Autonomous User

Lead Lemmy developer [email protected] Appears to Have Had Their Account Compromised After Moderation Actions Raise Serious Concerns

https://lemmy.world/post/43978041

Lead Lemmy developer [email protected] Appears to Have Had Their Account Compromised After Moderation Actions Raise Serious Concerns - Lemmy.World

Cross posted here as it was highlighted that the individual is a lead Lemmy developer, raising serious concerns about the direction of Lemmy, a leading Fediverse platform, and the impact on future user adoption. Hi There have been some rather concerning actions taken by an admin of the [email protected] [/c/[email protected]] community, [email protected] [[email protected]]. Based on recent moderation decisions and a complete lack of communication, it seems like their account may have been compromised, or even more concerning if these actions are deliberate. 1. Erroneous Rule 4 Enforcement, First Instance: a guide posted to [email protected] [/c/[email protected]], despite receiving many positive votes and comments, was removed under Rule 4: > If you have a question, please try searching for previous discussions, maybe it has already been answered However, this post was a guide and not a question, so Rule 4 does not apply. Attempts were made to reach out for clarification but there has been no response, despite their account showing recent activity. 2. Erroneous Rule 4 Enforcement, Second Instance: an on-topic informational video also posted to [email protected] [/c/[email protected]], despite also receiving many positive votes, was again removed under Rule 4. This post was again not asking a question, so again Rule 4 does not apply. Again, no explanation has been given. 3. User Bans in Completely Unrelated Communities: user bans of over a month have been applied for not only [email protected] [/c/[email protected]] but several completely unrelated communities: - [email protected] [/c/[email protected]] - [email protected] [/c/[email protected]] - [email protected] [/c/[email protected]] - [email protected] [/c/[email protected]] - [email protected] [/c/[email protected]] - [email protected] [/c/[email protected]] - [email protected] [/c/[email protected]] - [email protected] [/c/[email protected]] - [email protected] [/c/[email protected]] - [email protected] [/c/[email protected]] - [email protected] [/c/[email protected]] This is especially concerning given that the above posts have no relation to these communities, and no recent activity has been made in any of them, meaning none of their rules could have been broken. Moreover, a public track record of positive contributions across Lemmy has been established, with many positive votes and comments received over a sustained period. Given all of this, the bans appear to be highly disproportionate, only adding to the growing concerns around moderation practices. 4. Repost with Disclaimer Removed: a repost of the guide, despite a disclaimer explaining the original removal appears to be in error and that attempts to contact the admin have failed, despite again receiving many positive votes and constructive comments, was once again removed. Again, no explanation has been given. Given all of this, it’s hard to avoid the conclusion that something is not right. Mistakes in moderation happen but the complete lack of communication, the disproportionate actions, and the ongoing bans from unrelated communities raise serious concerns. It seems as though the account is most likely compromised, or even more concerning if these actions are deliberate. Has anyone else experienced similar issues with this admin, or does anyone have more insight into what might be happening? TL;DR: Admin [email protected] [[email protected]] of [email protected] [/c/[email protected]] appears to be making seriously concerning moderation decisions, including erroneous enforcement of Rule 4 in at least two separate instances, failing to respond to messages, and applying user bans in completely unrelated communities despite a long track record of positive contributions across Lemmy. This has led to speculation that their account is likely compromised, or even more concerning if these actions are deliberate. Any thoughts or similar experiences would be appreciated. Cross post with https://lemmy.world/post/43944126 [https://lemmy.world/post/43944126]

Mar 8 at 1:16amWeb
Show threadSanctusMar 8
He didn’t have his account hacked.
Show threadowenfromcanadaMar 8

dessalines is known for questionable moderation. Avoid the .ml communities when possible.

Show threadDasusMar 8
Show threadfizzleMar 8
piefed is the way
Show threadgoferking (he/him)Mar 10

piefed is the way

Piefed is just as bad and is designed to mimic the worst parts of reddit

Show threadShellMonkeyMar 8
Multi comms is likely an instance ban, which they hand out freely on the .ml instance for anyone not in line with their ideology.
Show threadAutonomous UserMar 8
The above is a complete list. I would have expected to see more than 12 communities for that.
Show thread[deleted]Mar 8
It sometimes only shows if the user has posted or voted or something like that in the listed communites. Can’t remember exactly what, but there is something that limits what communities are listed when someone is instance banned, which for lemmy shows as a bunch of community bans.
Show threadmasterspaceMar 8

This is literally how he always acts. There’s a reason that many instances do not federate with lemmy.ml, his instance.

He’s incredibly pro communist, pro Russia, pro China, and will ban you for even mentioning that something could be foreign propaganda.

