Diaspora Foundation: A Child-Porn Sharing Network

[Todamont]

I ran a popular D* pod for about 7 years, called Cryptospora.net. We had approximately 30,000 users signed up. It was with much regret that I I shut my pod down, permanently, last month. Here's why.

There were certain neo-Nazis who would get banned from pod after pod, but they just kept signing up at new or foreign-language pods, and it was impossible to prevent neo-Nazi content from being shared to my pod and being displayed in my feed. There is CURRENTLY a large amount of child pornography being shared on the D* network. It became impossible for me to stop child-porn content or neo-Nazi hatespeech content from being shared to my pod and displayed to my users.

I made a thread in the Discourse channel for Diaspora podmins, and a github issue ticket. I suggested that the programmer community within D* come together to implement some form of OPTIONAL federated moderation system, so that I could import ban lists from other pods (ones with an actual staff) and make my ban lists available for other pods to import, based on some standardized TOS formats.

The D* core devs BANNED me from their CENTRALIZED forums for podmins, including their Discourse channel, their Github issues system, and their reddit sub. Apparently discussions about moderation are a bannable offense for these guys, and they are ADAMANT that there will NEVER be any effective network-wide system for preventing child-pornography abuse being posted to their network.

I would suggest that if YCombinator still owns shares in the Diaspora Foundation, they should consider rescinding ownership of those shares, and potentially suing the Diaspora Foundation for their money back. YCombinator should not be an unwilling share-owner of a child-porn sharing network.

[Carpetsmoker]

Do you have links to the GitHub issue and other discussions that you were banned for?

Edit: found one: https://github.com/diaspora/diaspora/issues/7866

[sierdolij]

This is the problem of decentralized, too open systems (aka anarchy): it enables terrorism, child porn, violent hate groups, organized crime and other extremists and criminals. There needs to be a reputation system and stronger limits to gradually give a user more access. Also, if they're required to pay for what they use (micropayment) to keep resources on servers, they're less likely to post illegal junk. Otherwise, crazy jerks will turn a free service into a Tragedy of the Commons, and everyone loses. We need more user-supported, non-profit sensible social media, productivity and other web apps to replace the for-profit and the wild-west ones that don't scale so well without major work. That being said, free often becomes junk because there's not the focus and professionalism to make something cool.

TL;DR - free doesn't scale without meaningful accountability

[miguelrochefort]

Filtering must be inbound, not outbound.

Users should be able to broadcast whatever they want, including highly illegal stuff.

Users should be able to filter whatever they receive, based on their individual preferences.

[paulcole]

> Users should be able to broadcast whatever they want, including highly illegal stuff

Sorry, but I disagree here. Even in something that’s decentralized, the user relies on someone and that someone most definitely has the right (and ethical responsibility) to stop the spread of “highly illegal stuff.”

[miguelrochefort]

"Highly illegal stuff" is relative, in time.and space.

How do you suggest we enforce that?

[paulcole]

If I’m making a decision to delete something based on it’s legality, I refer to the laws that apply to me. Not that tricky.

[Todamont]

I see it as a problem of moderation, which is notoriously tricky to do fairly, for any individual, and when you get a roomfull of techno-libertarians together it becomes insurmountable to reach consensus on the process. My takeaway is that federated networks need a federated moderation system, and they will become segmented when the "good" actors essentially ban / disconnect from the "bad" actors or just the uninitiated. So moderation systems maybe need to be centralized to some degree to be effective. I've reached out to the CEO of YCombinator, and the Youth Pastor of YCombinator about this, I'm looking forward to hearing their responses. I've also reached out to the Software Freedom Law Center, the group that oversees the Free Software Support Network of which the Diaspora Foundation is a part of, and I'll be urging them to take action against Diaspora Foundation also. I have just completed a tip to the National Center for Missing and Exploited Children, letting them know about Diaspora's little CP problem. My buddy from the Wall Street Journal seems interested now too :)

[zzzcpan]

There is no problem of moderation in decentralized systems, never was and never will be. Any system already assumes that you don't subscribe, follow or participate in things and communities you don't want to and you discover, choose and filter all the things you want yourself. That's how everything in the world works. Everything is inherently self moderated.

