Mastodawn

Kiernian 1d ago

Emelia 👸🏻

Friendly reminder: last year I built FediMod FIRES, a protocol and reference server implementation for sharing moderation data.

I haven't yet been able to get anyone to adopt it or even signal intent to adopt. But regularly I see people complaining about the lack of data sharing when it comes to moderation, especially for combating spam, scams, and harassment. The tool is there, please use it!

Whilst I'm not actively working on FediMod FIRES this quarter, I did apply in November for a grant to continue that work, and last I heard a few weeks ago is that the grant made it to the next stage, so I may have some money again to fund development.

It's not 1.0.0 yet, because I decided it needed more work for me to be happy to call it that, but it is usable!

Installation is also super simple for data producers, literally two commands on debian or ubuntu boxes.

Learn more: https://fires.fedimod.org/manuals/reference-server/

#moderation #fediblock #administration

FIRES Reference Server | FediMod FIRES

Fediverse moderation Intelligence Replication Endpoint Server

FediMod FIRES

@thisismissem
First time hearing about it tbh (and I don't admin large instances anyways 😅) but will take a look at it, sounds like it could be useful.

Emelia 👸🏻1d ago

@the_moep yeah, it's been difficult to get the word out because I don't have a particularly large following.

@thisismissem I took a quick look at it and there are two things I'm wondering about:

Can this already integrate with Mastodon's FASP? If not, is that planed?
How are identities of moderated actors/instances as well as the moderating instances protected? As far as I can tell all of that information seems to be provided in clear text which imo would result in retaliation actions being taken against the people putting an instance on the list. Something like this has happened in the Minecraft community on global banlist projects and seems to be (in a lesser form) an issue with Bluesky's public blocklists as well. (And in the email-space Spamhaus gets attacked a lot as well)

Emelia 👸🏻1d ago

@the_moep okay, a lot of questions!

1) FediMod FIRES is not related to Mastodon's FASP protocol. You shouldn't need an active connection to a FIRES server to process incoming activities.

2) Moderation data is shared publicly. Your server needs a copy of that data in order to take action. Moderation data providers can share as much or as little data about their operations as they desire.

3) The only way to not make the moderation data clear text would be by using Differential Privacy, and I absolutely do not have the cryptography knowledge to implement that.

4) Private datasets have been requested as a feature. Need to figure out access control. Existing datasets are all public.

Hope that helps.

Emelia 👸🏻1d ago

@the_moep FediMod FIRES is more parallel to Bluesky's Labeler infrastructure rather than blocklists

Thanks for the reminder @thisismissem it slipped through my radar last year 😅

Will try to have a look at it for potential use with Friendica!

Renaud Chaput 1d ago

@thisismissem probably not very helpful for now, but we intent to implement *lists (blocklists, email blocklists…) synchronisation in Mastodon in our next version.
We have not defined the exact scope yet but I want it to support FIRES (likely in addition to ingesting « simple » CSVs)

Julian Fietkau 1d ago

@thisismissem Who would be the target audience for FediMod FIRES? Is it anyone who moderates a fediverse server, or are you looking strictly for admins who can set up software integrations? Is there a minimum server size or moderation workload?

Is anything about it limited to Mastodon or is it applicable to all or most ActivityPub social platforms?

(🫢 Don't tell anyone, but I already know the answers to most of these, I just think it would be helpful to know for others reading this thread.)

Emelia 👸🏻1d ago

@julian target audience is people producing moderation datasets, that's who'd run the servers.

The protocol can be consumed by any client then, which would likely be instance operators. It's generic not mastodon specific, it's a side protocol to ActivityPub, but uses similar concepts.

It could even be used with AT Protocol (though no one has tried that yet)

@thisismissem @jerry spreadin' the word, sounds very useful

Baessando ☭🇧🇷🇵🇸🇺🇳1d ago

@thisismissem very nice

Mx "Vote Green" Fraud 1d ago

@thisismissem I'm going to try to say this with the most respect for you and your work.

If it is not in mastodon mainline as a feature, it might as well not exist.

The problem has never been ideas, protocols, or implementations, its always been adversarial relashionship from gargron and or the Mastodon GMBH leadership team.

They clearly do not want to prioritise this feature and many other feaures that people asked for years (hello local only post).

And the only people that can use this servers are: re-implementers, people that need a dedicated service to scale (and probbaly have multiple, high traffic instances), and hobbyist self hosters.