At the end of the day, hopefully your instance builds their server code from source and inspects it to make sure there’s nothing nefarious. It would be nice to use a decentralized Reddit like platform not build by him, but no one else has the time, resources, ability, and dedication, to step up.

Show threadscytaleMar 8

It would be nice to use a decentralized Reddit like platform not coded by him, but no one else has the time, resources, ability, and/or dedication, to step up.

You literally mentioned piefed in your next sentence.

Show threadZangooseMar 8

Tbf Piefed also does have opinionated moderation literally hardcoded into the source code.

It’s pretty easy to modify since it’s python and not rust, but still not great

Show threadadminMar 8
In b4 discussion of what constitutes hardcoding
Show threadfizzleMar 8
Ok what opinionated moderation?
Show threadEldritchMar 8
There are some disabled by default, filters built into piefed. That the main Dev uses on their instance. It’s not really even remotely the same thing or as controversial. But it’s the closest thing piefed has and gets brought up regularly because of it.
Show threadZangooseMar 8

Honestly I would consider hardcoded shadowbanning just as bad.

Just because I’m closer to agreeing with the PieFed dev’s opinions a little bit more doesn’t mean that I’d support shadow banning someone because the trivially-evaded checks caught a false positive in the crossfire. Piefed’s auto moderation/social scoring is pretty much textbook definition security-by-obscurity. The second anyone knows how it works, it’s useless. It will pretty much exclusively catch people who just wanted to post a harmless meme or something.

At least (for now) Dessalines isn’t hardcoding his tankie beliefs into Lemmy’s source code.

Show threadBlazeMar 9

Piefed doesn’t shadowban:

The reputation system doesn’t shadowban content. You don’t get comments silently autoremoved for having a low reputation. You don’t get throttled either.

https://lemmy.zip/post/58102975/24342240

Piefed admin settings that allow to enable or disable content filters (they are disabled by default, see body for details) - Lemmy.zip

Edit about the 4chan image blocking, I asked Rimu directly: > I wrote a long message about how that checkbox only notifies about federated posts. > So the difference is for local posts it blocks the creation of the post entirely, but for federated posts it just notifies the admin. https://chat.piefed.social/#narrow/channel/3-general/topic//near/10529 [https://chat.piefed.social/#narrow/channel/3-general/topic//near/10529] – Original message: https://codeberg.org/rimu/pyfedi/src/commit/b168820a089ff6e835059f0d806f81b612987a79/app/models.py#L3513 [https://codeberg.org/rimu/pyfedi/src/commit/b168820a089ff6e835059f0d806f81b612987a79/app/models.py#L3513] A few people in the other thread assumed that it was required to fork the code to disable those filters. That’s not the case, the filters can be configured, and are off by default. To hide the reputation system, here’s a line of CSS that admins can add in the admin area to hide it for every user https://piefed.social/c/piefed_css/p/1722358/hide-red-triangle-warnings-on-accounts-with-bad-reputation [https://piefed.social/c/piefed_css/p/1722358/hide-red-triangle-warnings-on-accounts-with-bad-reputation] That CSS line can also be used by any user wanting to hide the score at the user level.

Show threadZangooseMar 9

Thanks for clarifying, I guess I misremembered the shadowbanning part. I think I was mixing together the fact that reputation isn’t really transparent (users’ reputation can change by even attempting to upload an image that gets flagged, and the vague error means they’ll probably try multiple times without realizing they’re being moderated) and the fact the communities can autoban any user whose global reputation is low enough.

I still think the security-by-obscurity approach to moderation is inherently flawed though, and I hate to imagine how the dev approaches actual account security if that’s their approach to moderation.

Show threadBlazeMar 9

The code is open source. Nothing is obscured. The main objective is to identify trolls and toxic users who won’t bother looking at the code.

It’s not a silver bullet, it’s just supposed to grab the low hanging fruit, but it’s fine for me

Show threadZangooseMar 9

The code is open source. Nothing is obscured.

“Security-by-obscurity” is a phrase used for any measure that is useless once you know how it works. In this case it’s hoping that a troll doesn’t know about the specific hardcoded rules. None of the rules in PieFed actually work if you are at all aware of them.

