[mikenew]

This feels like an existential threat to HN, and to the general concept of anonymous online discourse. Trust in the platform is foundational, and without it the whole thing falls down.

Requiring proof of identity is the only solution I can think of, despite how unappealing it is. And even then, you'll still have people handing their account over to an LLM.

I really struggle to imagine a way around it. It could be that the future is just smaller, closed groups of people you know or know indirectly.

[dom96]

> Requiring proof of identity is the only solution I can think of, despite how unappealing it is

Same. I agree that it is unappealing but it can be done in a way that respects anonymity.

I built this and talk about it here: https://blog.picheta.me/post/the-future-of-social-media-is-h...

I think we’re on the precipice of this being a requirement to have any faith you’re talking to another human. As a side effect it also helps avoid state actors from influencing others.

[MaKey]

> I think we’re on the precipice of this being a requirement to have any faith you’re talking to another human.

Except that it doesn't prove you're talking to a human - it just increases the hurdles for bot operators (buy or steal verified accounts).

[dom96]

It adds enough of a barrier to be worth it. In the way I have implemented it, you can only have one account per ID (for example passport). Yes, you can buy fake passports, but it's prohibitively expensive. Read my blog post for more info.

[MaKey]

This is not a technical issue - it's a societal one. Do we want online ID verification? Are the trade-offs worth it? Do we want to make the internet a place that requires an ID everywhere for age verification or to prove that you're human? What would the implications be?

Regarding your implementation: Most people don't have a passport, so it's a non-starter - but again, this topic is not a technical issue.

[dom96]

I think that it is a technical issue to a certain extent. Governments could make it very easy to prove humanity (and age) in a secure manner that doesn't leak your personal details to the third party that wants to perform the verification.

I don't see that as "requiring ID".

I think the real question is how much do we care that our online spaces are composed of not just AI bots, but also sock puppet accounts controlled by various people (from governments, rich people, all the way to harassers that use alt accounts) wanting to trick us.

[MaKey]

You're still arguing from a technical perspective while not addressing the societal issues that online ID verification leads to. Do we as society really want an internet that resembles a gated community where you can only enter with an ID? What about the people we exclude? Should we abandon the free internet just because of bots and sock puppet accounts? What about other ways to address the issue?

[protocolture]

I mean, reddit accounts are valued based on the identity they have built. Its not farfetched to imagine uninterested users making and selling a single account each.

[jeff-hykin]

There's lots of alternatives. Others have mentioned invites and proof of work, and I'll mention a third alternative: a voucher system.

E.g. I make a new hackernews account, and say "just ask wikipedia, they will vouch for my new hackernews account". Then wikipedia checks if any of their accounts vouch for this new hackernews account. If a user with enough reputation on Wikipedia (e.g. your friends or one of your own wikipedia accounts) vouches for this new hackernews account then wikipedia tells hackernews "yes, that account is legit".

Hackernews knows the minimum amount possible about the new account. And while wikipedia knows something, they know WAY LESS than a full ID check. People can have multiple Wikipedia accounts.

And its a two way street; Wikipeida could ask hackernews about new accounts. Both sites would benefit from the collaboration.

Karma could actually become meaningful/useful for reputation checks.

The only unfortunate aspect is I'm not aware of any software tooling for such a system.

[pluralmonad]

Removing anonymity is not a solution, just a different problem.

[neom]

I don't feel like using HN anymore, I hope the just add invites, last time I said this someone replied it's just the same as some other site then, but it's not... hn is hn...this situation is really bumming me out.

[nomel]

Looks like http://lobste.rs is it. I haven't been invited, and I' not really sure I should be, but I'm having a very nice time just reading.

[kanzure]

Another option instead of using identity is to use proof of work or hashcash such that anyone who thinks a comment is valuable can use some hash rate to upvote it. It doesn't matter how the content was generated, only that someone thought it was important, and you can independently verify this by checking how much hash effort went into hashing for that comment. This also does not require any identity either.

[Borealid]

Advertisers are more willing to spend money to promote content than an individual is willing to do the same...

