this post was submitted on 05 Sep 2024
565 points (96.4% liked)

Technology

59161 readers
2096 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Social media platforms like Twitter and Reddit are increasingly infested with bots and fake accounts, leading to significant manipulation of public discourse. These bots don't just annoy users—they skew visibility through vote manipulation. Fake accounts and automated scripts systematically downvote posts opposing certain viewpoints, distorting the content that surfaces and amplifying specific agendas.

Before coming to Lemmy, I was systematically downvoted by bots on Reddit for completely normal comments that were relatively neutral and not controversial​ at all. Seemed to be no pattern in it... One time I commented that my favorite game was WoW, down voted -15 for no apparent reason.

For example, a bot on Twitter using an API call to GPT-4o ran out of funding and started posting their prompts and system information publicly.

https://www.dailydot.com/debug/chatgpt-bot-x-russian-campaign-meme/

Example shown here

Bots like these are probably in the tens or hundreds of thousands. They did a huge ban wave of bots on Reddit, and some major top level subreddits were quiet for days because of it. Unbelievable...

How do we even fix this issue or prevent it from affecting Lemmy??

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 24 points 2 months ago (6 children)

Add a requirement that every comment must perform a small CPU-costly proof-of-work. It's a negligible impact for an individual user, but a significant impact for a hosted bot creating a lot of comments.

Even better if you make the PoW performing some bitcoin hashes, because it can then benefit the Lemmy instance owner which can offset server costs.

[–] [email protected] 7 points 2 months ago* (last edited 2 months ago) (1 children)

How would this be enforceable, though? Part of the benefit of the Fediverse is that multiple different apps can communicate with each other (for example, you can see Lemmy posts on Mastodon). Even if Lemmy implements something like this, what's to stop someone from commenting using a different app that doesn't implement it?

I'm actually surprised we don't see more spam on ActivityPub-powered systems, since spammers don't even need to have an account with Lemmy, Mastodon, etc and could instead have their own ActivityPub server to send the spam. I guess they don't do that since the spam instance would be defederated pretty quickly.

[–] [email protected] 2 points 2 months ago* (last edited 2 months ago) (1 children)

it would have to be fundamental to the platform, i believe a few platforms have something similar where this generates a unique "key" used to identify the user.

I think I2P does this?

[–] [email protected] 2 points 2 months ago (1 children)

If the bots are already using gpt4 then a little crypto heat is essentially the same thing

[–] [email protected] 1 points 2 months ago

you'd still need to front it on the bot farm side though. Shit's still costly.

Regardless, if it's not enough, just make it more lmao.

[–] [email protected] 2 points 2 months ago* (last edited 2 months ago) (1 children)

I think the computation required to process the prompt they are processing is already comparable to a hashcash challenge

[–] [email protected] 1 points 2 months ago

But that's on the LLM side not the bot side.

[–] [email protected] 5 points 2 months ago (1 children)

There was discussion about implementing Hashcash for Lemmy: https://github.com/LemmyNet/lemmy/issues/3204

[–] [email protected] 5 points 2 months ago* (last edited 2 months ago) (3 children)

It seems like a no-brainer for me. Limits bots and provides a small(?) income stream for the server owner.

This was linked on your page, which is quite cool: https://crypto-loot.org/captcha

[–] [email protected] 6 points 2 months ago (1 children)

It doesn't seem like a no brainer to me... In order to generate the spam AI comments in the first place, they have to use expensive compute to run the LLM.

[–] [email protected] 1 points 2 months ago

most of the time this "expensive" compute is just openAI

[–] [email protected] 6 points 2 months ago

what happens when the admin gets greedy and increases the amount of work that my shitty android phone is doing

[–] [email protected] 2 points 2 months ago (1 children)

Hashcash isn't "cryptocurrency".

[–] [email protected] 1 points 2 months ago

Technically not, but spammers can already pay to outsource hashing more easily than desirable users can. So if we're relying on hashes anyways, then we might as well make it easy for desirable users to outsource too.

IMO that's why the inventor of Hashcash just develops Bitcoin today.