Show threadBlazeMar 9
Yet I still regularly see toxic users being flagged as such, with a 95% accuracy. Either they don’t care or they don’t know enough about the system to bypass it.
Show threadZangooseMar 8

There were a few, not exaustive since it’s been a few months since I looked through the source code, some of this might have changed and there’s also a few other checks that I’m forgetting:

  • 4chan screenshots (specifically anything that OCR identified as having “Anonymous #(number)” in it) were banned. Honestly this one is fine as a toggle but I think for a while it was just on by default in the code
  • any community that had specific words in it were blocked at instance level. I think “meme” was there, a few swear words, and a few carryover reddit meme community names (196, I think nottheonion was also there, anything with “shitpost” in the name, etc.)
  • There’s a hidden karma/social credit score based on a user’s interactions and net total karma hidden from them that gets impacted by any moderation actions, including some of the automated hardcoded ones (e.g. even trying to upload an image that gets flagged by the hardcoded checks)
  • users with a low enough net score get shadow-banned without being informed
Show threadlambaliciousMar 8
Piefed is known to incorporate CCP-style shadow profile and similar measures, such as “Social Credit”, so it’d be hilarious to complain about l.ml’s alignment to then migrate to piefed of all places.
Show thread_‌_反いじめ戦隊Mar 8

no matter how many times you illusionary truth effect this, piefed users won’t be getting mortgages on using antislop abuse.

Why lemmy & dessalines depend on slop is beyond the topic of this crywolf 🧵 ╮(︶▽︶)╭

Illusory Truth Effect

The illusory truth effect is the tendency for any statement that is repeated frequently—whether it is factually true or not, whether it is even plausible or not—to acquire the ring of truth. Studies show that repetition increases the perception of validity—even when people start out knowing that the information is false, or when the source of the information is known to be suspect.

Psychology Today
Show threadDie4EverMar 8

It would be nice to use a decentralized Reddit like platform not coded by him, but no one else has the time, resources, ability, and/or dedication, to step up.

piefed, the Canadian instance runners

PieFed and Mbin don’t share any code with Lemmy at all, they’re in totally different programming languages

Show threadGrailMar 8
Piefed isn’t the canadian instance runners, you’re thinking of fedecan
Show threadtoadMar 15

My hometown have a few tower, but the most infamous is made in that ugly cheap brutalist style and is generally recognized as being an eyesore.

But one day i was invited to somebody who lived in the tower. And I was blown away, but I realized that the main advantage of living in the tower was that when you’re in it, you don’t see the tower.

My point is that on the so-called tankie instance, at least they’re not constantly whining about tankies.

Show threadmasterspaceMar 15

Neither are they on the instances that defederate from them.

It’s also not like it’s an ideological thing. The instances that get defederate from are just filled with obnoxious tankies.

Show threadoce 🐆Mar 8
You have been a user for 3 years at least, surely you have heard about the tankie situation on Lemmy? If you don’t share these views it’s better to ignore/block those three or four instances. It will make your Lemmy experience much more relaxing. en.wikipedia.org/wiki/Tankie
Tankie - Wikipedia

Show threadrealitaetsverlustMar 8
Lmao no. That guy is just a fucking nutjob. It’s nothing new really. The only thing compromised is his brain really.
Show threadlumpenproletariatMar 8

Ahahaha.

This would be deliberate. You’ll want to post this on [email protected]

Show threadAutonomous UserMar 10
Done, thanks!
Show threadBlackLaZoRMar 8
.ml stands for marxist-lenninist. Why are you even there?
Show threadhyperencabulatorMar 9
I assumed it meant machine learning or something, ty
Show threadArcaneSlimeMar 9
Downvoted but correct, they used to admit it before the exodus, but after the exodus they started denying it to seem more “general” in an attempt to appeal to everyone that isn’t stupid as shit.
Show threadflamingos-cant (hopepunk arc)Mar 8

You were instance banned under lemmy.ml’s rule 4, not the privacy community’s rule 4. ml’s rule 4 is “No Ads / Spamming”. This seems to have been prompted by you reposting a removed post, which frankly seems fair despite what I think of ml’s moderation normally.

Rule 4 does seem to be a bad reason to remove the original post, though I think it should’ve been removed simply for how cringe ‘cuckloading’ is as a term. Stop trying to link sexual deviancy to moral deficiency.

Show threadorgrinrtMar 8

Just jumping in to boost this message, posting your own videos is advertising your channel, probably fine if one and done, but consistently I’d consider it advertising or spamming too.

This op is cringe either way. “This moderator’s account has been compromised! No other way to explain them enforcing the instance rule 4 after consistently spamming the communities with my videos!”… Jesus christ.

