Peertube: Option to disable auto-acceptance of follows (manual acceptance)

Why would you want to refuse a follow?

EDIT: that wasn't meant to oppose the issue, but rather define the scope of the issue. "Why _might_ you want to refuse a follow" would have been a better formulation. See https://github.com/Chocobozzz/PeerTube/issues/1179#issuecomment-426911280 for a proper follow-up.

I'd prefer that my content doesn't syndicate to an instance called "bootlickers"

@techknowlogick please understand we are looking for a general case argument

How is not wanting to syndicate with certain instances not a general case?

general case argument: someone could register a domain that is a slur (take your pick of whichever one you want) then syndicate my content there. It could give them impression that because my content is on that domain that I endorse it. Or just fill up the follows with a list of slurs that I have to see everytime I look at the follows. I know this isn't mastodon, but masto has the idea of "locked accounts" where followers need to be approved, this is almost the same.

I think that giving the choice to instance admins to not accept automatically federating instances is a heavy requirement in order to mitigate harrassment: for the same reason that private account does exist on Mastodon, or even on the birdsite, users (in this case, admins, because only them control the federation behaviour) may want to control how their content is propagated.

Here is a concrete example, I sincerely hope that you (=Peertube maintainers) will understand it: I’m running an instance for queer people, people who are targeted by harrassment on a daily basis on every social platform/network. Some 4chan trolls (but of course you can guess the type of communities i’m talking about here) make accounts on “freedom of speech” instances (AKA without any form of moderation), accounts that i can’t control, obviously. Those instances are following mine, so they receive automatically public videos published on my instance. Then, the trolls automatically receive content that they can harrass. Not enabling auto-accept for follow requests would make this a little bit harder. The difference can be huge. If you can’t by any mean control the automatic diffusion of your content, how exactly did we evolve since the horrible idea that all data had to flow worldwide without any kind of privacy?

I use a locked account on Mastodon so that I can control where my content shows up in the Fediverse. It's by no means a perfect solution, but there's a big difference between someone having to go out of their way to look at my toots and having my own instance automatically send all my toots to them. The inability to control follows is a dealbreaker for me.

Honestly kind of worry about the safety of this platform if the kneejerk response from the devs is "why would you want to control who follows you"

How is it possible that you're working on a youtube alternative and are completely unaware of how the total lack of control over publishing your content and letting any, say, alt-right yahoo and their hangers-on spike engagement in ways that are detrimental to your channel and community around it causes MASSIVE issues? A follow, like anything else, can be done in bad faith. If you honestly don't understand this you really need to get some marginalized people on board with this project who have been the target of online abuse onboard to help you get perspective on these things.

Not to answer that question with a question adversarially, but: Why shouldn't your users have the ability to do this?

It hurts nothing except harassers and trolls. It helps legitimate, good-faith users, and is immensely useful for some of them.

It also helps suggest that the platform is 'unwelcoming' to harassers and trolls, which would be a good thing, because if Peertube gets infested with harassers and trolls just like YouTube, people will stick to YouTube, because ad money.

@techknowlogick please understand we are looking for a general case argument

Generally speaking, there's a lot of instances with objectionable names in one way or another, and a lot of "we don't moderate" instances.

I think that the 'bootlickers' item was an example meant to refer to the problem, not the person specifically saying they needed it because of that one instance.

I quote from the FAQ:

We want to stay neutral by limiting the influence of our platform on authors as much as possible.

Sometimes limiting the influence of your platform means giving the user more choices. By not including a way to vet followers, you're saying "you must allow people you know to be harassers to subscribe to your PeerTube feed", and you're make the content dynamic more hostile. That isn't a neutral decision; it's a decision in favor of harassment.

To be clear, it's important to distinguish whether this is talking about "instances following other instances", where multiple PeerTube instances follow each other through a form in the admin panel, and "users following channels", where anyone from the fediverse can follow a particular channel.

__Server-to-Server Follow Curation__
So, one particularly strong use-case for this would involve more robust curation around which instances your own instance federates with directly.

Being able to check follow requests from other instances and decide which instances to connect with gives instance admins some notion of control, and would allow them to avoid connecting to problematic instances known to host trolls and serial harassers.

__Actor-to-Actor Follow Curation__
At the very least, channels could have some kind of privacy mode similar to Mastodon accounts, where an account is essentially private and the person running it grants _who to share their content with_. Not everyone is going to opt into setting up their channels this way, but this is a use-case that already works somewhat well on platforms such as Mastodon.

That isn't a neutral decision; it's a decision in favor of harassment.

This is arguably true. With the "my house" analogy, I ask, to demonstrate how the initial response sounded: "Why would you want a lock on your door? Then people couldn't come in."

Well, yeah, and sometimes people need that. Hence.

It is my kind and sincere hope that the admins listen to the folks here and what they are saying.

Privacy and anti-harassment tools are one of the unique features of Mastodon which, imo, have significantly lead to its popularity and adoption.

Choosing NOT to focus on privacy and anti-harassment features for this platform will, I feel, unnecessarily hinder it and kill adoption rates.

The world needs a distributed, federated video sharing platform and PeerTube can be that platform. But the world is bigger than "free speech activists" and most of the rest of us want nothing to do with them.

Making features that allow us to avoid harassing behaviour is beneficial for everyone (except trolls obviously) in the long run.

The world needs a distributed, federated video sharing platform and PeerTube can be that platform. But the world is bigger than "free speech activists" and most of the rest of us want nothing to do with them.

Even if we all assume somehow that "free speech activists" (ha ha) are acting in good faith (many aren't, unfortunately), the paradox of tolerance is still a pitfall. If you let people who wish to exterminate others, eradicate constructive speech, etc. follow everybody else, then the burden is put on the people being harassed to 'push them out of their house'.

A lock on the door would be a much better solution than dealing with home invasion after home invasion, logically speaking.