But there are actors who want to control the spread of information, have some global censorship features in every system with censorship decisions delegated to people who they can influence. These actors are also the ones who invented CP problem to be able do whatever they want to any target with public approval, like making bogus CP claims on anything that doesn't have a global censorship system to force creation of one. They may even upload CP themselves if necessary.

The good thing about ideologies though is that they do push people to protect ideological beliefs. You can't just CP your way into censorship on people with strong believes against censorship.

[Todamont]

If we're seeing CP on the network, there is MOST CERTAINLY a problem with the moderation. It's literally INSANE to me that you don't get that.

[zzzcpan]

I think you are making false claims and now even false accusations of core devs. There is no point continuing this discussion, it's clearly a smear campaign.

[Todamont]

My claims are not false. You are defending a child sex trafficking network, imho.

[stevenicr]

I've been thinking a lot about moderating with online communications, decentralized and federated makes the solutions even more complex. It's not easy to filter when the people you want to filter have some tech knowledge. I've been dealing with that for years. One bad person in a country near this one has access to thousands of VPNs, and is simply unstoppable.

I've been kicking around the idea of having multiple filter options for each server and each user.

I am very interested in how others would tackle this. Particularly interested in blocking / filter options with matrix and similar systems.

I am imagining a block servers list, block cidr list, and a set of human moderators that can 'add on the fly' to a list they control - these lists being set to block by default. With options to whitelist individual users or ips on a server basis and per user basis.

I'd like to give each user an option to turn off these filters all at once, or whitelist different servers for example.

I also want to have a page showing for example, a blocklist of servers, and a blocklist of users, and a list of the moderators, like a list of nightclub 'bouncers' - so that people can make comments about them - if one bouncer does block lots of bad things, but also blocked a few people who had differing politics for example, it would be nice to have a way to see and discuss that and give people options to have a different bouncer blocking their message box.

There's some of my random thoughts on the issue, I'd like to see what others have come up with. When exploring rocket chat and similar, what I have seen so far is that these comm platforms are working with teams of non hostile users in mind and defending against the kind of issues initially described here is not really something any portal is prepared to handle well. Yet, hopefully. I have been asking about different mod tools and how to implement multiple layers for the various threats / issues.

I also think sometimes people in a group need to be set to not see new users to the group by default, and only after a certain amount of time can a newer user be seen by the main others in a group - things like that.

[Todamont]

Actually, being a D* podmin for 7 years gave me a lot of time to reflect on fair moderation. Good moderation means letting people say things that you disagree with, essentially, as long as it is legal content. However, as the owner of a webserver, I do have the prerogative to lay down the rules of what can be served there, and so a part of good moderation is setting up a fair and rational TOS that is publicly posted, and applying those rules fairly to all accounts, equally.

For example, a rational TOS would not have people banned for complaining about CP on the network. A rational TOS would not ban people for "too many comments" on a github issue ticket without defining what the time limits for posting are. Spam is unsolicited commercial advertisment posts, so those are a clearly-defined special category.

I think meta-moderation, where people are randomly assigned to review each other's mod actions for sensibility, and some consensus/reputation score could be utilized to arbitrate that. I also think random rotation of moderatorship to people with good recent reputation/kharma over a 6 or 12 month period could be utilised, to great effect, to prevent "tyrant" mods.

In a federated network such as Diaspora, I think you need some tools for federation of the moderatorship actions, such as the ability to share blocklists among pods, with standardized TOS terms that several pods could subscribe to. That's what I suggested in their github issues system, right before they banned me.

[stevenicr]

"ability to share blocklists among pods, with standardized TOS terms that several pods could subscribe to" - is one of the things I was thinking would be a nice thing to make available - however I think it should not be on by default for new server setups (assuming it's a server setup to run one of these pods things you mention, I am considering this from my little understanding of how rocket chat and matrix and riot and things like that can work, I think it's similar in nature)

So I think it's great to have these kind of blocklists available to pods / servers / whatever instances, but I would like to see it as opt in, and selectivley able to opt out of whichever ones for any reason by the server / instance operator, and I think it should be optional for the users to opt out of whichever blocklists as well.

