There’s another round of CSAM attacks and it’s really disturbing to see those images. It was really bothering to see those and they weren’t taken down immediately. There was even a disgusting shithead in the comments who thought it was funny?? the fuck
It’s gone now but it was up for like an hour?? This really ruined my day and now I’m figuring out how to download tetris. It’s really sickening.
How was it handled on Reddit? Did the moderators have to handle it there as well, or did Reddit filter it out beforehand?
Reddit uses a CSAM scanning tool to identify and block the content before it hits the site.
https://protectingchildren.google/#introduction is the one Reddit uses.
https://blog.cloudflare.com/the-csam-scanning-tool/ is another such tool.
Are any of the examples that your provided libre/free and open-source? I wasn’t able to find any info for Google’s, and Cloudflare seems to only offer theirs for free if you are already using Cloudflare’s services. If not the examples that you provided, does there exist any tools that are libre/free and open-source?
No.
The nature of the checksums and perceptual hashing is kept in confidence between the National Center for Missing and Exploited Children (NCMEC) and the provider. If the “is this classified as CSAM?” service was available as an open source project those attempting to circumvent the tool would be able to test it until the modifications were sufficient to get a false negative.
There are attempts to do “scan and delete” but this may add legal jeopardy to server admins even more than not scanning as server admins are required by law to report and preserve the images and log files associated with CSAM.
I’d strongly suggest anyone hosting a Lemmy instance to read https://www.eff.org/deeplinks/2022/12/user-generated-content-and-fediverse-legal-primer
The requirements for hosting providers are https://www.law.cornell.edu/uscode/text/18/2258A
AI will make this redundant
It will also make it a battle of attrition. Because now we’re not only using AI to block CSAM; Trolls are using AI to generate CSAM.
The issue is that these tools typically work by hashing the image (or a specific section of the image) and checking it against a database of known CSAM. That way you never actually need to view the file to compare it to the list. But with AI image generation, that list of known CSAM is essentially useless because trolls can just generate new images.
Even without the issue of new AI-generated images, those hash-based scanning tools aren’t available to hobbyist projects like the typical Lemmy instance. If they were given to hobbyist projects, it would be really easy for an abuser to just tweak their image collection until it didn’t set off the filter.
You can use CloudFlare’s CSAM scanning tool completely for free. You can’t get access to the hashes, which would allow what you are talking about.
Sure, for Lemmy instances who are Cloudflare customers. But I don’t think it can be integrated with the Lemmy code by default.
No it can’t, and it shouldn’t be. It’s better to stop the CSAM before it ever makes it to any server you control rather than wait and then need to deal with it.
Bingo, that’s the issue. With an endless supply of fresh content, hash checking is dead
On the other hand, if the people who want those images can satisfy their urges using AI fakes, that could mean less spreading of images of actual abuse. It might even mean less abuse happening.
However, because they’re terrible people, I have to suspect that’s not the case.
People who create the content and insane monsters, but a LOT of actual pedos (vs predators looking for a power play) are disgusted by their preference. I know a ton of them look to cartoons already for stimulation, so I think AI content could draw more people away from actual material. Hopefully if demand reduces there will be less creation of new real content as the potential profits fall more proportionate to the risk.
Reddit pays people.
Unless this place monetizes its done. But everyone in this place expects everything to be free.
They don’t pay moderators, so that’s a moot point.
But I do agree in general that there needs to be money flow to developers and admins, and potentially moderators as well. Perhaps that can be done with donations, or perhaps there needs to be a profit model, IDK, but I haven’t seen a long term solution here.
My opinion is that the federated model is broken, and we should be looking into decentralized models where users share some of the burden. That way monetization wouldn’t be an issue because there isn’t a huge infrastructure cost.
But I’ll stick around while it works.
Reddit pays admins, I think we are mostly on the same page on the rest. Donations will never happen though. It’s going to be at least $100 a year per person+ unless you end up cutting corners on stability and I don’t see the user base accepting that really.
Nah, it’s more like a few hundred/month/instance, so if an instance has 5k users, it’s $1-2/user/month. So about a quarter of what you suggested.
But again, it’s unlikely to actually happen. Voluntary donations tend to suffer from the Bystander Effect.