Mastodon: Instance Greylisting

Created on 22 Jul 2017  Â·  10Comments  Â·  Source: tootsuite/mastodon

As noted in issue #3880, giving instance admins the option of whitelisting other instances is frowned upon due to breaking federation.

In the interest of finding a compromise that allows instance admins to protect their users without being harmful to federation, I propose offering a greylist option, instead. This would allow unknown instances to federate, but simply be _silenced_ by default, giving the administrator(s) a chance to determine whether new instances are safe and whether their content should appear on the public timelines _without_ breaking federation. By being opt-in and silence-only, I believe this feature would resolve the concern raised that new instances will be required to "go through some kinda review process with every single other node."

This feature would be extremely useful for instances hosting spaces for marginalized communities and instances that are not able to have around-the-clock staff. As a side effect, it could encourage more instances to have open registration.

As cautioned by @vahnj and referenced in #4208, this feature does _not_ address the risk of a hostile instance harvesting the private messages of unlocked users. That said, I believe it offers a significant degree of protection to users of instances that may so desire it.


  • [X] I searched or browsed the repo’s other issues to ensure this is not a duplicate.
suggestion

Most helpful comment

I don't know that link is to the right issue (I feel fair sure it's not), so I couldn't go look up the exact original phrasing, but as for:

some kinda review process with every single other node

Each one kind of _does_ though -- a ton of users interact and either report them or don't find them objectionable, and if the former, then the admin has to also notice this, and be in a position to do something about it (by talking to the other admins), etc.

But if something less overtly awful than NAS or shitposter.club decides to drop a deuce in the stream, admins don't have a 'choice' about it until enough users notice AND they're back at the keyboard, and then the turds are already publicly there.

Presumably if admins are overzealous in not unsilencing instances, that'd become obvious over time -- but that would do less active damage to the existing small and medium instances, IMO. :\

All 10 comments

This would allow unknown instances to federate, but simply be silenced by default, giving the administrator(s) a chance to determine whether new instances are safe and whether their content should appear on the public timelines without breaking federation.

That seems like a solid solution, from my understanding of the interconnections involved. At least, in terms of admins not wanting unwanted stuff in their public timeline without warning or option.

I don't think this is substantially different enough from what was proposed
that it will receive a different response from the community. Both options
(silence and suspend) were proposed in the original issue ticket.
On Fri, Jul 21, 2017 at 9:55 PM sydneyfalk notifications@github.com wrote:

This would allow unknown instances to federate, but simply be silenced by
default, giving the administrator(s) a chance to determine whether new
instances are safe and whether their content should appear on the public
timelines without breaking federation.

That seems like a solid solution, from my understanding of the
interconnections involved. At least, in terms of admins not wanting
unwanted stuff in their public timeline without warning or option.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
https://github.com/tootsuite/mastodon/issues/4296#issuecomment-317149289,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAORV67Vxh72lDtAeJRUBR6XddUTtCUCks5sQWSEgaJpZM4OgBs3
.

I don't know that link is to the right issue (I feel fair sure it's not), so I couldn't go look up the exact original phrasing, but as for:

some kinda review process with every single other node

Each one kind of _does_ though -- a ton of users interact and either report them or don't find them objectionable, and if the former, then the admin has to also notice this, and be in a position to do something about it (by talking to the other admins), etc.

But if something less overtly awful than NAS or shitposter.club decides to drop a deuce in the stream, admins don't have a 'choice' about it until enough users notice AND they're back at the keyboard, and then the turds are already publicly there.

Presumably if admins are overzealous in not unsilencing instances, that'd become obvious over time -- but that would do less active damage to the existing small and medium instances, IMO. :\

I don't know that link is to the right issue (I feel fair sure it's not)

This should've been #3880. Fixed in OP.

Aha -- thank you! ^_^

Whitelists go against the spirit of decentralization.

I could agree that _everybody_ using whitelists may be, but _some people_ having the _option_ of a whitelist isn't necessarily. Some places, it doesn't really matter if someone takes a dump in it (a big river) but other places start getting used as a toilet, suddenly it's affecting things quite a bit (small/medium instances of specialized natures come to mind).

But if it's not _preventing_ federation overall, and it's not even the default option in place, it's arguably just another tool -- and some instances are probably going to end up effectively whitelisting clumsily anyway if they don't have a way to do it (or 'greylisting') if they're trying to keep out random crappers in their public timeline.

At least, that's my take on it.

Some places, it doesn't really matter if someone takes a dump in it (a big river) but other places start getting used as a toilet, suddenly it's affecting things quite a bit (small/medium instances of specialized natures come to mind).

This is the best analogy of the Internet I've ever seen -- I'm stunned.

+1 for this idea, and I wrote an open letter a while ago expressing my sentiments about these kinds of systems in more detail - http://telegra.ph/An-open-letter-about-whitelisting-and-greylisting-07-23

It's gotten to the point where I no longer even recommend Mastodon to my friends, especially for author friends that are trying to build a brand image. I get admins should be able to theme their own channel, but it's entirely a different thing to allow people to dogpile and swamp people's moderation tools with frivolous reports.

I simply don't have to worry about that kind of childishness on GNU Social or Pleroma. Mastodon in frankly embarassing in its inability to prevent harassment.

It doesn't even REALLY protect minority groups like it claims to, but choosing to other some trans people and not others. When I can avoid being descriminated against even on Diaspora (a very right wing distributed network) that should tell you something.

Freedom of Speech, means not prioritizing some Trans person voices over others. Both the positive and the negative.

I feel like this response may just have been to something else and not actually intended to be here, but out of curiosity, is LWFlouisa also your username on Masto and other types of accounts?

Maybe I should have posted this here. (https://github.com/tootsuite/mastodon/issues/3880#issuecomment-454334097)
For organisations that are not a group of friends, GDPR steps in within the EU at least and this problem with white-/grey-/blacklisting needs to have validity, or Mastodon wont even be able to be considered.
Unless mastodon is actually only meant for groups of friends.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

phryk picture phryk  Â·  3Comments

flukejones picture flukejones  Â·  3Comments

hugogameiro picture hugogameiro  Â·  3Comments

golbette picture golbette  Â·  3Comments

sorin-davidoi picture sorin-davidoi  Â·  3Comments