I can imagine there are many server/instance operators that would not want their users to be able to override the blocklists and I think that is fine, but I would also want people to post publicly, or at least available to their registered members, which lists were being used - so some transparency in the censoring.

I also think there needs to me be more safe space options, as I mentioned above - perhaps "rooms" where only known users who had been around for X amount of months or whatever could enter -

because, I think no matter how many blocklists are made, no matter how many cidr's are blocked, the truly evil trolls will find ways to circumvent the blocks, and they will get in, and they will post things you and your users do not want to see - and blocking them will make it more of a game and more of a win when they do get in,

So things can be made a bit better I think, but unless you enter a password protected chat area with just you and one other person you know - not being open to anyone else in the world - there is going to be risk. To think that any kind of shared censor list is going to make a magical space safe is not considering the ability and desire of those who want to ruin it.

On some of my sites I have several million ip addys blocked, a few countries via geoip, and yet I have still spent more than a dozen weeks of life researching ips for proxies / VPN, blocking those subnets, writing to ISPs and companies, filing complaints, contacting police in multiple countries, putting together evidence, dealing with lawyers, censoring "bad words" - all kinds of things.

In the end, I have limited some of the bad stuff that was posted by people who did not read our rules, I have stopped some of the spam bots. But, there is a kid in Canada that still comes in and ruins the whole thing for dozens of our users pretty much any time he wants. Sometimes its several times a day, sometimes it's once a week. I have found no way to actually stop it 100%.

So I look forward to some of these newer apps getting stronger with multiple moderation abilities. I do think we need to be careful forcing any one, or multiple people's ideas of what should be blocked on other people - as I have had good moderators and bad ones, and some that blocked some people for the wrong reasons - and deplatforming the non-popular is not the reason for the mod powers imho - and even with lots of mods we can't stop it all.

you've apparently seen much of this ebb and flow over the 7 years and finally had enough - I can relate, it's not easy. One of things we decided was forced vacation breaks for the mods to keep sanity and perspective.

The more options the better imho, so long as they are optional.

[Todamont]

> So I think it's great to have these kind of blocklists available to pods / servers / whatever instances, but I would like to see it as opt in, and selectivley able to opt out of whichever ones for any reason by the server / instance operator, and I think it should be optional for the users to opt out of whichever blocklists as well.

Yes, I agree with this. The end effect of this will be self-partitioning of the network, however, I think.

There are actually some pods who do a great job of tracking down bad users, and they have a full staff, and I trust their podmins. I should be able to offload a lot of the work of gatekeeping a TOS standard, to them, if I desire.

I totally agree it should be optional too. I clearly stated that in my posts to the D* github issues. But they just banned me, said trying to take action to moderate CP off the network was censorship, and they were going to ban me for it, ironically. That's when I started suspecting the D* core devs may actually be protecting their CP network, or even possibly profitting from the CP on their network.

[DanBC]

You can report images of child sexual abuse to the Internet Watch Foundation, an organisation who works with law enforcement internationally to remove these images. https://www.iwf.org.uk/

[Todamont]

Thanks, I have filed a complaint with them now. I've also notified the National Center for Missing and Exploited Children. I basically filed a complaint naming the D* core devs as potentially involved in child sex trafficking. That's very disturbing to me.

[awaywopassd]

Sure they should address this but this is a bit crazy.

[Todamont]

Why do you think it's crazy for me to file criminal reports about CP that I saw on the Diaspora Network? Should I just ignore that kind of thing, you think? I just submitted a tip to the FBI.

[trev-dev]

I spent about a month or so tinkering with Diaspora and I feel your pain. Wherever free speech is paramount, it comes at a price. Some people feel that free speech and free "expression" shouldn't be free. I have rarely circled back to my Diaspora account since discovering similar disturbing images/messages.

If it's helpful to you, there are many other decentralized networks. So far as I can tell, Mastodon has better moderation controls that can block entire instances. It doesn't stop bad things from happening. The only confort I can gleam from that is that those who do/say terrible stuff do so at the risk of being seen and discovered.

[Todamont]

I couldn't find the discourse discussions I started, apparently they deleted them when they banned me from discourse, for 1000 years.

Here's an interesting discussion where they talk about how users shouldn't be banned from discourse / loomio, which I found interesting, though:

https://discourse.diasporafoundation.org/t/banning-users-fro...

