Combating spam on kbin - some thoughts angielski

Have been thinking about what kbin can do to combat spam accounts, which are currently on the rise again on kbin.social.

In the past this prevalence of spam has caused issues with federation, so it's potentially a major problem not just for kbin.social but the fediverse overall if spam accounts aren't identified and blocked/deleted quickly.

USER LEVEL

Individual users can block accounts, which is good for blocking accounts that annoy you but which might otherwise contribute positively, but not so good for addressing instance-wide spammers.

MAGAZINE/COMMUNITY LEVEL

Moderators can block accounts at a magazine/community level, which is good for addressing trolls or bots that infest a single magazine, but not so good for addressing instance-wide spammers.

The other downside is that as most magazines only have a single moderator it may take days for mods to block spammers, depending on how active the mod is. In addition there are thousands of magazines on kbin which are abandoned (ie not being actively moderated), so spammers posting to these communities won't be blocked at all.

Increasing the number of mods would help (especially if they could ensure 24/7 coverage) but it's important to keep in mind that the fediverse is still tiny compared to places like reddit and there are very few people who are willing and able to take on these roles, especially on a volunteer basis.

INSTANCE LEVEL

Reporting spam

There is a "report" function, and presumably these generate messages for the instance administrator (@ernest in the case of kbin.social) to action.

I don't know what the admin interface for this is, but it may influence how easily spam accounts may be blocked. For example, if users report 100 posts belonging to 10 different accounts as spam, does this generate 100 separate messages which ernest has to review and action (which could be laborious), or does it group them into 10 different "queues" for the 10 different spam accounts (which would be less laborious to review and action).

The other limitation of course is that, like for magazine-level modding, we're constrained by the fact that kbin.social currently only has one administrator who has a job, a personal life, and is also working hard on further developing the platform.

Tools/approaches that could be used/developed to manage spam at an instance level

I'm not sure what spam combatting abilities are built into (or envisaged for) kbin at an instance level, over and above the "report" function, but some ideas I had are:

A) Appoint more administrator (or other system roles with the ability to block/delete spam accounts)

Ernest could appoint administrators (or other system-level roles, ie not necessarily a full administrator) with the ability to deal with spam.

Upsides:

  • Probably relatively easy to implement (depending on what system level roles already exist)

Downsides:

  • As for community moderators, there's potential issues of coverage and commitment.
  • We may decry corporate-owned social media platforms like reddit, but - being a business with plenty of money coming in - they can at least pay some people to keep an eye on the community (by which I mean admins, not mods), ensure the stability and uptime of the site, and develop enhancements. These are all more difficult in small, privately-funded systems. But that's a much bigger topic, and best left for another day.

B) Limit accounts by IP address

Most spammers create multiple accounts. Limiting the number of new accounts for an IP address could help with this, although that limit shouldn't necessarily be as low as 1 (as you wouldn't want to prevent genuine alt accounts).

Upsides:

  • Prevents too many accounts being created from a single IP address (ie most likely from a single person)

Downsides:

  • Can be bypassed relatively easily by using VPNs (though it adds an extra step that spammers have to take)
    Could prevent genuine users from registering (eg if multiple genuine users share an IP address)

C) Manually review and approve new accounts

Some instances require new accounts to answer some questions to allow admins to assess their suitability (and humanity). kbin could institute something like this.

Upsides:

  • This could at least limit the creation of new spam accounts, which currently seem to spring up like weeds.

Downsides:

  • This approach requires time and resources to set up and keep going.
  • It impedes the sign-up experience for genuine users (especially if it takes hours or days to be approved).
  • It could be bypassed by sophisticated responses to the challenge questions.

D) Rate limit new accounts

New accounts could be throttled so that they can only post one thread / reply per (let's say) 15 minutes. This limitation could be removed after a certain time or number of posts.

Upsides:

  • Limits the "productivity" of spam accounts, making it more difficult for spammers.

