already did. it’s the same person running the infrastructure, although moderation of mstdn.party and mstdn.plus is handled by someone else.

we’ve since been in contact with the person running these services and the material has been taken down on lemmy.one, as well as lemmy.one closing down in three months.

we’re still discussing in our team how we will deal with this going forward and will be posting a new announcement about this in the coming days.

you can read https://lemmy.world/post/29550945 for our previous writeup about this.

it’s a combination of multiple issues.

lemmy federation has improved significantly over the past years, so if this was happening with lemmy instances today, especially online ones involved, this would be much less of an issue.

the original user posting this stuff was on a kbin instance. kbin/mbin still do not support federating bans of users. kbin is basically dead, mbin is tracking that here. when this was originally removed on kbin this never federated out to other platforms.

the next problem is that the original instance is no longer there, so attempting to address this with community bans from lemmys side is not working anymore if the user isn’t known to the instance anymore, as it can’t be refetched from the source. if the instances that the related communities are hosted on purged this user in the past they wouldn’t be able to federate out a community ban anymore.

another problem is that lemmy is typically configured in a way where it creates a local copy of thumbnails if no thumbnail url is provided by the source, which is what lead to a local copy of this material. in the end i consider this only a secondary issue, as while most people would rather not have this stored on their servers at all, if you allow media uploads you can never be 100% sure about the content uploaded to your server. this is therefore typically something where providers are expected to take action once they become aware of it. some providers are also taking preventative measures like scanning uploads, comparing to hash databases of known csam, etc. had the original instance ban or community bans been performed properly this would at least have removed public access to the stuff, as the media filenames are randomly generated and not guessable.

it’s generally not impossible to prevent stuff from returning to your instance once you have taken it down properly, but in cases where federation didn’t work, which could be for a wide range of reasons, including your instance being misconfigured during maintenance, your instance being defederated from an instance involved in the removal, and others, it may require local action. if i ban a user then no new content form that user is going to come to LW until they are unbanned again. this includes manually fetching posts or other content, so if i purge an old post of theirs the post wouldn’t be able to come back until the user gets unbanned.

the problem isn’t being able to see them in the thread but that you can’t open the user profile, so you don’t see if there are any comments.

it was already shared in an admin coordination matrix room as well

essentially start by identifying the accounts posting links to the domain in question, then analyze the voting behavior of the accounts upvoting these posts. you can start by sorting out accounts that have legitimate activity and then narrow it down further and find common patterns that only apply to these accounts.

most of them were also created in similar time frames.

edit:

to extend on this, once you have something to go on with it’s fairly easy. the hard part is finding something that applies in a more generic way to identify this happening before someone else discovers unusual voting patterns and reports them.

thanks for flagging this, i just banned 346 accounts involved in this scheme from lemmy.world :|

(unbanned at the time of creating the report) accounts posting links to the same domain:

• 4x sh.itjust.works
• 2x ani.social
• 1x thelemmy.club
• 1x lemmy.ca

accounts i’m highly confident were involved in vote manipulation here:

• 172x sh.itjust.works
• 22x ttrpg.network
• 21x lemmings.world
• 20x discuss.online (banned by me)
• 19x lemmy.wtf
• 18x lemmy.myserv.one
• 18x leminal.space
• 18x ani.social
• 16x endlesstalk.org
• 7x lemmy.ca
• 4x lemy.lol
• 1x toast.ooo
• 1x startrek.website
• 1x lemm.ee

FYI PrivacyGuides is operated by a CSAM-friendly entity, they completely ignore abuse reports about CSAM hosted on their platforms.