[Todamont]

Here you go!

https://github.com/diaspora/diaspora/issues/7865

https://github.com/diaspora/diaspora/issues/7866

[Todamont]

https://github.com/diaspora/diaspora/issues/7464

And this one :) This is the thread they said was relevant to the discussion and that I should comment on, and then they banned me for "spamming" their issues ticket system when I commented on it.

[mcv]

I don't think it's discussing moderation that got you banned, but spamming github issues about it. A single issue should suffice. I can't verify it, but they refer to you spamming their discourse too.

That said, I'd expect a discussion on this topic to be welcomed. The only reason they could reasonably be annoyed by you is if you keep rehashing points they've already discussed.

In that case, the right approach would be to read and understand how their current moderation tools work, the reasons why they work that way, and their reasons for not doing the thing you propose. If they don't address your concerns, state your case clearly and unambiguously (in one github issue you seemed to be arguing for centralised moderation, which is obviously not going to happen; emphasise that it's a voluntary choice for podmins who don't want to manually block repeat offenders) and explain why their current system doesn't address this.

That said, Diaspora development seems to be incredibly slow, so maybe they're not very eager to add completely new features that not many people are interested in. Understand that if you're not going to write this code, it's probably not going to happen.

But if childporn is really clearly a problem, and Diaspora is clearly unwilling to address the issue by considering tools to help podmins, then posting on a blog of your own could be a good way to initiate that discussion in a way that they can't block.

[Todamont]

"Spamming" issue tickets? You mean leaving comments? "Spam" is an unsolicited advertisement for a product or service, I DEFINITELY did not do that, so I think you should be more precise with your language. They don't have a Terms of Service that says you are not allowed to make comments on issue tickets, so I did not violate any terms of service. IMHO "spamming" is the excuse that all censors use, when they censor you.

[vonmoltke]

"Spam" is any sort of unwanted communications. Whether or not it is advertising anything is irrelevant.

[vfclists]

You used a headline grabbing/clickbait title such as Diaspora Foundation: A Child Porn Sharing Neywork, in order to draw attention to a lack of a federated moderation system in the Diaspora network system.

In my view this alone would be a good reason for you to be banned and cast out from those groups. FWIW I am not involved in those groups and I don't even know what happens in them, but the fact that you used such a title to draw attention to your cause shows that you have a cause which is not compatible with their ethos and other such decentralized systems.

Decentralized networks have arisen in response to centralized and privately controlled services like Twitter, Youtube, Facebook, Paypal and Patreon which use they term hate speech, neo-nazi, populist as excuses to ban those whose political and social views they disagree with, and you seriously expect them to adopt some sort of centralized control system. Good luck to you.

The same can be said of the TOR network, which seems to have become a system abused by all kinds of shady operators, with child pornography networks, bitcoin extortionists, Islamist propaganda networks among those operating behind the anonymity it offers.. Are there any calls for some kind OPTIONAL federated moderation systems for the TOR network?

How about Cloudflare, which has also come under criticism for protecting shady actors?

As for the child porn issue, the Internet itself can be seen as a child porn network irrespective of what tools or services are used to access it, and the same can be said about its so called relationship with hate speech. As Jordan Peterson asks, who defines what hate speech is?

As for the OPTIONAL part, things which are optional eventually morph into mandatory systems, with the possibility of operators who don't subscribe to such services being blocked simply for not using it..

Take a look at an organization such as Spamhaus, a supposedly optional but privately owned and controlled service, all the criticism and complaints of their abuse and misuse of a power over the years, and ask yourself why an organization committed to decentralized communication woud want such as system at the core of the services it provides.

I say this again, good luck to you!!

[Todamont]

Hey buddy, I'm seeing a ton of CP on the D* network. Maybe that's cool with you, but to me, it means that the D* network is a place for disseminating CP and potentially a place where child sex trafficking is occuring. Thats not sensationalism. If you think people should be banned for comments about moderation, I would suggest you don't understand the difference between fair moderation and censorship. Or maybe you just think CP is cool huh? Are you one of the D* core devs, is that why you are defending this network where child sex abuse pictures are being posted every day?

