@alice The harm caused when attackers are not screened never really goes away. I got attacked by Nazis on Twitter. I still feel it.
Discussion
Loading...
Post
@alice an excellent analysis
I'd add one addendum for those in the audience who want a low effort policy that's more aggressive
There is another option much more heavy-handed -- toward "innocent" and "guilty" alike. One common to servers including mine:
By referral, after referrer has been registered X months
The number who accidentally invite someone who doesn't share culture and values of the place is very low
And if fedi shows anything imo, it's that this scales better than many think
@alice
Suddenly wondering about a system, which I've seen effectively used on forums, where a new user's posts are held back, and they are effectively silenced until a moderator reads their posts and approves them to interact, perhaps with some sort of time-limit in case moderation doesn't get to it in a timely manner. This would not only mean they don't need to give a reason when signing up, but that they could partially engage without having to wait, and potentially that moderation would be seeing their posts right away.
It might take a new layer of systems to implement, but do you think that would be a good idea?
@Raccoon @alice Honestly, that sounds like a neat idea.
Closed registration is incredibly stressful to me, for example, because you have to consider just so many factors: did you write enough? did you write too much? are your writing skills on par? do you sound sane enough to be accepted? WHAT do you even write in the first place? what reason for wanting to join do you give beyond the basic "i need an account to interact with the site" which will likely not be enough and get me rejected? what if I end up wanting to change instances and therefore would've wasted moderator's time on making them read that?
The reasons for closed reg brought up in OP are valid and are probably more immediate than having anxiety, but my issues still exist and I'd like them to be kept in mind.
@ItsFunkyCaptain you just wrote *way* more in an unsolicited response to a stranger than you'd ever need to write to be accepted into our moderated-registration community at LGBTQIA.space.
In fact, the vast majority of people who *do* get rejected, get rejected because they *obviously* didn't read the server rules.
Specifically:
2. The main language on this instance is English.
11. We need to confirm you’re not an AI, so please write a few sentences explaining why you want to join this server. Without that, we can’t approve your account. (max 400 characters)
And their application looks like: "ich bin schwul", or "community", or "i'm lgb".
Whereas something as simple as "I'm a lesbian looking for a place that isn't toxic like Twitter." would easily be accepted.
@Raccoon see https://lgbtqia.space/@alice/116130539140786829 (towards the end)
"""
I believe this points to moderated registration being the lowest effort remedy for the problem of the Nazi Sucker-punch. So before we "engineer a new solution" that doesn't yet exist, we should exhaust the tools that are already available on the platform today. Yes, we could implement rate limits, or shadow bans, or trust networks, or quarantine servers, but we don't have those today, and even if we did, there's no evidence that those would be a better solution for Fedi than moderated signups.
"""
@alice
Much love for all of your efforts and those of all moderators, you make this place what it is
🥰🥰
In one of the comments, I read defederation as defenestration
@w_b tbf, that's a valid defense against Nazis too 💁🏼♀️
@alice the more servers have moderated registration, the less friction it will cause, as it becomes just a normal, expected part of signing up.
@alice The harm caused when attackers are not screened never really goes away. I got attacked by Nazis on Twitter. I still feel it.
@kimlockhartga @alice
^ that is what makes this accurate:
"Reviewing an application is lower effort than trying to fix the damage from an attack."
Moderators have to review hundreds of applications to prevent a single attack. But because the damage of accumulated attacks is both long-lasting and affects audiences beyond a single direct target, reviewing remains a lower effort investment
Preventing attacks is also ethically worthwhile, adding ethos to logos and pathos! Never let meritocracy trolls reduce us to only using logos and rational arguments as persuasive tools
@kimlockhartga I've been tempted to start collecting the attacks I get and publishing them (with content warnings!) because a thing I hear over and over is:
"Really? I never see stuff like that here."
And these (mostly) white (mostly) guys were saying the same thing when #BlackMastodon talks about #Racism.
Or when #FemmeFedi talks about #Sexism.
It's like, dude, you don't see it because you're not the target. 😮💨
@alice @kimlockhartga I usually don´t see stuff like that bc a) as you say, I´m not the target and b) bc the work all you mods and adms put in every day.
My wife just liked and commented an anti-nazi post on facebook the other day and the messages she got ranged from kill yourself to actual threats.
Is it just me or is this actually getting worse by the day?
Anyway, I´m sorry for everyone who has to deal with this shit and immensely grateful for everyone moderating it.
@sanpan at least in the US, these assholes have been emboldened of late. And with most big tech platforms scrapping DEI and anti-harassment language, the (measly) repercussions they may once have had are even less of a concern.
@kimlockhartga @alice I hated (absolutely hated) the "Sticks and stones" stuff at school, knowing full well the damage that words can do. The pen might be mightier than the sword, but the damage from a comment can last just as long, if not longer, and it cuts deep.
@tompearce49 @alice What that terrible and completely wrong saying was trying to tell us was that our feelings didn't matter. That we should suck it up and not miss work, because it's not like we broke a leg or something. So much about school is preparation to be a reliably productive worker, not a reliably good person. Those perfect attendance awards? To prepare you to never call out sick from work.
@tompearce49 @kimlockhartga@beige.party @alice
I dunno man. You ever stab a kid with a Bic pen in the hand for grabbing you and shoving you down into a chair? Because I did once. And the bullies never fucked with me again.
@wolfinpdx so the pen *is* mightier 😋
@alice it's very worth repeating, but wow it's frustrating going over this again and again. Nothing about what you're saying has changed in the past 30-odd years since sites with easy signup became a thing, but then every new platform does the same thing of having wide open signups from the start and is "totally shocked" when that leads to the same problems that have been happening for decades.
@alice for the readers (I know Alice knows all this):
Perfection is not the enemy of the good. Any attempts to keep out the attackers are better than no attempts to keep out the attackers.
There's such a thing as defense-in-depth. You don't need your registration process to stop every attacker to get in the door. You have moderation tools. You have blacklists. You have defederation. You have TBS. Every attacker-stopper you add makes your instance safer.
Don't give up. Fight back.
@alice "... communities are defined by who stays, not by how many come through the door."
This is a beautiful line and apropo of many situations. I will be adding that to my book of really useful ideas.
Thank you.
This is also well-known from hacker circles.
The absolute largest lump of malicious hackers only look for low-hanging fruit.
Dedicated hackers looking to penetrate a well-composed org? Very rare. And completely different from the bulk. This is what red team sessions are for.
@alice Tightly argued. Nice.
To the concern that it might deter some new users, I would add "yes, but if the alternative is lots more evil arseholes, it's a minor downside - especially as it is really only a downside for lazy new users".
We already have moderated follows at the user level; having moderated signups at the server level seems like a no-brainer.
@alice
Totally agree.
Also, I know it wasn't mean that way but this had me in stitches
they'll just pretend to be human