[–] [email protected] 7 points 2 months ago (2 children)

That's a hard NO from me, dawg. If Lemmy goes down that path, I will just not comment. My account settings let me just block bots. I dont need my resources wasted so I can interact with the "good bots".

[–] [email protected] 1 points 2 months ago

it's a one time cost at creation of the account. Or at least that should be the idea.

[–] [email protected] 7 points 2 months ago* (last edited 2 months ago) (2 children)

How much resources are we talking about here? If it's 3% of your CPU usage for 2 seconds, you're really going to have an issue with that?

Whatever solution should be negligible for you, but costly for a botfarm.

Here's a live example, not exactly onerous: https://demo.mcaptcha.org/widget/?sitekey=pHy0AktWyOKuxZDzFfoaewncWecCHo23

(Obviously in Lemmy's case you wouldn't have the additional unecessary checkbox)

[–] [email protected] 0 points 2 months ago* (last edited 2 months ago) (1 children)

that was pretty fast. i think if I was a bot sending prompts to an AI to generate posts, i probably wouldn't care about this amount of computation at all

[–] [email protected] 2 points 2 months ago (1 children)

Must be strange to live in a world where you can't imagine that software could have configurable parameters, such that you could find something that's fine for a person posting individual comments and painful for a bot farm.

[–] [email protected] 3 points 2 months ago (1 children)

15 seconds to generate a post from the prompt with ai, and 1/15 seconds for the hashcash challenge is supposed to inconvenience the bot wizards?

[–] [email protected] 3 points 2 months ago (1 children)

If they're running their own LLM hardware, and their Lemmy spam posts are generating enough revenue to cover that, then I take it back, because that is impressive.

I guess we're fucked.

[–] [email protected] 1 points 2 months ago

It’s not always about profit, it’s also about controlling the narrative. The more expensive that is, the less the narrative can be controlled by money.

[–] [email protected] 3 points 2 months ago* (last edited 2 months ago) (1 children)

That's not what I consider negligible on my phone, which is already resource constrained. Yes, I have a problem with an app that intentionally wastes my valuable resources. I wouldn't care so much from my desktop, but I mostly just use a desktop client to do things I can't easily do on my mobile clients.

No big deal. It's not as if my participation is especially valuable. I would just participate less.

edit: my objection is obviously more in principal than it is practical, but it would hardly be the first time I walked away from software (or a network) on philosophical grounds.

[–] [email protected] 6 points 2 months ago

If we can't find a more practical solution, then is it really a "waste" of resources? Right now we're paying with much more expensive time and attention.

[–] [email protected] 8 points 2 months ago (1 children)

At that point aren't we basically just charging people money to post? I don't want to pay to post.

[–] [email protected] 2 points 2 months ago (2 children)

I'd actually prefer that. Micro transactions. Would certainly limit shitposts

[–] [email protected] 4 points 2 months ago

shitposters are the bed rock of any healthy online community

[–] [email protected] 2 points 2 months ago

But that opens up a whole can of worms!

  • Will we use Hashcash? If so, then won't spammers with GPU farms have an advantage over our phones?

  • Will we use a cryptocurrency? If so, then which one? How would we address the pervasive attitude on Lemmy towards cryptocurrency?

[–] [email protected] 31 points 2 months ago (2 children)

Will that ruin my phone's battery?

Also what if I'm someone poor using an extremely basic smartphone to connect to the internet?

[–] [email protected] 1 points 2 months ago

it would only be generated the first time, and possible rerolls down the line.

Also what if I’m someone poor using an extremely basic smartphone to connect to the internet?

just wait, it's a little rough, but it's worth it. 10 hours overnight would be reasonable. Even longer is more so if you limit CPU usage. The idea is that creating one account takes like 10 minutes, but creating 1000 would simply take too much CPU time in order to be worth the time.

[–] [email protected] 12 points 2 months ago (2 children)

Only if you're commenting as much as a bot, probably wouldn't be any more power usage than opening up a poorly optimized website tbh

[–] [email protected] 5 points 2 months ago

my phone

poorly optimized website

rip

[–] [email protected] 1 points 2 months ago

my phone

poorly optimized website

rip