Highlighting the recent report of users and admins being unable to delete images, and how Trust & Safety tooling is currently lacking.

  • givesomefucks@lemmy.world
    link
    fedilink
    English
    arrow-up
    59
    arrow-down
    8
    ·
    9 months ago

    Well, yeah…

    If you upload a picture to Lemmy, it’s going to get saved by a shit of federated instances.

    That’s how federation works, but once it happens, it’s hard to get all of them to delete it.

    The fix is easy:

    Upload somewhere else (theres a bunch of images hosts) then make your post point to that image host. Federated instances just have to host the link, so it’s good for them too.

    I’d love to see something like the RES feature where Lemmy can still show an expandable thumbnail for non-hosted images. RES pulled it off fine years ago, not sure how hard it would be.

    But that would fix all these issues

    • Sean Tilley@lemmy.mlOPM
      link
      fedilink
      English
      arrow-up
      46
      arrow-down
      3
      ·
      9 months ago

      So, to be clear, the story the article links to is specifically a case of local content that didn’t actually federate. It was an accidental upload, he cancelled the post, it sat in storage, and even his admin was stumped about how to get it out.

      I agree that with federation, it’s a lot more messy. But, having provisions to delete things locally, and try to push out deletes across the network, is absolutely better than nothing.

      The biggest issue I have is that there’s really not much an admin can do at the moment if CSAM or some other horrific shit gets into pict-rs, short of using a tool to crawl through the database and use API calls to hackily delete things. Federation aside, at least make it easy for admins and mods to handle this on their home servers.

    • bloup@lemmy.sdf.org
      link
      fedilink
      arrow-up
      22
      arrow-down
      1
      ·
      9 months ago

      I have to say, I think the article actually does address what you’re saying, in particular here:

      There are a couple of reasons as to why this is so surprising. Firstly, the Trust & Safety aspect: a few months ago, several Lemmy servers were absolutely hammered with CSAM, to the point that communities shut down and several servers were forced to defederate from one another or shut down themselves.

      Simply put, the existing moderation tooling is not adequate for removing illegal content from servers. It’s bad enough to have to jump through hoops dealing with local content, but when it comes to federated data, it’s a whole other ball game.

      The second, equally important aspect is one of user consent. If a user accidentally uploads a sensitive image, or wants to wipe their account off of a server, the instance should make an effort to comply with their wishes. Federated deletions fail sometimes, but an earnest attempt to remove content from a local server should be trivial, and attempting to perform a remote delete is better than nothing.

      I also just want to point out that the knife cuts both ways. Yes, it’s impossible to guarantee nodes you’re federating with aren’t just ignoring remote delete requests. But, there is a benefit to acting in good faith that I think is easy to infer from the CSAM material example the article presents.

    • gabe [he/him]@literature.cafe
      link
      fedilink
      arrow-up
      15
      arrow-down
      1
      ·
      9 months ago

      Upload somewhere else (theres a bunch of images hosts) then make your post point to that image host. Federated instances just have to host the link, so it’s good for them too.

      Those images are still cached as well as the thumbnails.

    • Fisch@lemmy.ml
      link
      fedilink
      arrow-up
      12
      ·
      9 months ago

      Couldn’t images and videos just be loaded from the instance they were uploaded to instead of getting copied to each instance? It would work almost the same as uploading it to a file hoster but it would be a lot easier usability wise and illegal content would still only have to be deleted at a single point.

    • Die4Ever@programming.dev
      link
      fedilink
      arrow-up
      11
      arrow-down
      4
      ·
      edit-2
      9 months ago

      Yeah it’s like trying to delete a torrent that you created lol, deleting stuff from the Internet is not so easy. Even websites that claim to allow you to delete stuff may still be backed up by The Wayback Machine or similar, or even just a random user who liked your post and downloaded it.

      I would like improvements here, but you should probably still be careful about anything you post if you’re worried about being able to delete it, no matter what site you’re on.