this post was submitted on 20 Jun 2023
30 points (96.9% liked)

Lemmy.ca's Main Community

2758 readers
1 users here now

Welcome to lemmy.ca's c/main!

Since everyone on lemmy.ca gets subscribed here, this is the place to chat about the goings on at lemmy.ca, support-type items, suggestions, etc.

Announcements can be found at https://lemmy.ca/c/meta

For support related to this instance, use https://lemmy.ca/c/lemmy_ca_support

founded 3 years ago
MODERATORS
30
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 

Stux from geddit.social think that the massive recent wave of ~100k new Lemmy accounts is likely mostly spammers. Captchas suck, but are they better than the alternative?

top 14 comments
sorted by: hot top controversial new old
[–] [email protected] 18 points 1 year ago (4 children)

The upcoming v0.18 of Lemmy is set to remove Captchas, I've got a feeling this problem is about to get a WHOLE lot worse.

Source - https://github.com/LemmyNet/lemmy/issues/2922

[–] [email protected] 10 points 1 year ago (1 children)
[–] [email protected] 7 points 1 year ago

Great! Have you also commented on it? Have others here who are reading this and also concerned about this issue commenting on it?

Right now I think the Devs need to see how much impact they're creating here and with how little people are weighing in, I really don't think they're fully understanding the implications.

Just because an issue exists means NOTHING. It's a ticket, a work item, something that could choose to be discarded.

Additionally, just because the issue exists makes no guarantee that we'll retain Captcha functionality in v0.18.

[–] [email protected] 6 points 1 year ago

It's always been up to instance admins to decide for themselves between the tradeoff of creating manual signup friction in order to reduce spam, or remove it in order to quickly scale for more users. This might remove a tool for now, but I think more tools will be added as alternatives.

[–] [email protected] 4 points 1 year ago

they're also looking into alternate ways to prevent spam bots: https://github.com/LemmyNet/lemmy/issues/3204

[–] eatham 2 points 1 year ago

Bots can basically solve captchas tho

[–] [email protected] 7 points 1 year ago (1 children)

I'm aware of this already, thought about preemptively blocking those instances, but will probably just wait and see.

captchas are ok, but probably just a minor deterrant. I think they should be an option though.

not sure what the best way to stop this though, in the long run.

[–] [email protected] 5 points 1 year ago (2 children)
[–] [email protected] 5 points 1 year ago (1 children)

You joke, but I wouldn't be opposed. Would make it hard to sign up for a non-local instance though.

But then, I'm also the guy who just spent 11 years on reddit with his real name. So clearly privacy has never been my deciding factor when choosing a social network.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

That's the best approach to leaving footprints on the internet. Especially on social media. Assume everything is public.

[–] [email protected] 4 points 1 year ago (1 children)

hahaha yes! that'll fix everything!

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

Undoubtedly. 😂

Joke aside, longer term, we could have a privacy-tiered verification approach. For example SMS verification for automatic approval, or text application for manual review. Some users might be OK giving their phone numbers for this purpose, while others might prefer submitting an essay. 🤷

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

Looking at the snap below, I'm getting worried about the integrity of this and other instances if all of these accounts start posting. There are many more like these. I counted at least 30 of them. For example if all of them try to post a 1MB image to a community in this instance. 💀

If there's no protection against the above scenario, preemptive defederation might be warranted. Maybe even with a public post on here that lists the defederated instances, where any owners of mistakenly swatted instances can appeal.

@[email protected]

E: Someone's already doing an implementation.

[–] [email protected] 2 points 1 year ago

yeah, I think I might preemptively block them. a different admin has been trying to contact them to get them aware, and had a list of some that had deleted the accounts and implemented captchas or whatever.

load more comments
view more: next ›