this post was submitted on 16 May 2026
65 points (92.2% liked)
Ye Power Trippin' Bastards
1766 readers
123 users here now
This is a community in the spirit of "Am I The Asshole" where people can post their own bans from lemmy or reddit or whatever and get some feedback from others whether the ban was justified or not.
Sometimes one just wants to be able to challenge the arguments some mod made and this could be the place for that.
Posting Guidelines
All posts should follow this basic structure:
- Which mods/admins were being Power Tripping Bastards?
- What sanction did they impose (e.g. community ban, instance ban, removed comment)?
- Provide a screenshot of the relevant modlog entry (don’t de-obfuscate mod names).
- Provide a screenshot and explanation of the cause of the sanction (e.g. the post/comment that was removed, or got you banned).
- Explain why you think its unfair and how you would like the situation to be remedied.
Rules
- Post only about bans or other sanctions that you have received from a mod or admin.
- Don’t use private communications to prove your point. We can’t verify them and they can be faked easily.
- Don’t deobfuscate mod names from the modlog with admin powers.
- Don’t harass mods or brigade comms. Don’t word your posts in a way that would trigger such harassment and brigades.
- Do not downvote posts if you think they deserved it. Use the comment votes (see below) for that.
- You can post about power trippin’ in any social media, not just lemmy. Feel free to post about reddit or a forum etc.
- If you are the accused PTB, while you are welcome to respond, please do so within the relevant post.
- Keep the comments in YPTB posts about the moderation action itself, not about the general topic in which the moderation took place.
Expect to receive feedback about your posts, they might even be negative.
Make sure you follow this instance's code of conduct. In other words we won't allow bellyaching about being sanctioned for hate speech or bigotry.
YPTB matrix channel: For real-time discussions about bastards or to appeal mod actions in YPTB itself.
Some acronyms you might see.
- PTB - Power-Tripping Bastard: The commenter agrees with you this was a PTB mod.
- YDI - You Deserved It: The commenter thinks you deserved that mod action.
- YDM new - You Deserved More: The commenter thinks you got off too lightly.
- BPR - Bait-Provoked Reaction: That mod probably overreacted in charged situation, or due to being baited.
- CLM - Clueless Mod: The mod probably just doesn't understand how their software works.
Relevant comms
founded 2 years ago
MODERATORS
This, assumes the vendor acts in good faith, which, as we have seen in the past few days, it hasn't been the case. Public disclosure was the appropriate course here, so it allows forks like Pievolution & PyLova the awareness to also take action on their derivative vulnerabilities.
I believe @yogthos@lemmy.ml purposely did not, to exemplify amateurs now have access to tools they should not, and WILL forgo proper standardized communication channels to disclose issues like these in the future. Unless you believe Mitre & CVE reporting will be taught in grade schools, this threat model is pretty realistic of what we should now come to expect. Not everyone is privileged enough to afford security courses, and standardized education.
Responsible disclosure does not assume the vendor acts in good faith. Usually the disclosure period is around 90 days before the vulnerability is released, fixed or not (although this is negotiable with a good faith vendor).
Forks etc. could have been informed privately first too if possible.
This is not a good argument. Undisclosed zero days in the wild have always been part of the threat model. Amateurs with LLMs or not, a large percentage of vulnerabilities are not disclosed responsibly and are only fixed after damage has been done. Putting people and their personal information at risk because you want to make a point about the dangers of zero days (which everyone is already aware of) is woefully unethical.
That doesn't mean we should abandon these things. The vendor can report the CVE too. Or anyone else with an interest in it. It doesn't have to be the untrained amateur grey hat asking Claude for vulns. A malicious threat actor exploiting a system doesn't report it either. The community benefits from skilled people handling things properly. Pretending that it doesn't because most people don't have those skills is silly.
You’ve never been sued then.
Hopefully I don't need to demonstrate how this also isn't an argument that doesn't hold itself.
And unskilled people now have access to skilled tools that doesn't handle things properly…. It's not an argument people’s personal information is already at risk. It's an argument that the tools people now have access do not properly handle things. Maybe teach the people that developed claude mythos how to Mitre & CVE responsibly ╮(︶▽︶)╭
As far as I know, piefed doesn't even have a cve process for submitting vulnerabilities. And I'd like to note that the two vulnerabilities I disclosed only affect the server admin in a sense that they allow the attacker to post content to the server and snoop around on available endpoints, but they don't expose any user information.
They don't need to have one.
You can report it here: https://cveform.mitre.org/
Use the CNA-LR since I don't think they have a CNA.
You were probably trying to do the right thing disclosing, just know that there is a better process for it (even if you think the devs are asshats, it's good to do it like that for the community who aren't).
Even if it only affects admins, that includes admins of forks etc.
I'm sure there's probably more vulnerabilities to find.
Ah, I didn't actually know about using mitre. So, that is good to know for the future.