IMHO people who scream CENSORSHIP when you start talking about removing CP and going after child predators, are usually child predators.

[vfclists]

This is precisely the attitude which would probably get you banned, and I would ban you for such an attitude. You titled your post with CP and switched to neo-nazis who kept moving around when they were banned or blocked, the switched back to CP on the networks.

You didn't write about CP posters that you blocked or banned only for them switch to other pods. Any reason for that omission? You see, insinuations can work both ways.

The truth is you want moderation for other things besides CP, and you are using CP to draw attention to your cause.

You are already making insinuations like:

> "Or maybe you just think CP is cool huh? Are you one of the D* core devs, is that why you are defending this network where child sex abuse pictures are being posted every day?"

> "IMHO people who scream CENSORSHIP when you start talking about removing CP and going after child predators, are usually child predators."

Your behaviour is like some militant activists and SJWs who vilify and impugn people innocent people for no other reason that they don't share their views or subscribe to their causes. You might as well say that people who support and defend the 2nd amendment right to bear arms support mass murderers who go on killing sprees line Sandy Hook etc, and enjoy seeing the aftermath of such events on television. Do you characterize all defenders of the second amendment in that manner?

The whole point of decentralization is to avoid the very kind of controls you seek to have implemented. In any case the proper thing to do is for end users to have the kind of software that screens out users they don't like. If end users want to share their lists that is fine, centralizing the process without total transparency and accountability defeats the very idea of decentralized networks. There is no such thing has having your cake and eating it.

stevenicr has already made some comments along such lines, but without a transparent process which allows users final control on what they see or cannot receive you are bound to wind up in the Spamhaus situation. The end user must have the final say.

Since it is also a software issue, have you considered forking the software and implementing the changes you want, and letting pod administrators choose which software they prefer? That is a saner approach than casting innuendo about the software developers.

[Todamont]

If you think people should be banned from discussions because of their "attitudes" regarding moderation, you don't understand the difference between moderation and censorship, and you are advocating censorship.

> I would ban you for such an attitude.

Well, then you are a would-be censor, and it's a good thing you can't ban everyone everywhere, or else the whole world would fall silent and the only sound would be of your waxing nonsense. All those "spammers" with their "spam" complaints about CP, amirite?

If you think people should be banned from discussions because they won't stop complaining about all the CP on the network and how they can't legally run a pod anymore, well that's the attitude I'd expect from a CP network admin.

[vfclists]

Dude I think I have offered the proper solution to your problem.

You have made your suggestions, they have been ignored and you have been banned from the relevant discussion groups.

It is quite obvious that the solution is a software issue, that what you want is a change to the software.

Then what you have to do is to seek out some like-minded pod administrators, have some discussions with them, gather whatever necessary resources required to fork the software and get going.

The software is open source, isn't it?

That is a whole lot better than accusing some software developers of aiding and abetting the distribution of CP, which can be said of the whole of the Internet itself.

[Todamont]

I'm accusing them of aiding and abetting the distribution of CP because that's EXACTLY WHAT THEY ARE DOING, that's why they have a network with tons of CP on it RIGHT NOW.

> hey you know what you should do with this CP platform? FORK IT!!!

LOL, no. I have no interest in working on the D* project, ever again, my focus has now turned towards working with law enforcement to hold them accountable for aiding and abetting distribution of CP.

If the Diaspora Foundation wants to insult and ban podmins who complain about CP, then it's only logical that the response of those podmins should be to start criminal CP complaints against them.

[vfclists]

What is D?

What is the Diaspora Foundation?

How does the Diaspora Foundation differ from the Diaspora software?

Does deploying the software make you automatically a member of D and the Diaspora Foundation?

[Todamont]

No, I think you would have to be like added to their github group to be considered a "member" of the D* foundation. It used to be a private company but then it turned into a non-profit thing with volunteer coders. From what I can tell there are maybe 5 or 6 active devs, and they have NO PROBLEM WHATSOEVER with the amount of CP on their network, and NO PROBLEM WHATSOEVER blatantly censoring anyone who suggests a plan of action to stop the CP from being posted to their network. It seems to me that they may be PROTECTING their CP network from public view and legal scrutiny.