[kanzure]

Having multiple different distribution channels can solve that problem. Advertisers cannot monopolize all distribution channels simultaneously because of the costs involved (it would be like someone trying to buy the whole economy).

[jeff-hykin]

Using a real identity doesn't fix that problem either though: advertisers just pay real people in India to do ID checks.

[zug_zug]

I don't think that's true at all.

One of the things HN does is not let you interact in certain ways until you've earned sufficient karma. This is a basic proof-of-work. If your bot can't average a positive karma, then it'll never get certain privileges.

Not to say the system is perfectly tuned for bots, because it's not. The point is that proof of identity is not the only option.

[3rodents]

HN is almost entirely about the comments. Voting is useful as a tool for loosely sorting content but otherwise, HN could easily do without it. Some of the most valuable comments come from people with barely any karma. And that’s why HN is great! The restrictions on voting and flagging for new users could be removed without impacting the quality of HN. I can’t imagine any scenario in which HN’s current system could survive the same slopification that is happening on reddit.

HN is doing okay at the moment because nobody is yet publishing ebooks and videos on how to astroturf HN to launch your SaaS. Unfortunately, Reddit hasn’t escaped that fate.

[rob]

They get the privilege of immediately polluting the website with LLM-generated comments.

Many of them sound and look completely normal and have others on here interacting with them. They don't use em dashes, sometimes they'll use all lowercase text, sometimes the owner of the bot will come out and start commenting to throw you off.

All examples I've witnessed here.

HN should immediately start implementing at least some basic bot detection methods without requiring us to email them every time. I've discovered multiple bots make detailed comments within 30 seconds of each other in different threads, something a normal human wouldn't be able to do. That should be at least flagging the account for review. Obviously they'll get smarter and not do that soon but it would help in the short term.

I'd say it's not an issue but everything I described above has happened in less than a month and every day now I'm discovering bots here.

[zug_zug]

I do agree that bots are or will be an existential risk for every online forum. But I also think that an attempt to fix it that takes away anonymity is a cure that's worse than the disease.

My best understanding is yes -- there are signal that somebody is a bot (like how quickly they post), but if HN bans based on those signals then whoever made the bot will keep tweaking the code.

I feel like I rarely see bots in the top 5 comments of any article I read, or otherwise causing major disruption.

I think we just need to get creative about ways a platform can prove somebody is an invested human without tying it back to any personally identifiable information.

[hhjinks]

Prevent pasting comments. Implement a naive check for time spent typing the comment, and shadowban posts that don't pass the criteria. Add a 1 minute wait and captcha for posting.

That'd drastically reduce the amount of low effort posts, both human-written and generated.

[satiric]

Preventing pasting would drastically reduce how often people cite their sources; no one wants to hand copy a long url.

[ttamslam]

I've been working on this tool to address this same issue in other communities: https://www.ityped.it/

It's certainly not perfect, but similar to what you mention.

p: https://www.ityped.it/p/WIiTYfdxQ5ww

[krapp]

Have the output of the LLM sent to a headless browser that "types" and submits the comment as necessary, with some randomness added for authenticity.

Or, since this would need to be done in javascript, just block or rewrite the javascript and fake the output in the sent request.

Simplistic solutions like this stopped being meaningful decades ago.

[nottorp]

> And even then, you'll still have people handing their account over to an LLM.

Exactly. So what's proof of identity good for?

[nomel]

Invitation only is a reasonably successful alternative for niche communities, especially with the ability to banish an invite "tree".

My conspiracy theory: Campaign money, from the last few elections (I think "Correct the record" [1] was the first "disclosed" push), resulted in a bunch of bot accounts being made/bought all across social media. These are being lightly used to maintained some reasonably realistic usage statistics, and are "activated" to respond to key political topics/times. This is on top of spam accounts to push products and, of course, the probably higher-than-average bot number of accounts, made for fun, by HN users.

[1] https://en.wikipedia.org/wiki/Correct_the_Record

[AndyKelley]

invitation tree. lobste.rs already has it, works great.