Mastodon: Hide custom emojis from display names for foreign users
Just today, someone tried to impersonate the popular singer Taylor Swift by creating @[email protected] and following a few thousand accounts. As you can see in the image, this account used the :verified: emoticon in its display name and many people thought that the is the real one.
While I trust the admins of my instance to moderate who can "wear" the :verified: badge and who can not, they don't have the power over other instances and I can not expect my users not to trust a :verified: badge from another instance.
Hence, I plead to remove the badge for all foreign users.
Maybe, there is a place for a "verified trust-chain" (I trust my instance, my instance trusts another instance, the other instance verifies a certain user), but this isn't the subject of this issue.
- [x] I searched or browsed the repo’s other issues to ensure this is not a duplicate.
jeyemwey
All 9 comments
they are just uploaded emojis and theres really no way to control this except by the admin deciding not to upload it, like if you blocked the short code someone could just place it under a different one. You shouldnt be trusting this from anyone from any instance.
Laurelai
on 7 Sep 2018
Okay, so the only way would be to block all custom emojis in display names?
jeyemwey
on 7 Sep 2018
Yes. And there really shouldn't be a toggle for this. I wrote about how doing this is bad in my opinion, but even in the worst case you're just going to get used to not putting much value on the symbol.
ghost
on 7 Sep 2018
@serenitylabs-sascha What do you mean by "there really shouldn't be a toggle for this"?
jeyemwey
on 7 Sep 2018
Even before custom emojis were available, people put the :heavy_check_mark: emoji in their display names. Everyone thinks they're funny by doing it, and as a result some people are fooled by it.
I don't know if banning all emojis from display names is a reasonable solution. What speaks for it is that it's an accessebility nightmare, where screen readers have to read out "ok hand ok hand one hundred sweat drops" every time your name appears on a page. What speaks against it is that taking something popular away from people won't be taken well.
Gargron
on 7 Sep 2018
At the core I think it's a problem with behaviour learned from Twitter. Why would a verification sign that looked like Twitter's exist outside of Twitter? Why would a verification sign even be close to the name?
Gargron
on 7 Sep 2018
FYI: You can disable :verified: remote emojis from admin panel. It prevent your local users confused from these account on webapp, client.
It can be batched on rails console
CustomEmoji.where(shortcode: 'verified').each do |emoji|
emoji.update!(disabled: true)
end
Kjwon15
on 20 Sep 2018
@Kjwon15 Someone could name the emoji something other than :verified: though, that's an uphill battle.
Gargron
on 20 Sep 2018
I vote for the removal of custom emojis in display names for another reason: Not every software is capable of displaying custom emojis. And especially in display names this really looks ugly.
annando
on 12 Nov 2018
Related issues
svetlik
·
3Comments
selfagency
·
3Comments
KellerFuchs
·
3Comments
phryk
·
3Comments
Lewiscowles1986
·
3Comments
Most helpful comment
At the core I think it's a problem with behaviour learned from Twitter. Why would a verification sign that looked like Twitter's exist outside of Twitter? Why would a verification sign even be close to the name?