Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Instance Greylisting #4296

Open
1 task done
ghost opened this issue Jul 22, 2017 · 10 comments
Open
1 task done

Instance Greylisting #4296

ghost opened this issue Jul 22, 2017 · 10 comments
Labels
suggestion Feature suggestion

Comments

@ghost
Copy link

ghost commented Jul 22, 2017

As noted in issue #3880, giving instance admins the option of whitelisting other instances is frowned upon due to breaking federation.

In the interest of finding a compromise that allows instance admins to protect their users without being harmful to federation, I propose offering a greylist option, instead. This would allow unknown instances to federate, but simply be silenced by default, giving the administrator(s) a chance to determine whether new instances are safe and whether their content should appear on the public timelines without breaking federation. By being opt-in and silence-only, I believe this feature would resolve the concern raised that new instances will be required to "go through some kinda review process with every single other node."

This feature would be extremely useful for instances hosting spaces for marginalized communities and instances that are not able to have around-the-clock staff. As a side effect, it could encourage more instances to have open registration.

As cautioned by @vahnj and referenced in #4208, this feature does not address the risk of a hostile instance harvesting the private messages of unlocked users. That said, I believe it offers a significant degree of protection to users of instances that may so desire it.


  • I searched or browsed the repo’s other issues to ensure this is not a duplicate.
@sydneyfalk
Copy link

This would allow unknown instances to federate, but simply be silenced by default, giving the administrator(s) a chance to determine whether new instances are safe and whether their content should appear on the public timelines without breaking federation.

That seems like a solid solution, from my understanding of the interconnections involved. At least, in terms of admins not wanting unwanted stuff in their public timeline without warning or option.

@nightpool
Copy link
Member

nightpool commented Jul 22, 2017 via email

@sydneyfalk
Copy link

I don't know that link is to the right issue (I feel fair sure it's not), so I couldn't go look up the exact original phrasing, but as for:

some kinda review process with every single other node

Each one kind of does though -- a ton of users interact and either report them or don't find them objectionable, and if the former, then the admin has to also notice this, and be in a position to do something about it (by talking to the other admins), etc.

But if something less overtly awful than NAS or shitposter.club decides to drop a deuce in the stream, admins don't have a 'choice' about it until enough users notice AND they're back at the keyboard, and then the turds are already publicly there.

Presumably if admins are overzealous in not unsilencing instances, that'd become obvious over time -- but that would do less active damage to the existing small and medium instances, IMO. :\

@ghost
Copy link
Author

ghost commented Jul 22, 2017

I don't know that link is to the right issue (I feel fair sure it's not)

This should've been #3880. Fixed in OP.

@sydneyfalk
Copy link

Aha -- thank you! ^_^

Whitelists go against the spirit of decentralization.

I could agree that everybody using whitelists may be, but some people having the option of a whitelist isn't necessarily. Some places, it doesn't really matter if someone takes a dump in it (a big river) but other places start getting used as a toilet, suddenly it's affecting things quite a bit (small/medium instances of specialized natures come to mind).

But if it's not preventing federation overall, and it's not even the default option in place, it's arguably just another tool -- and some instances are probably going to end up effectively whitelisting clumsily anyway if they don't have a way to do it (or 'greylisting') if they're trying to keep out random crappers in their public timeline.

At least, that's my take on it.

@M-D-M
Copy link

M-D-M commented Jul 22, 2017

Some places, it doesn't really matter if someone takes a dump in it (a big river) but other places start getting used as a toilet, suddenly it's affecting things quite a bit (small/medium instances of specialized natures come to mind).

This is the best analogy of the Internet I've ever seen -- I'm stunned.

@dzuk-mutant
Copy link

+1 for this idea, and I wrote an open letter a while ago expressing my sentiments about these kinds of systems in more detail - http://telegra.ph/An-open-letter-about-whitelisting-and-greylisting-07-23

@Gargron Gargron added the suggestion Feature suggestion label Oct 20, 2018
@LWFlouisa
Copy link

It's gotten to the point where I no longer even recommend Mastodon to my friends, especially for author friends that are trying to build a brand image. I get admins should be able to theme their own channel, but it's entirely a different thing to allow people to dogpile and swamp people's moderation tools with frivolous reports.

I simply don't have to worry about that kind of childishness on GNU Social or Pleroma. Mastodon in frankly embarassing in its inability to prevent harassment.

It doesn't even REALLY protect minority groups like it claims to, but choosing to other some trans people and not others. When I can avoid being descriminated against even on Diaspora (a very right wing distributed network) that should tell you something.

Freedom of Speech, means not prioritizing some Trans person voices over others. Both the positive and the negative.

@sydneyfalk
Copy link

I feel like this response may just have been to something else and not actually intended to be here, but out of curiosity, is LWFlouisa also your username on Masto and other types of accounts?

@emollusion
Copy link

Maybe I should have posted this here. (#3880 (comment))
For organisations that are not a group of friends, GDPR steps in within the EU at least and this problem with white-/grey-/blacklisting needs to have validity, or Mastodon wont even be able to be considered.
Unless mastodon is actually only meant for groups of friends.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
suggestion Feature suggestion
Projects
None yet
Development

No branches or pull requests

7 participants