The thing that really gets me with these, is that we are 2-4 devs working on software used by over 40k ppl. It is absolutely impossible to please everyone, and fix every issue, there just isn't enough of us.

Oftentimes we ask for ppl to do the open source thing, and contribute a PR, and many of them do.

Anyone can look at our github profiles and see how busy we've been, and how many moderation related issues we've been working on, this is all out in the open. Yet writers of these articles somehow never bother to look, or reach out to us for questions. The amount of entitlement and second-hand rumors is really dissapointing.

So, to be clear, the story the article links to is specifically a case of local content that didn't actually federate. It was an accidental upload, he cancelled the post, it sat in storage, and even his admin was stumped about how to get it out.

I agree that with federation, it's a lot more messy. But, having provisions to delete things locally, and try to push out deletes across the network, is absolutely better than nothing.

The biggest issue I have is that there's really not much an admin can do at the moment if CSAM or some other horrific shit gets into pict-rs, short of using a tool to crawl through the database and use API calls to hackily delete things. Federation aside, at least make it easy for admins and mods to handle this on their home servers.

I have to say, I think the article actually does address what you’re saying, in particular here:

There are a couple of reasons as to why this is so surprising. Firstly, the Trust & Safety aspect: a few months ago, several Lemmy servers were absolutely hammered with CSAM, to the point that communities shut down and several servers were forced to defederate from one another or shut down themselves.

Simply put, the existing moderation tooling is not adequate for removing illegal content from servers. It’s bad enough to have to jump through hoops dealing with local content, but when it comes to federated data, it’s a whole other ball game.

The second, equally important aspect is one of user consent. If a user accidentally uploads a sensitive image, or wants to wipe their account off of a server, the instance should make an effort to comply with their wishes. Federated deletions fail sometimes, but an earnest attempt to remove content from a local server should be trivial, and attempting to perform a remote delete is better than nothing.

I also just want to point out that the knife cuts both ways. Yes, it’s impossible to guarantee nodes you’re federating with aren’t just ignoring remote delete requests. But, there is a benefit to acting in good faith that I think is easy to infer from the CSAM material example the article presents.

Upload somewhere else (theres a bunch of images hosts) then make your post point to that image host. Federated instances just have to host the link, so it’s good for them too.

Those images are still cached as well as the thumbnails.

Couldn't images and videos just be loaded from the instance they were uploaded to instead of getting copied to each instance? It would work almost the same as uploading it to a file hoster but it would be a lot easier usability wise and illegal content would still only have to be deleted at a single point.

There's nothing wrong with having good third-party tools, that was not my point. db0 in particular has done some amazing, amazing work.

What's fucked, however, is having a project:

• whose core infrastructure only offers the most threadbare tools
• there's zero consideration from development on privacy, user safety, or basic controls to handle when shit hits the bed
• the devs are stone silent when waves of CSAM crash through instances
• they openly mock people or say they're "too busy to do this" when it comes to meeting the most basic expectations of how a social platform ought to work.

Like, this is not an attack on Lemmy itself, I think the platform can be a real force for good in the Fediverse. But let's be honest, this project is not going to live very long if nothing changes.

Basic things like having the ability to easily remove images from storage should be part of the core platform. The fact that this still isn't a thing even four years into the project is insane.

There's no guarantee on third party tools continuing to work with Lemmy. Something as critical as deleting images, which can cause problems like revenge porn and such, must be given priority by the official project.

Even though i don't do it i think people should've a right to do what they want with their body without fearing what others think or will do.

Yeah, I agree. I think the important thing is "was the local content scrubbed?" Because at least if that was done, the place of origin no longer has it.

Federated deletes will always be imperfect, but I'd rather have them than not have them.

What might actually be interesting would be if someone could figure out this type of content negotiation: deletes get federated, some servers miss it. Maybe there's a way to get servers to check the cache and, if a corresponding origin value is no longer there, dump it?

I take it you've never run a community instance. The problem is, laws vary by jurisdiction, and can have a very real effect on how you run your server when shit hits the fan.

We recently ran a story about a guy building his own Fediverse community and platform, who just happened to be a bit naive about the network. He's off in his corner, doing his own thing, people find his project and assume it's some kind of weird scraper. After disinformation came out about it, someone remote-loaded child pornography to his server, for the purpose of filling a report with the police.

The guy is based on Germany. Local jurisdiction requires one year of prison time minimum. It matters.