Downsides:

  • Requires time and effort to build
  • Impedes user experience for genuine users
  • Depending on how the posting throttling is relaxed, this system could be gamed. For instance, if the throttling is removed after (say) one week, all a spammer has to do is wait a week for the spamming to start.

E) Tie posting limits to reputation or mod reports

The above "rate limit new accounts" approach could be supplemented with an approach whereby posting limits are only removed if the account has neutral or positive reputation, and/or if the account has not been repeatedly reported for spamming.

So, for example, someone registers a new account. For the first week (or whatever time set by an admin-definable parameter), that account can only post once every 15 minutes (or whatever interval set by an admin-definable parameter).

After that first week the system reviews the status of the account. (Alternatively this review could be run "after the first X number of posts" rather than "x number of days".)

If the overall net reputation of the account is less than an admin-definable value (let's say, lower than negative 5), then the account restrictions remain in place, and the account is flagged for an admin (or similar role) to manually review and either block/delete or approve. If the net reputation is above this threshold, the posting limits are removed automatically, ie without manual intervention being required.

Alternatively (or additionally) the system could check how often posts by that account have been reported. If it has been reported more than an admin-definable value, posting limits remain in place and the account is flagged for an admin to review.

Upsides:

  • Limits the "productivity" of spam accounts
  • Uses the collective user base to identify spam accounts in a more sophisticated way than just reporting these to mods/admins, ie by creating a dataset which can be used by an inbuilt system to more easily help throttle/block spammers

Downsides:

  • Requires considerably more time and effort to build
  • Still requires a level of ongoing manual administration
  • Could be "gamed" by malicious users who downvote/report even worthwhile posts (which is why I think the system should not outright block users automatically but only rate limit them, and why I think an admin should have the ability to manually approve users for normal posting. Ie, just because someone posts unpopular opinions doesn't mean they're posting spam, and a manual review could accommodate this)

THE WAY FORWARD

The above are only some potential ideas, I'm sure there are others. And I'm sure there are issues that I haven't identified either.

Perhaps the way forward is to look at what can be done:

  • short term
  • longer term

As what's required right now to stomp the current spammers on the head may not be an long-term optimal solution

Kierunkowy74,
@Kierunkowy74@kbin.social avatar

A) Appoint more administrator (or other system roles with the ability to block/delete spam accounts)

@ernest already wanted to do this back in this autumn. It looks, that /kbin software actually was not ready to this, though. :/

HubertManne,
@HubertManne@kbin.social avatar

Honestly I would be fine if new accounts could not post at all for a bit. There was a big issue of no one posting content when folks were coming here from reddit. I think that is because it was regular folk and many of us follow a pattern of hanging out and getting comfortable and then replying to stuff and eventually posting stuff. this is how real human beings are which is why people were sorta gung ho to bot copy pasta from reddit but I like how humans are. Granted personality will effect this. type A maybe will engage sooner or such. Anyway I would have been fine if I could read only for a week and then reply only for a month and then finally be allowed to post. If someone becomes a mod non of these limits would apply to magazines they mod. Not sure how this would work with federation though. I still would love to sign up for others block lists. I like this user so I want to auto block anyone they block. I really like things to be controllable at the user level.

BaldProphet,
@BaldProphet@kbin.social avatar

Most of the magazines being spammed in right now only have a single moderator, and it's Ernest. He needs to appoint additional moderators for magazines that he is the only moderator of.

Prouvaire,

Agree, but it's not a question of him appointing moderators. It's a question of people stepping up and volunteering to be moderators. There are literally thousands of kbin magazines which are currently abandoned, ie where the moderator of the magazine hasn't been active on kbin.social. Anyone can volunteer to take over ownership of these magazines by clicking a button, but there isn't enough interest in the userbase at the moment.

However, you are correct in that spammers are targeting the bigger magazines like m/fediverse, and because Ernest is owner of these magazines but is active on the site, these magazines don't appear in the abandoned magazines list. I agree that in order to ease the administrative burden on him, Ernest should call for additional moderators for these most active magazines, and even step down as the owner of these when one or more replacements have been found.