All the people using masto.host/ 3rd parties won't be able to use it.
Which I assume is the vast majority of the people wanting to have access to that feature in the first place.

Unless Mastodon GMBH start to listen to their community (instance administrators), the complaining will continue I'm affraid.

Again, trying my best here to convey that the work you did is needed and appreciated, and that my problems are with the people holding the power here.

Emelia 👸🏻1d ago

@mxfraud it sounds like Mastodon may be adopting the protocol, and there is other fediverse software out there besides Mastodon. But I also get your frustration.

https://oisaur.com/@renchap/116295375197416763

Renaud Chaput (@[email protected])

@[email protected] probably not very helpful for now, but we intent to implement *lists (blocklists, email blocklists…) synchronisation in Mastodon in our next version. We have not defined the exact scope yet but I want it to support FIRES (likely in addition to ingesting « simple » CSVs)

Oisaur

Andrew Furrow 1d ago

@thisismissem can I theoretically use this as a housekeeping tool for blocking all ActivityPub nodes of a certain type, e.g., Lemmy, Piefed, Gotosocial, or is there an easier way to do that? How about blocking all users with blank pfp?

Thanks

Emelia 👸🏻1d ago

@andrew it's not designed for that.

For automatically moderating profiles with no avatar, it'd be as your server learns about them, which could be done using a rails script for mastodon.

Andrew Furrow 1d ago

@thisismissem thanks!

Troed Sångberg 1d ago

@thisismissem I totally missed this - will check it out now!

Мя ��1d ago

@thisismissem you have pretty good installation tutorial but...not a single word about what to do after that

Or maybe I'm looking at wrong location, but I couldn't find anything about how to make up and running server do something useful (/nonneg)

Maybe I can help with documenting somehow?

Emelia 👸🏻1d ago

@mo maybe, what are you looking for? UI screenshots? API docs? Happy to take contributions!

Мя ��1d ago

@thisismissem lets assume I, fedi admin, have a friend, who is also fedi admin, and we could benefit from exchanging moderation info, so questions which come to mind are..

- Do we need to run separate FIRES, or one single?
- If two, how do we make them exchange info?
- And, most importantly, how do we integrate it in our moderation workflows (so yes, API docs, if no native support yet)

Maybe it's somewhere in concept section, but IMO docs would be better with short overview from practical perspective

Emelia 👸🏻1d ago

@mo you'd run a single FIRES server and both add information to it and then both of you would consume it.

Emelia 👸🏻1d ago

@mo for "how to integrate it into our workflows", well, that's where we need platforms to adopt it, and make that possible.

There is technically a write API for some data, but I was told during development that a UI for managing the server was better than an API, so API was postponed.

Мя ��22h ago

@thisismissem native integration is the best, but with API power users can write glue scripts themselves, speeding up adoption

Emelia 👸🏻20h ago

@mo that was why it was originally meant to be headless, and the feedback I received was that people had no idea how to use it if headless, so I had to make a choice UI or API as I didn't have funding for both — UI won last time.

Emelia 👸🏻1d ago

@mo oh, also, my assumption was "post installation, you'll probably open your web browser to the server URL and start poking around and log in with the credentials you were shown"

Мя ��22h ago

@thisismissem well, there's not so much motivation to install something I don't understand how to use

Emelia 👸🏻20h ago

@mo I'm also cautious to give screenshots right now because the plan is to completely revamp the admin next funding round

Emelia 👸🏻20h ago

@mo FediMod FIRES as a reference server is also still pretty oriented towards early adopters, not mainstream market

Mïkê 💚 👑🐉🗡️🏳️‍⚧️1d ago

@thisismissem @admin does this seem like it would help you?

gotofritz 1d ago

Great concept - more transparency on why some domains get added to a denylist, and by whom, was sorely missed. That should go some way towards avoiding arbitrariness in managing those lists (looks at thebadplace)

Emelia 👸🏻1d ago

@gotofritz funnily enough, FIRES was created iniitially as a concept in the context of Are0h's FSEP paper, I wanted to solve the "How do we share this data in a generic, non-thebadspace specific way"

https://nivenly.org/docs/papers/fsep/

Federation Safety Enhancement Project (FSEP)

With the surging popularity of federating tools, how do we make it easier to make safety the default?

The Nivenly Foundation

trampinheavy 4h ago

@thisismissem
Is this essentially just blocklist sharing? Doesnt this introduce the potential for certain instances to censor users across multiple instances?