Show threadAutonomous UserMar 10
Thanks for the analysis but there is no indication that any video was posted more than once or that the creator is a Lemmy user.
Show threadAutonomous UserMar 10
Thanks for sharing this, really appreciate the clarity. Honestly, the interface, which they themselves created, doesn’t exactly make it obvious. You’re absolutely right that the original post doesn’t fall under that rule 4 either. And while I can’t say your sentiment on its content is unreasonable, removing the whole post, despite the constructive comments that were being left, doesn’t actually change the minds of the overwhelming number of users who left positive votes on both occasions.
Show thread_‌_反いじめ戦隊Mar 8

I am upvoting this, simply because I find this crywolf hilarious. I’ve seen your authoritarianism dessalines.

How do tankies call this again?
Find out for fucking around too much?

How does the end of your boot taste like now?

cry wolf - Wiktionary, the free dictionary

Wiktionary
Show threadrglullisMar 8
Please find a better place to air out this dirty laundry.
Show thread_‌_反いじめ戦隊Mar 8
quick praxis: where?
Show threadrglullisMar 8

Any community that talks about moderation issues. Preferably one that is closer to the users of lemmy.ml.

This is not the place for this. It achieves nothing and gives newcomers the impression that this type of petty drama is an integral part of the Fediverse.

Show thread_‌_反いじめ戦隊Mar 8

so basically what I upvoted earlier

dessalines power tripped his own software.

petty drama is an integral part of the Fediverse.

Uhhhh, are you aware how federated networks initialize?

quokk.au/comment/3602385 - Lemvotes

Get a list of votes for any post, comment or user on Lemmy

Show threadrglullisMar 8

dessalines power tripped his own software.

AFAIK, he does not have any power over the other instances and communities that are not hosted over on lemmy.ml?

Uhhhh, are you aware how federated networks initialize?

Not interested in being baited into a pointless discussion today, sorry.

Show thread_‌_反いじめ戦隊Mar 8

he does not have any power

He does: it’s called association by usage. Guns don’t kill people, but their usage is to. lemmy threads with other threadiverse software, but installing lemmy means supporting an authoritarian. Merchants of Death and all that.

Not interested in being baited into a pointless discussion today, sorry.

Then don’t bother commenting on what little history you know🙃

Merchants of death - Wikipedia

Show threadrglullisMar 8

installing lemmy means supporting an authoritarian

Non sequitur. The software is free to use, free to redistribute and does not come with any obligation to support the ideologies of the developers. If that was the case, everyone using Linux desktops should be associated with Richard Stallman (author of the GNU project), which is on record defending Epstein by arguing that minors can consent to sexual relationships in exchange with money.

Show thread_‌_反いじめ戦隊Mar 8

So, you’ve never dealt with association with killers before?

everyone using Linux desktops should be associated with Richard Stallman (author of the GNU project), which is on record defending Epstein by arguing that minors can consent to sexual relationships in exchange with money.

Funny you mention this. Why did Linus Torvalds then disassociated with Vladimir Putin’s genocide?

Linus Torvalds kicked the Russians out of Linux, now they're creating a sovereign Linux community in Russia — Ministry of Digital Development steps in

Kneejerk announcement or a serious plan, time will tell.

Tom's Hardware
Show threadrglullisMar 8

Why did Linus Torvalds then disassociated

Absence of evidence is not evidence of absence.

You are failing at this most basic test of logic, this is why I don’t want to get dragged down into a pointless discussion with you. Enjoy the block, and have a good rest of the weekend.

Show thread_‌_反いじめ戦隊Mar 8
block the entire community then🙃
Show threadlambaliciousMar 8

, but installing lemmy means supporting an authoritarian

Have you ever transported yourself in a Ford, or derived, vehicle?

Show thread_‌_反いじめ戦隊Mar 8

Let me teach why we call “cagerscagers!

Do I need a cager to transport me to Berlin?

Urban Dictionary: cagers

a popular word among motorcyclists and bicyclists for four wheeled motor vehicle drivers. The term is often used in a derogative sense, because the car body effectively forms a cage, isolating the said driver from having to interact with other road...

Urban Dictionary
Show threaddb0Mar 8
[email protected]
Show thread_‌_反いじめ戦隊Mar 8
’rad, read below
Show threadAreldybMar 8
This is not evidence of account compromise, whatever you may think of dessalines’ moderation decisions.
Show threadpewgar_seemsimandroidMar 8
these being deliberate would be less surprising than the account being compromised.
Show threadZoteTheMightyMar 8
For every Lemmy.ml community you’re subscribed to, search for a non-lemmy.ml alternative. Almost every one has an alternative now. Subscribe to the new one, unsubscribe from the old, and never look back. This kind of heavy handed and/or opinionated moderation is the status quo there.
Show threadInternetCitizen2Mar 10
I think that is just how it is over there.
Show threadapftwbMar 10

Hey its me, the real dessalines.

Can I have some money.