(And, in fact, I suspect that even if this functionality's not implemented, people would implement around the lack of it eventually -- if they write a tool that auto-blocks any followers, keeps track of them, and shows them to the user to unblock and send a "you can follow me now" message. But most users can't do that kind of thing, and if the users who need to have at least deterrent-level security can't, they just won't use the platform at all.)

"Why would you want to refuse a follow?"

The fact that you even asked this question demonstrates why, months ago, people raised concern about this project's approach to design with zero consideration of how it may be used for harassment.

It is precisely why folks recommended you bring on someone with anti-harassment experience.

It reinforces the fear folks had that this team would not take seriously the input of those who have experienced harassment.

Please listen to the feedback gathered here: consider that it only represents a small portion of those who take issue with this feature, as it only represents those who have or are willing to make a GitHub account to comment.

personally i like to have control not only over who follows me, but also over who gets to see each post. being able to lock down completely and decide at any time which of the people in my network i share anything with is bar minimum in any media platform i’ll consider using. that’s not even just about harassment, i really just want certain things to only be seen by a few people. automatic approval of follows precludes that.

PeerTube is only as good as it's safety and anti-harassment features. Period.

It doesn't matter how good the software is, or how much better than YouTube it is, if only abusers can use it. Your userbase will be completely full of the same shitty people who made YT completely unusable for anything other than a free video dump because there's no barriers stopping them from kicking off everyone else off it.

Building a social platform means understanding why YT and other community sites have failed.

Practically speaking, would this mean that some instances would have to disable RSS/Atom feeds? Since if the argument is, as @gordonzola mentioned:

Then, the trolls automatically receive content that they can harrass. Not enabling auto-accept for follow requests would make this a little bit harder. The difference can be huge

they could just jump over to RSS (and knowing them that's not the issue), maybe even extending Peertube to circumvent the lack of auto-acceptance. And even if that's disabled, HTML can still be parsed for updates. Unless I'm missing something, this issue seems far more intrinsic to federated networks (and the Internet in general) than that it could be solved with an option.

Edit: Never mind this if it deters from what I'm asking.

they could just jump over to RSS

that's right, however it at least adds some barrier to harassment, as well as the issue is that I don't want content syndicated to another instance automatically (RSS doesn't push to other instances, RSS has to be configured on a users end to pull periodically, as well it doesn't populate other instances). By using RSS they are still able to "automatically" discover content (in their feed reader), but like I said it makes it harder. If someone is super motivated to harass disabling RSS feeds wouldn't deter them (for example they could write something in to call the api).

If you take it another level, just by putting out information without RSS feeds or activity pub harassment is possible, this issue is just by making it a little more difficult for those who intend on harassing to give a slight reprieve to those who may be harassed. And as @gordonzola said "The difference can be huge"

@techknowlogick @phikal And once we can completely suspend instances and remote users, it'll be as easy as banning their new accounts and preemptively blocking those non-moderated instances.

They can still see public content in the same way as everyone else, but they'll be stopped from interacting with it.

@XenonFiber indeed, actor blocks will be the most effective solution in the long term. Making follow requests approvable/deniable will also help detect actors to block.

@phikal not every little thing has to solve every problem to be useful. sure they can still get at the content elsewhere, there's always going to be block dodging with public content, but that doesn't make it useless. the point is less to keep people from viewing your content and more to prevent people engaging with it in a harassing way.

to use a practical example, think of how an entire cottage industry exists on youtube of "skeptic" dipwads making video replies to Antia Sarkeesian's videos. if YouTube wasn't shitty, and let femfreq/Anita block bad faith actors from these video replies, an entire subindustry of creeps wouldn't exist that literally make money off of harassing women.

@witcheslive @techknowlogick @XenonFiber Ok, so basically RSS/Atom wouldn't have to be suspended for this, right? (We obviously have different things that deter us from YouTube, but that's _really_ not what I'm after)

Hum.

I asked one question: "Why would you want to refuse a follow?". It is the basis of software engineering, when the developer does not understand the feature or the use case. I don't think it deserves these :-1: nor some rude comments. Remember there are real people behind projects, that work very hard (some of them for free after their own work) to improve their software so their users are happy.

We don't build PeerTube for us, we build it for people. It's the reason why we take time to understand each issue, to correctly define the scope, or to propose better alternative to some use cases.

So, I asked this simple question because at this time and in my opinion, instances refusing follows of other instances was useless:

• PeerTube has (at the moment) 3 privacy video settings: private, unlisted and public. Private videos are not federated, and unlisted/public videos are shared by the instance actor.
  
  
  
  • Then you could have told me: "I want this feature to protect my unlisted video"
  
  
  • :arrow_right: https://github.com/Chocobozzz/PeerTube/issues/944 would have been the appropriate issue
  
  
• If you don't want that the public content of your instance to be on other websites, then it's more difficult because we can't really control that. People can make embed of your videos for example
  
  
  
  • Then you could have told me: "We could add another setting to the video to prevent embed!"
  
  
  • :arrow_right: Let's create this issue!
  
  
• If you want to control your video audience, then what you want is another privacy setting "Only my followers can see this video" + "Ability for a channel to manually accept followers".
  
  
  
  • :arrow_right: Let's create these issues!
  
  
• If you want to prevent other instance/people to be notified about new content on your instance, for example to limit harassment then it's useless because they have RSS feeds, that is much more simpler to use than creating a PeerTube instance
  
  
  
  • Then you could have told me: "We could disable RSS feeds, or only enable them for local users"
  
  
  • :arrow_right: Let's create this issue!
  
  
• etc
• etc

That's how we collaborate. By asking questions that may silly to specify needs, and find other features that could be interesting. Not by posting sarcastic comments making us look like idiots.

I think the scope is well defined, so please let's stop commenting on this issue unless we want to share something new/technical information.

