1030
you are viewing a single comment's thread
view the rest of the comments
[-] pinkdrunkenelephants@sopuli.xyz 12 points 1 year ago

I'm not gonna lie, I'm surprised it took this long for some dipshit to try something like this. Lemmy's security has more holes in it than a piece of Swiss cheese and we're fools if we think it's viable enough for it to serve as a long-term home for new social media.

We really, really need a better social structure than federation.

[-] KairuByte@lemmy.dbzer0.com 16 points 1 year ago

Lemmy’s security has more holes in it than a piece of Swiss cheese

This has very little to do with security. There's inherently "insecure" about posting CSAM, since the accounts and images were likely posted just like any other.

What really needs to happen, is some sort of detection of that kind of content (which would likely require a large change to code) or additional moderation tools.

[-] pinkdrunkenelephants@sopuli.xyz 5 points 1 year ago

The lack of those tools is what I was talking about

[-] KairuByte@lemmy.dbzer0.com 11 points 1 year ago

Ah okay, those arent generally considered security but I can understand why you went that route I suppose.

[-] pinkdrunkenelephants@sopuli.xyz 3 points 1 year ago

Does anyone know why they were never put in?

[-] KairuByte@lemmy.dbzer0.com 6 points 1 year ago

Software development is a balancing act. You need to pick and choose not only what features to add, but when to add them. Sometimes, mistakes are made in the planning and you get a situation like this.

What likely happened, is that these kinds of features were deemed less likely to be needed, since the majority of lemmy users will never run into the need of them and there is technically a way to handle the situation (nuking your instances image cache.) But you'll likely see a reshuffling of priorities if these kinds of attacks become more prevalent.

[-] lemann@lemmy.one 9 points 1 year ago

Lemmy's security

I think you mis-spelled moderation tools, nice quick fix would have been to block posts from new users on X instance and have a pinned post briefly covering why - they'll eventually run out of instances that don't have open signups IMO or just give up.

Another mod tools option would be rate limiting of posts, i.e. users can only make a new shitpost every 10-15min, rather than unlimited times per minute

[-] pinkdrunkenelephants@sopuli.xyz 1 points 1 year ago

Those are all fundamental aspects of Lemmy's security that should be there but are not

this post was submitted on 28 Aug 2023
1030 points (97.2% liked)

Memes

45775 readers
2215 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS