I've searched what CSAM means, and I'm flabbergasted! Doesn't the authorities catch these criminals?!

I understand that admins need to take whatever measures needed to protect themselves from legal pursuits

At the same time I hate to see the promised federated network revert to what commercial platforms have become, karma and account age requirement, phone and identity verification , forced 2fa and what not.

Maybe lemmy should implement a shared database whereas if an admin of an instance marks a post as potentially illegal, it gets replicated to other instances automatically and gets in queu for deletion.

I think the only sustainable option here is to keep media on the instance it was first posted to and every instance managing their own stuff.

If it gets too crowded close registrations and another instance grows.

I didn’t even know there was an option to load images directly from the source instance instead of caching the content locally. I know it’s a resource issue and it can slow things down a bit for users, but I think ultimately it should be done that way by default, to mitigate exponential propagation of illegal content. Wasn’t caching the main reason why lemmy.world preemptively blocked piracy communities?

That, or admins should be able to selectively choose what communities to cache content from, like maybe the ones where they can confirm there is active moderation.

Thank you for the update. I appreciate your efforts in moderating and keeping us informed.

A way to deal with false positives of an ML NSFW scanner would be: Once per day, each user can "overwrite" the scanner. If a user is caught abusing this, they get banned.

I wonder how hard it would be to fund a full time staff to review content. That's how other platforms do it.

And it only took something as serious as CP spamming to make you do what you should have done months ago. Amazing. 🤦

Maybe it'll take a genocide for you to ban the nazis and tankies too.

I think the images should never be cached from other instances in the first place, that is a huge oversight in pictrs since not only does it have the potential to cache unwanted content but also causes the images hosted to rapidly accumulate which isn't ideal as it increases storage requirements which is unfair to people who want to self-host a personal instance. Hosting a personal instance should not have monstrous storage requirements or serious liability risk due to caching all images automatically, it should only cache what is uploaded to the Instance like profiles and banners, and posts that include images from the Instance.

I have reservations about allowing fully-invite based registrations on lemmy instances. While I do think it might be good to have invites as a way for users to skip filling out an application I don't really like the idea of requiring them like Tildes does, makes it feel like an elitist exclusive club of sorts having to beg for an invite from users. I don't think it should be an alternative to application-based registration, but rather a supplement to it, if someone can get an invite from users that's great but if not they should still be able to write an application to join, this could be extensive and also lower priority since you could get invites but should still be an option available.

Account requirements really depends on what they are and what they restrict (also who on the instance is allowed to impose restrictions). For example on instances with downvotes enabled I think score/upvote requirements are a bad idea since it essentially means that people who disagree are locked out, like on Reddit with karma restrictions, I do not support this, it creates an echo-chamber where unpopular opinions. It'll also lead to upvote farming if there are negatives due to having a lower score.

Comment or post requirements would just lead to post or comment farming similar to vote farming, though it's not as bad as score-requirements since people making posts and comments naturally (whether they are liked or not) can't be taken away by other people based on opinions (only if they break the rules and get posts removed, which isn't even remotely similar since they broke the rules).

Limiting image uploading is a fair requirement in my opinion since uploads can be particularly harmful if the uploads are malicious, and also uploads aren't really needed since people can externally host almost all their images without the need for uploads.

When it comes to DMs and restrictions around them I feel like that should be up to individual users to decide to allow private communication from certain users or not, or even to allow DMs at all, this shouldn't be something globally applied to people, maybe it could be a default in User settings and have a requirement set by the Admins but people should be able to turn it off if they don't care or want to accept messages from new users, I know I certainly will, I hate being nannied when it comes to who's allowed to send me messages, IMO Annoying or uncomfortable DMs are a fact of life and I prefer to deal with issues when they happen rather than block anyone who's a new user that might want to talk to me, it's one of the things I hated that Reddit does without giving me the option to opt out and receive messages from everyone.

I think having a Machine-Learning based system to identify Malicious images is actually a pretty good idea going forward, I know how some people feel about AI and Machine-Learning but I think it's probably our best defense considering that none of us want to see it, it might have False positives but I'd rather than than to allow CSAM to live here. Ultimately the choice is have ML scanning or Disable pictrs here, I think ML is the better option because people are going to want to have Avatars and without pictrs that isn't possible (unless Lemmy adds support to the UI for externally hosted Avatars and Banners).

Has there been any developments on the Github in regards to all this? Really, the only things that will solve this long term are proper and granular moderation tools.

2. All images which have federated in from other instances will be deleted from our servers, without any exception

At this point, we have millions of such images, and I am planning to just indiscriminately purge all of them. Posts from other instances will not be broken after the deletion, the deleted images will simply be loaded directly from other instances.

My impression was that this was how this worked from the beginning, but apparently that's wrong. I thought the host instance (that is, the instance of the user making the post, not necessarily the instance of the community) would be the host of the image. Instead, it seems like instances share images and whatnot between themselves, to distribute the load to their own users.

Maybe this core principle is flawed. It should definitely be reviewed, anyway.

Well as always users that did nothing wrong are the ones that suffer. I think banning images is overkill. Let the forum police themselves. It’s the way this is supposed to work. Just banning images site wide is pretty draconian and defeats the purpose of the fediverse. Blocking any images that could contain any level of nudity is also overkill. I’ll probably move to a self hosted server eventually.

Hey there! Why not talk with the main lemmy developer to try and integrate such a content blocker directly into the lemmy stack so that it’s easier to implement for smaller instances? Thanks for keeping this instance up and runnin’! Cheers!

it's been 4 months-- any update on this?

1. I understand that this would be a temporary measure, and I hope this gets revisited in the near future.
2. Got to do what you have to do.
3. same as 2
4. I do not agree with invite-based registrations and would prefer other ways to limit sign ups such as what others have already suggested in this thread.
5. This will be tricky, but if done correctly would be something I can support.
6. Agreed.

Once again, thank you for this wonderful instance and I'm glad this is my home.

Can we get image upload back?

You need to update the site to reflect these changes - I was trying to upload a banner and got the incorrect error "image too large"

Going from completely open to invite-based is what I'd call overcompensation (you're overestimating how willing people will be to invite)