I really need a break :pensive:

@phikal With the disclaimer that I only have a cursory knowledge of how peertube works, yes. Just like on a regular Mastodon instance, I'm aware that things like posting locked when anyone can follow me or blocking someone doesn't absolutely keep someone from reading my toots, but it makes it more obnoxious (and clear if they're evading.) Similarly, I don't see much difference between RSS and right-click-open-in-incognito in this case. Though given what Chocobozzz said I might misunderstand this slightly, and maybe an option to disable RSS at various levels (per video, channel, user, instance) would be a good way to give people better control over their content. I'm assuming that RSS is done non-authenticated? Or are there different RSS feeds depending on authentication?

@Chocobozzz I get that it can be overwhelming to get a strong reaction to things, but please consider that being marginalized in any way is to be relentlessly attacked, and constantly. While we cheer on projects like this, we've been let down repeatedly by people running, well, projects like this getting myopic and defensive when concerns are brought up from people who have different needs or use cases than the people who run them. Peertube is a pretty cool concept, and I pray for the day we can share videos without dealing with a nazi entryism algorithm, but I'm not just going to settle for literally anything, and want to see it actually done right this time, y'kno?

@witcheslive right now RSS feeds are public, except for a user's subscription feed which are authentified. We're planning to extend that to every feed (through an option I guess). Users would have their own personal access token for RSS feeds.

Someone is gonna have to educate me on how exactly preventing someone from following your peertube instance is a tool against harassment.

• Preventing an instance from commenting on your content? I get it, absolutely.
• Deciding where your content shows up? Isn't the entire point of peertube to be a federated system?

To me it's just as stupid as being unable to read someone's twitter feed because they didn't like one of my arguments and decided to block me. It's one thing to block yourself from seeing someone else's content, but it's another to block them from seeing your content and I don't really see how that achieves anything.

@kyrahabattoir I suspect there is a concern with:

• Someone posts a video to an instance about ice cream sundaes
• It federates to an instance named "look at dese niggas"
• Someone sees the ice cream video on the "offensive" site
• They then guilt-by-associate the ice cream video maker because they showed up on another site.

The ice cream videographer wants to then preemptively block the second before hate mail rolls in about why they support something that they didn't even know they were a part of.

Or in agile terms: As a content uploader I need to control where my content federates so that my brand's reputation can be managed by me.

@Skrylar I get this but the federation is a cornerstone of the system. Correct me if i'm wrong but this is not a "build your own private youtube site for free".

It's ment to create a meshed video network after all.

@kyrahabattoir I don't want my instance's videos showing up on the instance of some group of harassers (or literally whoever else you'd want to keep away from). I'm trying to keep a community from becoming targeted as much as possible, and having their videos flow straight into a dangerous instance isn't a good thing in any way.

@chocobozzz you asked one question and got a lot of answers. people care. they put up money you were happy to take because they care. they’re trusting you to make a space that enables them to share themselves with those they know and love and after dealing with a string of platforms that betrayed that trust and opened them up to harassment they’re right to be concerned when you don’t understand a privacy request. this isn’t a collaboration, federation means the developers control the platform – an unacknowledged but implicitly felt power dynamic on all sides – it’s the whole reason you can feel comfortable demanding free consultation from us rather than going to look at the ways privacy is implemented elsewhere, yourself.

The desired outcome is to reduce the ease with which harassers can create targeted abuse campaigns without forcing lower visibility on those most likely to be targeted. Each additional step or external tool required to monitor the activity of a content creator reduces the effectiveness of such campaigns.

@XenonFiber Why? What happens in an instance you aren't following doesn't affect what happens on yours.

@kyrahabattoir

It's a deterrent to harassment and won't affect most users at all, AFAICT.

meshed video network

IME, most users don't set to screen even when the option's given, they just block after the fact. So it's not as if the bulk of users will suddenly have to 'wait' to 'be approved', or something. This should basically only negatively impact bad faith users and positively impact harassed users to any major degree.

Deciding where your content shows up?

Isn't the entire point of this to give control back to users, ultimately, though?

I can't really think of any reason people would object short of not understanding the need personally (a lot of people have not experienced harassment, which is why it is still often treated as trivial) or being unhappy they're not allowed to access people's content specifically to distribute it to potential harassers.

Hopefully the need is clearer now.

What happens in an instance you aren't following doesn't affect what happens on yours.

If the instance is collecting your material and using it to harass you, it does affect your life, however. Deterrents for that are valuable.

It is trivial to turn a post filter into a pre filter.

@sydneyfalk Not at the expense of the network itself, and once you add this kind of control, access to public content from an instance becomes conditional and creates a two way street where an instance can pad its video collection through the federation system while at the same time denying its "exclusive" content to anyone else.

And we are all back to the youtube we all love to hate.

I think many people are looking at this as a solution to problems that don't really exist. On mastodon, many admins use instance blocking to prevent bad actors from harassing their users, if you want to completely avoid all "bad actors" without blocking them yourself, you can always go to your instance's admin.

If you join an instance on any federated service with enforced rules against harassment and such, I would argue the job should come to the admin, who should be doing their job in protecting their users.

public

Not everything on Peertube is even 'public' at this point, per earlier in the thread:

PeerTube has (at the moment) 3 privacy video settings: private, unlisted and public.

so it isn't exactly like users are explicitly disallowed control over their content.

while at the same time denying its "exclusive" content to anyone else

It's barely going to affect the whole mesh much, and it's to help users of the network.

Whereas giving harassers streamlined harassment options would lead back to the YouTube others hated the very existence of, with constant harassment comments, no ability for users to control anything about the platform, etc.

I think many people are looking at this as a solution to problems that don't really exist.

