cast votes for bot users versus running through a script on a single machine. If you've got an IP you might be able to pinpoint bot activity and the accounts associated with it (until they get smarter, at least)

load more comments (33 replies)