We have been informed of another potential CSAM attack to our federated instance lemmy.ml.
After the events of the last time, I have preemptively and temporarily defederated us from lemmy.ml until the situation can be assessed with more clarity.
I have already deleted the suspicious posts (without looking at them myself, all from the database’s command line) and banned the author. To the best of our knowledge, at no point in time any CSAM content was saved on our server.
EDIT: 2023-09-03 8:40 UTC
There have been no further reports of similar problems arising from lemmy.ml or other instances, so I am re enabling federation. Thank you for your patience.
I don’t really care about caching or load balancing, the only reason I’m considering Cloudflare is that CSAM filter.
That’s correct, actually. On one hand, the devs seem so focused on the privacy of users that they often prioritize that over improving the safety of the software (for instance the Lemmy server has next to no logs, apparently for that reason). On the other hand, it’s crazy how much data is transferred over federation. For instance, I have already developed a script that allows me to view EVERY post or comment someone has upvoted. The data is all there, wouldn’t take much for someone to harvest it en masse and start profiling users.
Us. We hoover-in-mass and profile users.
Next post on !pcm@lemmy.basedcount.com : Political Compass of every user on the instance according to the AI model we’ve trained with the data they’ve unconsciously given to us.
DOWN WITH THE AI! SMASH IT WITH A FUCKING HAMMER!