That would be referred to as 'preventative'. If PeerTube is looking to avoid the pitfalls YouTube fell into, I don't see how this wouldn't qualify. (And considering how much Mastodon has changed since harassers started working it, I would say there's two good examples of why to be more cautious, not one.)

the job should come to the admin, who should be doing their job in protecting their users

This arguably is a point in favor of the screening option, really. Letting users protect themselves would reduce workload for all the admins by reducing the amount of shitflinging, which is good for both admins and users.

Also: Bad faith admins exist, just like bad faith users. Minimizing their ability to control what users get to do with their own content is probably a good thing in the long run, for that reason and others.

general case argument: someone could register a domain that is a slur (take your pick of whichever one you want) then syndicate my content there.

You can create any website that looks like yours and download PeerTube/YouTube/whatever videos to scam the users. That's not a PeerTube issue, that's a content protection issue. You solution is DRM video or other tech like this.

It is my kind and sincere hope that the admins listen to the folks here and what they are saying.

This issue was open one day ago and you are alredy saying that nobody is listenning?

In my view, to totally "lock the door" (your words) you need to :

• protect your videos : with DRM protections, or other tech like this to prevent downloading.
• disable embed : by blocking IP and cross origin domains.
• disable data parsing : by disabling API, RSS/Atom Feed ; and even disable HTML, maybe with a Canvas or Image render of the website.
  What else do we need to "lock the door"? :thinking:

This issue was open one day ago and you are alredy saying that nobody is listenning?

I believe they said they hope the admins are listening. That doesn't suggest they are or aren't, only that the speaker hopes they are.

totally "lock the door"

There isn't a "complete" securing of anything. This was noted earlier in thread.

Also earlier in thread was noting that this is independent of RSS functionality or even other functionality -- this isn't about all that, it's a simple front door lock. And yes, locks can be picked.

But they're still deterrents, and deterrents are useful. Same reason we use passwords -- not for some mythic 'absolute security', but for a bit more security than zero.

Also earlier in thread was noting that this is independent of RSS functionality or even other functionality -- this isn't about all that, it's a simple front door lock. And yes, locks can be picked.

It is about data parsing, they said that they want to prevent harassment with citation. I can create a website that parse your HTML (RSS and API are just easier to code) and display it on my website to harass you. Yes it's impossible to prevent but you are asking to prevent it. That was the point of my answer. The only thing you can do is to build a closed community were your videos are totally private and unsharable outsite the community. In my view, you can't totally "lock the door" if you share public content.

@DavidLibeau So you're asking to leave the door wide open then?

I can create a website that parse your HTML (RSS and API are just easier to code) and display it on my website to harass you.

Most. Harassers. Can't.

Most users can't either. Most people do not have the specialized knowledge you do, and therefore are at the mercy of those implementing features.

In my view, you can't totally "lock the door" if you share public content.

Nobody said that. I'm not sure why that keeps coming up, but I'll quote the rest of my response:

But they're still deterrents, and deterrents are useful. Same reason we use passwords -- not for some mythic 'absolute security', but for a bit more security than zero.

Hopefully it's clearer that this isn't intended as a panacea but a preventative deterrent.

It's a vaccine, not chemotherapy, if we use a somewhat more accurate medical analogy. Vaccines don't mean you can't get sick, merely that you're less likely to get sick and your immune system is slightly more robust. Chemo is a radical, multiple-system-affecting process, and can make people very sick by itself -- hence, it's hauled out as a big cannon for a big problem.

Vaccines help hold off the flu of unskilled harassers; skilled harassers are beyond the ability of users to prevent or detect, but there's no reason to facilitate unskilled harassers just because skilled harassers exist.

From the perspective of an account, having the ability to choose whether or not to deliver your content to a specific Actor or Instance is actually not completely unreasonable. Conceptually it's not that far removed from blocking; it's likely that some people would prefer to be selective in curating their audience.

I'd say the only real sticking point is in determining whether this concept can co-exist with public-facing content, since it is accessible to everyone. Would it be unreasonable to just have a privacy level for accounts where those follow requests have to manually accepted by someone who otherwise doesn't have public-facing videos?

@DavidLibeau So you're asking to leave the door wide open then?

For my use : sharing videos (SHARING), I think that citation is not only wanted but needed.
That does not mean that I don't understand your needs, but I also think that you can't say "we want that and the core dev team is not answering us" without proposing technical solutions. And I also think that technical solutions are heavily hard to find for this issue and maybe (or maybe not) can't fit with a video sharing system. So, in my view, we need to find clearly the whole system for a video sharing service (not for PeerTube) that's fit your needs, and after that, try to see how to implement it for PeerTube.

@DavidLibeau The technical solution I propose is literally the title of this issue, and there are plenty of other detailed comments here to reference from.

That does not mean that I don't understand your needs, but I also think that you can't say "we want that and the core dev team is not answering us" without proposing technical solutions.

I assumed "the option of screening your followers" was literally the described technical solution. I'm not very well acquainted with GitHub conventions of speech -- perhaps 'technical solution' is used to mean a provided implementation that's suggested as an addition? Then that would make sense. Otherwise, I'm not sure what you mean.

Regardless: Several places have this, and have not imploded or become walled gardens through some sort of magic. Mastodon's built on AP and implemented it, frex.

@DavidLibeau The technical solution I propose is literally the title of this issue, and there are plenty of other detailed comments here to reference from.

The general case argument shows that the technical solution was a bit usseless. So we can accept a PR that implement an useless functionnality in PeerTube, or we can find systemic solutions that resolve the issue...

Most. Harassers. Can't.

Copy an HTML embed code is up to everyone (and it's easier than creating a PeerTube server).

The general case argument shows that the technical solution was a bit usseless.

It showed it couldn't solve everything, and further discussion indicated it wasn't expected to, so I'm not sure what you're trying to say.

systemic solutions that resolve the issue

You said yourself there isn't a solution. Even the measures you offered are defeatable.

A simple deterrent is literally all that's being asked for.