Chozo,

I went ahead and requested mod for a couple of those mags. I wouldn't be able to dedicate too much time to it, but I could at least take on a janitorial role and help clean up the spam that keeps flooding in.

rhythmisaprancer,
@rhythmisaprancer@kbin.social avatar

What all is involved on moderating? I haven't gotten involved in any of that, I come from a bulletin board back ground, not reddit, but I am sure I am not the only person without a relevant background who is willing to be helpful in some capacity. It will just all be new. But it seems like having a warm body to delete posts could help a lot!

Prouvaire,

Magazine moderators have the ability to delete posts in their community (also pin/unpin them) and ban users from their community. I don't think it would take a huge amount of time as a rule - it's just a matter of checking in regularly (I suppose ideally several times a day) to see if there are any moderator actions that need to be taken.

Beyond that, moderators typically play a role in curating content and setting/monitoring community guidelines. But we've been talking about people being appointed solely to carry out the more technical/administrative functions in certain magazines to prevent the recent flood of spam. Ie, people have said they'd be happy to ban spam accounts without necessarily taking on the curation of the magazine in question.

BaldProphet,
@BaldProphet@kbin.social avatar

I requested to be added as a moderator to m/opensource, which is one of the worst offenders right now. Hopefully Ernest will accept some of the requests that people are making.

I think it's actually a good thing that there aren't a ton of moderator applications. It means the userbase aren't the same basement dwelling keyboard tyrants that Reddit had. Still, right now we could use more mods either way.

Prouvaire,

Ernest hasn't posted since last week, so hopefully he's okay. He's alluded to having a fever and having to figure out kbin's finances (and a bit before that, mentioned that he had to take on another job to cover the bills), so I'm guessing life has gotten in the way of kbin. It's worth bearing in mind that all the threadiverse projects are basically someone's hobby at the moment.

Some of us _aspire _ to dwelling in a basement!

jwr1,
@jwr1@kbin.earth avatar

Kbin already let's you apoint users as instance level moderators (without admin permissions). So, Ernest probably just needs someone that can help with the moderation, because I can't tell he actually looks at the reports, considered I've reported several spam posts before (from kbin.social) and nothing was removed.

athos77,

Another option might be that, after an account has been reported a given number of times, any further content from it is temporarily quarantined, allowing some level of moderator to check the account before approving queued and further posts. (Quarantine could also be combined with some of OP's suggested triggers.) Quarantine has pros and cons as well, but it's another option to consider.

density,
@density@kbin.social avatar

I tried to report some spam the other day and I got a message along the lines of "this message has already been reported" so I don't think anyone is getting 100 reports of anything, only 1 for each spam.

see also this issue https://codeberg.org/Kbin/kbin-core/issues/1055 which i don't think was every really adddressed

Prouvaire,

That's good to know, thanks.

I should have had a look at codeberg before making my post. As well as the entry you identified, there's also this, a suggestion to rate limit accounts: https://codeberg.org/Kbin/kbin-core/issues/948

rhythmisaprancer,
@rhythmisaprancer@kbin.social avatar

I don't have anything to add but appreciate you beginning the discussion. It seems that all instances will periodically face this issue; perhaps it would be good to have a proactive plan on place for when it becomes relentless.

  • Wszystkie
  • Subskrybowane
  • Moderowane
  • Ulubione
  • muzyka
  • Spoleczenstwo
  • fediversum
  • test1
  • krakow
  • FromSilesiaToPolesia
  • rowery
  • Technologia
  • slask
  • lieratura
  • informasi
  • retro
  • sport
  • Blogi
  • nauka
  • Gaming
  • esport
  • Psychologia
  • Pozytywnie
  • motoryzacja
  • niusy
  • tech
  • giereczkowo
  • ERP
  • antywykop
  • Cyfryzacja
  • zebynieucieklo
  • kbinMeta@kbin.social
  • warnersteve
  • Wszystkie magazyny