Stanford researchers find Mastodon has a massive child abuse material problem
theverge.com
Mastodon, an alternative social network to Twitter, has a serious problem with child sexual abuse material according to researchers from Stanford University. In just two days, researchers found over 100 instances of known CSAM across over 325,000 posts on Mastodon. The researchers found hundreds of posts containing CSAM related hashtags and links pointing to CSAM trading and grooming of minors. One Mastodon server was even taken down for a period of time due to CSAM being posted. The researchers suggest that decentralized networks like Mastodon need to implement more robust moderation tools and reporting mechanisms to address the prevalence of CSAM.
You are viewing a single comment
One of the problems with the fediverse is that each server keeps its own copy of the content. It is definitely a worry that bad actors push content to federated servers to get them taken down due to the content they now are storing.
What's the reason for that? Caching purposes?
General idea is that if there is only one copy, taking something down is knocking that server out of service.
If I'm running a tiny little single-user instance on a potato and my post goes to the mastodon.social federated feed, it would be impolite for them to direct 20,000 requests at my potato all at once. Instead, their servers grabs one copy and serves it to their users. If they're set up for 20k eyeballs online at once, they've got capacity to serve them all the photo.
Mastodon has a configurable clean-up period for cached media so you don't use infinite disk. That gives a bad actor an easy way to robustly host images for a couple days: post it, let it federate out, and then take your server down. Everyone else is now doing crimes for you, and cleaning it up is a reactive process by dozens of server admins.
I think so. My Lemmy instance for example is currently storing several gigabytes of images in my cloud buckets, but with my 4 users I'm reasonably confident it didn't all come from us.
This is why I disabled that feature on my Lemmy instance.
Yes it's a caching thing.