Copy an HTML embed code is up to everyone.

I assume you mean it's within anybody's ability. (And, actually, it technically isn't. Some people literally don't know what an embed code is. There are still plenty of technically unskilled people in the world. The fact you can do it in a heartbeat and I might be able to figure it out with a bit of time (with my rusty-ass tech skills from back when) doesn't mean every single rando can do it.)

The other things you described certainly weren't immediately accessible items to most people, though.

The point is not keeping skilled harassers out. The point is deterring unskilled harassers, which this would demonstrably do.

Regardless of all these things: Why shouldn't people be able to lock this door? What exactly is being lost here if people can screen their followers? (Other than, I guess, harassers complaining to admins that they can't harass as efficiently? Is that a thing? I don't admin anything, I know it's not something I could handle.)

Maybe this will help. From a security perspective, a little bit is better than none, and this is a security issue, so let's go ahead and call it that.

• This is intended as a deterrent for unskilled malicious actors.
• This is not intended to be a solution to malicious acts, this is a solution to helping prevent malicious actions. Like passwords, or a front door lock. 'Completely lock' is meaningless with a front door lock, and front door locks are often easily picked (this I can confirm; I can do it myself, locksport's actually something I dabble in).
• It doesn't appear to be something that's going to have vast negative impact on PeerTube.
• It does appear to be preventative of something that would have a vast negative impact on PeerTube.
• I have yet to see any reasonable explanation why users shouldn't have this option (and, indeed, the fact they can block a follower after they've been followed suggests it'd make sense to give them a preventative option in case they are actively trying to avoid malicious actors).

Hopefully this clears up any misunderstandings about what I'm trying to get across here.

Some people literally don't know what an embed code _is_.

If you have a website, any blog, and even more if you have a PeerTube server, you know what is a embed code.
If you don't want to add this into your anti-harassment solution, I don't see what you want.

Well, I had both of the first and I don't know what an embed code is, but that was a long time ago. (Tech moves quick, I'm aware.)

I'm not against adding anti-embedding as an option; I simply don't see why delaying a follower approval feature will somehow be better than giving a follower approval feature sooner and adding anti-embedding features later.

One's simple and helps immediately despite not keeping out skilled malicious actors, and the other one's more complex and could easily be added later (or added as a whole separate option, giving users finer control over their content and their account).

Do you have a Mastodon account? If you have a Mastodon account, there's a toggle in the settings for approving followers. They don't get to follow you automatically, you have to go to the list and approve or not. It's fairly straightforward.

That's literally the thing requested, AFAICT. I'm not sure how to make this more clear. (And, technically, I didn't request the feature. So maybe I've gotten it wrong. Entirely possible.)

I simply don't see why delaying follower approval

Because adding useless features is loosing time and ressources, and it's not smart. I was not expecting to say that is a dev thread : but yes, we need to think before act. It's simple as that.

That's literally the thing requested

No that's not. What is requested is "disable auto-acceptance of follows", and we are talking of the instance level which is totally different from the account level.

@DavidLibeau what is being requested is the "Option to disable auto-acceptance of follows", key word there is "option". Just like with masto you can make an account private and have followers manually approved, you have the option to do that, it's not enforced and for those who harassment isn't a concern they don't need to enable it.

This issue is going really off topic. The original post was about an option to disable auto-acceptance of follows from other instances. We all know that it is only a partial solution against harassment, but it would be useful nonetheless. If someone makes a PR with a sensible implementation of this feature, I am sure it would be merged.

If you want to block RSS feeds, block embeds, or anything else please open a new issue.

And if you want to talk about solutions against harassment in general, either a) open a new issue b) use the forum c) use Matrix.

@DavidLibeau what is being requested is the "Option to disable auto-acceptance of follows", key word there is "option".

Yes that's an option, and I have nothing to say if it is effective (and is not against open web principles)

What is requested is "disable auto-acceptance of follows", and we are talking of the instance level which is totally different from the account level.

Then that's my mistake; as I said, I don't admin anything, and this is intentional. I don't want to handle people. I missed that it's at the admin level and not the account level.

My apologies for the misunderstanding; I do think the points are still relevant at the admin level for the same reasons, however.

As other contributors have clarified what things I wished to convey that are relevant, and I've largely exhausted anything I wanted to point out anyway, I'll take my leave of the conversation.

we are talking of the instance level which is totally different from the account level.

It's not totally different though. At the instance level it's as if all the accounts on one instance are following all the accounts of another instance. What @sydneyfalk has said is still relevant.

I think what needs to have been said has been, and so I'm going to (temporarily) mute this thread for myself in case others still wish to contribute to it.

I missed that it's at the admin level and not the account level.

That's the goal of debating. We clearly saw that yes, a debate is needed, not for changing people though or convince them (or harass them by saying that "PeerTube is not < insert critism without giving solution here >"), but for better understanding our point of view and what is the best solution.
If we are only asking technical solutions, without knowing the system, without knowing the needs, (and I also talking about myself not knowing all of them) it will truly end with a useless topic where we debate of something we don't understand.

I do think the points are still relevant at the admin level

Maybe yes, but maybe not. I don't personnally clearly think that but, I heard people critisms of Mastodon centric admin moderation...

It's not totally different though.

On a technical point of view, I think it is not because the federation is manage through the @peertube Actor object of the PeerTube instance, but in the democratic/organization field, it is trully different, as a centric-only moderation could be seen as autoritarism for some people.

I'm reading this and the ridiculous responses from people who don't seem to understand the need for this. But I took a look at PeerTube instances a while back and at least 2 or 3 of them are straight-up fascist, so, I think it's actually really important to be able to curate where your content goes.

I'm reading this and the ridiculous responses from people who don't seem to understand the need for this.

Saying that rsponses are "ridiculous" is not only unrespectfull, but also harassing.
The other harass behaviours we can also see in this debate is that thing :

So can we just respect everybody's point of view and give arguments to try to propose solutions? Thanks.