I can only recommend everyone to defed from them.

edit: the material on lemmy.one has since been taken down, we will be providing an update post in [email protected] soon with our future plans for dealing with these platforms.

certainly not something i’m willing to risk. defederated them now.

the stuff is still up on lemmy.one, months from the original report, with zero indication that they care about it in the slightest.

i’m tempted to add their domains to our automod (only removal), but i’ll discuss this in our team before doing so.

even if there are multiple people involved in the operation of this discourse forum, even this announcement is by jonah, who as far as i can tell is the head of these projects and also owner of the associated US companies. if this was something ran by a different team and they’d be able to separate themselves from jonah’s (in)actions then it might be a different story, but as it is right now, it seems that all these services related to PrivacyGuides are operated by the same entity.

Now for the other weird bit. If I enable secret mode, the website works fine.

most likely the bad 404 response was also cached in your web browser. try clearing your cache or doing a reload with ctrl+f5 or cmd+shift+r.

we had an issue related to incorrectly caching 404 responses earlier but that was a few hours before your post. it should already have been resolved when you posted this.

i’ve banned all the accounts i could identify as part of this scheme from lemmy.world now.

i originally sent them a warning before i was aware of the scale of this involving a bunch of alts with different usernames. if i had known that when i sent the warning it would’ve been a ban straight away.

they replied to my warning pretending they didn’t know about any recent vote manipulation, so they’re clearly not interested in acting in good faith going forward.

yes, we have a matrix room for coordinated efforts against spam and other types of abuse, which admins are welcome to join.

once lemmy allows reporting user profiles directly this will probably become more likely to reach the instances admins of instances that are less actively maintained as well.

I’ve sent out warnings to 10 other users in the past few days about similar behavior already and also banned two users for this type of behavior. one of them appealed and is unbanned again.

I also had this account in my list of such accounts, but I hadn’t followed up on it yet, as I figured I’d just deal with the top n users and then review it again at a later point in time.

i’ve sent them a warning about this as well now that they’ll get banned from our instance if they continue engaging in this behavior.

sorry about the late response, got a lot of stuff going on currently and it seemed like you got useful replies here already anyway when i checked before.

we currently have a rule in place that blocks traffic with too high of a threat score. this rule was implemented before i joined, i’ll have to check with the team about the original reason for this and if we want to relax this.

at least the error message should be improved if we can do that, i think that’s just returning a static message currently.

the domain on the link you shared was previously used by spam bots

yes it is an instance ban: https://sh.itjust.works/u/[email protected] https://sh.itjust.works/modlog?page=1&actionType=All&userId=14537229

nobody from SJW will see this post, as you’re currently banned from their instance. mentions of their admins in this thread won’t work, nor will any of your pms make it over there.

you were also banned by our LW automod for a minute until i reversed it: https://lemmy.world/modlog?page=1&userId=10371316

I’ve shared this thread directly with SJW admins on other channels for a review.

unfortunately it seems that people are trusting google search results to be accurate without following links.

as far as I can tell this is a combination of reddit returning the subreddit creation date as the timestamp that will show up in search results yet including images of recent posts, which google will then use as an indicator of “the image exists on this page”. this will lead to a 7 year old subreddit with recent posts showing as the image being present on a 7 year old search result. if people actually follow the link they’ll see it’s just a link to the subreddit and not to an individual post.

are there actually this old posts?

this seems like google + reddit being a shitty combination. i’m seeing fewer results but the two results i get that are 7 years old are just links to the subreddit, not to posts, which is likely throwing off the date on there.

other reverse image searches like tineye don’t show any prior images, so it’s very likely that you’re just fooled by misleading search results.

unless you can produce links or other evidence about actual 7 year old content please correct your comment.

I have already commented the same on the other post.

Sure, the same applies to any other lemmy-internal contact method though such as posting to [email protected] or sending a pm to @[email protected].

Our automod doesn’t currently inform people that they’re banned or how they’d appeal that though. We usually review automod actions within an hour though, in most cases false positives are sorted out before the user even notices them.

you can’t use lemmy PMs while you’re banned from the instance.

appeals can generally be made in any way that will reach our team; email addresses are listed in the instance sidebar and community sidebar at https://lemmy.world/c/support.