What exactly makes you think that you deserve respect? The fact that you're some random dude on github who doesn't understand the definition of harassment? The fact that you can't empathize with the other people in this thread?

Like, I don't do this "respectful" bullshit. If you're an asshole and being intentionally obtuse I'm going to tell you that you are, and you are.

On the issue of solutions, I'm pretty sure solutions were already given, but since you're pretty much the posterchild of the average techbro, nothing's gonna get done.

What exactly makes you think that you deserve respect?

The fact that I an human like all of us.

doesn't understand the definition of harassment

I could say that this is a "definition" bullshit, too. but no, this is the center of the debate, if we do not define what is our definition of harassment, we will trully not understand each other.

The fact that you can't empathize with the other people in this thread?

Here is some word I said in this thread :

• > That does not mean that I don't understand your needs,
• > I also think that technical solutions are heavily hard to find for this issue and maybe (or maybe not) can't fit with a video sharing system. So, in my view, we need to find clearly the whole system for a video sharing service (not for PeerTube) that's fit your needs
• > we can find systemic solutions that resolve the issue...
• > If you don't want to add this into your anti-harassment solution, I don't see what you want.
• > Yes that's an option, and I have nothing to say if it is effective
• > If we are only asking technical solutions, without knowing the system, without knowing the needs, (and I also talking about myself not knowing all of them) it will truly end with a useless topic where we debate of something we don't understand.

But if you want empathize, I just said that this response was feeled as harass in my point of view. So if you are empathize, can you stop? Becaus yes, I am feeling harassed right now with your insults.

I'm pretty sure solutions were already given

The fact is we ended by saying that the initial request of "manual acceptance" were on the instance level and not on the account level, as people were proposing. So it's not, "I disagree with you"/"you disagree with me" it is : "we don't clearly know what is the best".

Honestly i would not waste your time with a product that is this unresponsive to user and admin safety.

I think many people are looking at this as a solution to problems that don't really exist.

So was the opening of this issue a stupid idea ?

People are arguing at length, they all come from experiences on other platforms before Peertube, the last one to have this kind of discussion was Mastodon

On mastodon, many admins use instance blocking to prevent bad actors from harassing their users, if you want to completely avoid all "bad actors" without blocking them yourself, you can always go to your instance's admin.

If you join an instance on any federated service with enforced rules against harassment and such, I would argue the job should come to the admin, who should be doing their job in protecting their users.

And here people are arguing against what you think. At lenght.

general case argument: someone could register a domain that is a slur (take your pick of whichever one you want) then syndicate my content there.

You can create any website that looks like yours and download PeerTube/YouTube/whatever videos to scam the users.

But that's a cost.

That's not a PeerTube issue, that's a content protection issue. You solution is DRM video or other tech like this.

So now of someone disagrees with you is supoprting DRM ? Wow.

It is my kind and sincere hope that the admins listen to the folks here and what they are saying.

This issue was open one day ago and you are alredy saying that nobody is listenning?

In my view, to totally "lock the door" (your words) you need to :

No. Their words never were the ones you claim they were. You are putting in their mouths something they never argued.

* protect your videos : with DRM protections, or other tech like this to prevent downloading.

This is offensive

* disable embed : by blocking IP and cross origin domains.

* disable data parsing : by disabling API, RSS/Atom Feed ; and even disable HTML, maybe with a Canvas or Image render of the website.
  What else do we need to "lock the door"? thinking

What you need has been already suggested. You don't need to think that much

I simply don't see why delaying follower approval

Because adding useless features is loosing time and ressources, and it's not smart. I was not expecting to say that is a dev thread : but yes, we need to think before act. It's simple as that.

So you thin that te cost raise imposed on harassers by this feature wouldn't be there

Because off course the white cis dude now better than the harassed people themselves

You should be thanking them for coming here and contribute. Because this issue is a contribution. If there's someone wasting time it's you

Instead you are patronizing them

They don't now what they're taling about (you do, of course) and they don't realize what they're asking for

So now of someone disagrees with you is supoprting DRM ? Wow.

No, I'm debatting. I'm proposing solutions first, discuss about them with others, and then I give my opinion. My opinion is I strongly disagre of the use of DRM, if you want to know.

No. Their words never were the ones you claim they were.

If so, I'm sorry, I never wanted to do that. But when someon is saying that he want to "close the door", yes, I am trying to find want he/she wants. Your role then is to clarify the needs with arguments.

(you do, of course)

I will not debate with your ad nominem insults. But for this, non, I never claim me as knowing more than others. See :

If we are only asking technical solutions, without knowing the system, without knowing the needs, (and I also talking about myself not knowing all of them) it will truly end with a useless topic where we debate of something we don't understand.

You should be thanking them for coming here and contribute. Because this issue is a contribution. If there's someone wasting time it's you

But I thank them. And I thank everybody that is debating (when there are no insults). It is never wasting time debating, it is learning from others. And that's why I'm debating, because I think we need to improve the moderation tools of PeerTube.

May I suggest all those who seem so happy to push the down-thumb on developer's comments regarding the issue at hand to stop clicking that thumb and start implementing the requested feature? I've seen some suggestions on how this could be done, surely one of the down-thumb clickers has the wherewithal to cobble up some Typescript to add optional gated approval of follow requests?

Another possible solution to the conundrum of having your video's show up on an instance which seems to espouse a political leaning which you're less than comfortable with would be to add some form of digital watermarking to the file which is shown in the player when the file is played on a third-party instance. It does not have to be complicated, just a tag which the player can check to decide whether to show an 'origin: some.other.site' label. That way it is clear for those who find your content on _https://not.my.politics.org/_ that _you_ did not publish it there. Yes, this could be circumvented by those who really want to by modifying the player code to stop showing that tag but truth be told any technical measure can be circumvented. As @sydneyfalk so adamantly stated earlier: _Most. Harassers. Can't._

So, get crackin', implement the feature, submit a PR and in no time Peertube will have that feature. Be sure to make it an optional feature so that those who _do_ like the original idea of auto-accepted follows can keep their Peertubes the way they like them, open and free.

Rough consensus and running code is where it is at. Above all, keep your ego in check, stop virtue signalling and lay off the ad hominems.

@Yetangitu lmao. dude, can we like, not with the "submit a patch" thing? does this really need to be explained to you? necroing a nearly month old controversy with "submit a patch" is extremely not helpful.

not everybody who is impacted by the change has the time AND skills necessary to "submit a patch" and you're a disingenuous liar if you think that "submitting a patch" is a politically neutral action that doesn't have its own issues. I don't contribute to other githubs mainly because I don't want to deal with the politics of other people's projects, and I'm one of the relatively few people who have the skills necessary to do this kind of work. But I don't. Because of people like you who snidely say "submit a patch" out of one side of your mouth while coming up with excuses to deny and bikeshed anybody who actually attempts it with the other.

So unless you have a patch to submit yourself, maybe we don't need you chiming in on this matter, thanks.

e: not to mention, lmao, way to like, not read what's going on and think that the problem is the lack of a feature implementation in the first place. bravo. congrats on being The FLOSS Guy, dude.

@witcheslive

No ad-hominems, I'm not a 'dude'. I'm not 'people like you who snidely say <anything> out of one side of my mouth'. Just lay off.

As to whether suggesting implementing a requested feature (not a patch, a PR would be easier) is 'not helpful' on a site dedicated (mostly) to that tool I'd pone it is actually the most helpful thing you could do. That 'not everybody' has the skills to do so is clear but surely _someone_ has them? If not, surely those who are convinced Peertube needs this feature can find someone to submit the PR?

As @sydneyfalk so adamantly stated earlier: _Most. Harassers. Can't._

Let me go a step further: _Most. Harassed. People. Can't. Either._ Curiously, people rarely go that far!

That 'not everybody' has the skills to do so is clear

Ah! You have come that far. Excellent! However, in that light,

May I suggest all those who seem so happy to push the down-thumb on developer's comments regarding the issue at hand to stop clicking that thumb and start implementing the requested feature?

sounds like a cruel joke at best. You know they can't, or they'd have submitted already. (And the people who can't code don't deserve the features, or so the underlying logic goes, it seems.) They're asking the people already developing the tool, already familiar with the tool's mechanics and capabilities and functions, for help.

That's literally what's asked. So you're telling people who at least implicitly don't have the capability to do this thing to do the thing. (And no, maybe out of all the people who happened to see this issue, there might not be any people capable of doing it. That happens, statistically speaking. I suspect harassed people as a group are far less likely to have technical capabilities in general anyway.)

As for that 'down-thumb' point: So they're not supposed to indicate disapproval of using the feature literally provided for indicating disapproval? Even if one wasn't there because one of the "down-thumb clickers" went off and wrote code it instead, there'd still be the rest of those. I was under the impression it was an intentional feature of the interface.

stop virtue signalling and lay off the ad hominems

Interesting. Personally, I've always found the phrase 'virtue signaling' itself to be something of an ad hominem attack; it questions the motives of others, and is often used to derail ethical discussions by suggesting other people's concerns are false and presented primarily to make the arguers gain social approval. (When, IME, it's far more likely that the people using the phrase 'virtue signaling' are themselves signaling socially.)

Shouldn't the real concern here be whether the code is ethical or not (in the sense of not causing suffering, and indeed, minimizing it)? Versus, say, the concern of how many down-thumbs a statement a dev made has or doesn't have?

(Please consider all questions rhetorical; I consider debate a waste, especially these days, and would not seek to prolong it. I honestly would not have said anything at all if my words weren't being used alongside other words and concepts I have severe reservations about. Also, of course, I am no longer technically skilled and my opinion is therefore irrelevant, AFAICT, in all discussions.)

@sydneyfalk

What you seem to be missing here is that Github is not a place to make _demands_ of developers (unless the one making the demands happens to employ the developers of course), just like developers can not make demands on users. While the initial message in this thread was a normal feature request the discourse has, in the space of a few messages, turned into a shame-and-blame game worthy of _reddit_. Had this thread been left at the 6th message everything would have been fine and the feature would most likely have been implemented by someone, sometime - it is just another problem waiting for someone who has an itch to scratch after all.

On the question of whether _the real concern here be whether the code is ethical or not (in the sense of not causing suffering, and indeed, minimizing it)_ the answer is that code in itself is neither ethical nor unethical, it is a tool to achieve a purpose. It can be put to unethical uses just like most tools can. The same would go for the suggested feature as it is basically adds a form of censoring to the platform.

I'll leave this with one last observation on a remark you made: _I suspect harassed people as a group are far less likely to have technical capabilities in general anyway_. Apart from the fact that I do not see any way to group harassed people together in any meaningful way other than by their shared experience of harassment I do suspect that many of the nerdier types who show an aptitude for technical fields have experienced harassment in one form or another.

They're asking the people already developing the tool, already familiar with the tool's mechanics and capabilities and functions, for help.

The question is : is giving thumbs down are "asking for help"?

So they're not supposed to indicate disapproval of using the feature literally provided for indicating disapproval?

I already shown in this conversation that thumbs were used to harrass people here, not giving opinions.

The question is : is giving thumbs down are "asking for help"?

Thumb-down to what appears to be a negating response to a request for help would be an indication people want help, yes, actually. I would argue that is the case. It seems fairly obvious. "Can you help us with X?" "Why should we do that?" Without any other tone indicators, it can actually be interpreted as negating.

Some people interpreted it as negating and reacted to that. Others clarified what the question actually was afterwards, above. Several people were relieved to see it was not a negation but a literal request for information, too.

I already shown in this conversation that thumbs were used to harrass people here, not giving opinions.

I didn't see where this was shown, AFAICT, and I did look a bit in the collapsed comments for it. Regardless, I can't see the up/downs in there either.

I'm sorry you experienced a negative personal impact from the thumb-downs. I'm still not precisely sure what they affect here (apparently on Reddit that literally decides if you're on the front page? which is a laughable strategy for actually getting good things there and basically courts manipulation at best), but hopefully it won't impact the project beyond the personal impact. (Which, again, I'm sorry you experienced.)

Hopefully that clears up what I was trying to convey, and again, I'm sorry you felt personal impact from the thumb-downs.

demands

I didn't make any. Several requests were made and a number of people spoke passionately (too passionately in some cases, according to some). I don't see an actual demand anywhere, but I likely missed it. I miss things easily, and all.

The developers no doubt have every ability to ignore these discussions. (For all I know, they may have decided such privately -- I'm told that some projects will happily accept a request and then never make any movement on it themselves, but I hope it's not the case here. If it is, that is their prerogative, of course. It's their baby.)

On the question of whether the real concern here be whether the code is ethical or not (in the sense of not causing suffering, and indeed, minimizing it) the answer is that code in itself is neither ethical nor unethical, it is a tool to achieve a purpose.

I meant it more in the sense of "If you're aware of an unethical purpose your tool can be used for, and simple safeguards are possible, and those safeguards aren't put in place, is that still arguably an ethical act?" Like giving a firearm to a five-year-old, making that an easy thing to happen is a bad thing. Or manufacturers not putting blade guards on table saws.

Hopefully that's clearer. I'm sorry that I didn't explain it more precisely last time.

Once again, I hope the devs will consider the points made above by people more informed and aware than I, and I hope things go smoothly with the project regardless of the decision they may have made, either way.

Regardless, anyone reading are invited to ignore this response entirely; I'd like to go ahead and drop out of this discussion. I'm repeating myself, others are doing the same, and the point isn't changing in any meaningful fashion AFAICT.

Thumb-down to what _appears_ to be a negating response to a request for help would be an indication people want help, yes, actually.

Thumb-down to any person involving in responding to the asking for help, is never asking for help.

The developers no doubt have every ability to ignore these discussions. (For all I know, they may have decided such privately

WTF? Do you have any sources? What I saw is that developpers are responding everywhere to the demands of anti-harassment tools (ex: https://miaou.drycat.fr/@rigelk/100905230324052158).

I didn't see where this was shown

Here : https://github.com/Chocobozzz/PeerTube/issues/1179#issuecomment-427257491

I'm sorry you felt personal impact

I don't want to complain and details that, but thanks for that.

The developers no doubt have every ability to ignore these discussions.

WTF? Do you have any sources?

I don't think I can prove people can ignore things? :\ I'm not sure if the phrasing conveyed incorrectly what I was trying to say, but I added emphasis to the word that I believe may be causing problems. I'm saying the devs have the choice of ignoring these discussions. (I cannot imagine there's some mechanism that absolutely forces the devs of a project to look at these no matter what. Even if it's just a line in a list, you can skip over that pretty quickly. Email notifications can be turned off, IIRC. That kind of thing.)

I'm not saying it is being ignored. I'm saying it could be ignored silently, and if it was, it wouldn't be immediately obvious to those outside the project.

Here :

I don't know enough about the emoji system to understand why a thumb-up and a heart is harassment versus people expressing they agree and like something to an extreme degree, I guess?

I'm still sorry you felt personal impact, regardless.

thanks

You're welcome. Nobody should be harassed. In an ideal world, nobody should have to even feel harassed, either.

(I do think that the term 'harassment' is getting diluted by people who don't realize they're using it to mean "people with perfectly reasonable grievances about big issues are upsetting me", IMO. It's like testing, to me -- there's bugs you're not going to find unless you do it, even if you write test-first -- and careful, cautious development cannot somehow prevent them. But that's just my take.)

Anyway, hopefully that's clearer, and I wish the project all the luck there is. Be well! ^_^

I don't know enough about the emoji system to understand why a thumb-up and a heart is harassment

I don't have any more knowledge except that multiplication of feedback over other interlocutors is a common harrassing problem, well kown on Twitter with the "Somebody like a reply where you were mentioned" notifications.
Here, it was shown that one person is giving two feedbacks on this comment. So it shows that he do not express a opinion (with one emojis as majority of people do) but use the emojis to give multiple feedbacks on other interlocutors. With this action, he also encouraged others to give emojis, as it is easier to do when one person already did it before.

multiplication of feedback over other interlocutors is a common harrassing problem

On Twitter my understanding is that the likes and dislikes actually result in your tweet being more or less likely, respectively, to be shown in general, IIRC. I meant in terms of consequences in the system, versus in terms of personal emotional impact.

Here, it was shown that one person is giving two feedbacks on this comment.

I understood that to be an intentional option for readers? As an a emphatic addition -- I did see people who thumbed up on things, but thumbed up and hearted other things, IIRC.

Regardless, I'm going to stop responding on the current material in the thread, as I'm repeating myself and I hate doing that. I wish the project all the luck there is. Be well! ^_^

Hi all, this was one hell of a thread...

I'm going to start working on this issue soon, although I'm in the middle of packing and getting ready to move house so it may be a couple of weeks before there's progress, but I'll be able to dedicate much of December to this.

@measlytwerp assigning this to you for the time being, then. Don't hesitate to come to the IRC/Matrix channel if you need help.

Implemented in https://github.com/Chocobozzz/PeerTube/commit/14893eb71cb2d4ca47e07589c81958863603aba4 & https://github.com/Chocobozzz/PeerTube/commit/0dc647775881eb1378b213a530996cd096de24ea