this post was submitted on 05 Sep 2024
565 points (96.4% liked)

Technology

60462 readers
3886 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
565
Bots are running rampant. How do we stop them from ruining Lemmy? (lemmy.world)
submitted 4 months ago* (last edited 4 months ago) by [email protected] to c/[email protected]
288 comments fedilink hide all child comments
 

Social media platforms like Twitter and Reddit are increasingly infested with bots and fake accounts, leading to significant manipulation of public discourse. These bots don't just annoy users—they skew visibility through vote manipulation. Fake accounts and automated scripts systematically downvote posts opposing certain viewpoints, distorting the content that surfaces and amplifying specific agendas.

Before coming to Lemmy, I was systematically downvoted by bots on Reddit for completely normal comments that were relatively neutral and not controversial​ at all. Seemed to be no pattern in it... One time I commented that my favorite game was WoW, down voted -15 for no apparent reason.

For example, a bot on Twitter using an API call to GPT-4o ran out of funding and started posting their prompts and system information publicly.

https://www.dailydot.com/debug/chatgpt-bot-x-russian-campaign-meme/

Example shown here

Bots like these are probably in the tens or hundreds of thousands. They did a huge ban wave of bots on Reddit, and some major top level subreddits were quiet for days because of it. Unbelievable...

How do we even fix this issue or prevent it from affecting Lemmy??

(page 4) 50 comments
sorted by: hot top controversial new old
[–] [email protected] 42 points 4 months ago (13 children)

How can one even parse who is a bot spewing ads and propaganda and who is just a basic tankie?

They both get the same scripts.. it's an impossible task.

load more comments (13 replies)
[–] [email protected] 7 points 4 months ago (1 children)

For example, a bot on Twitter using an API call to GPT-4o ran out of funding and started posting their prompts and system information publicly.

While there's obviously botspam out there, this post is clearly a fake as anyone with the programming experience will notice immediately. It's just engagemeb bait

load more comments (1 replies)
[–] [email protected] 3 points 4 months ago (1 children)

Not a full solution, but... can you block users by wildcard? IMHO everyone who has ".eth" or ".btc" as their user name is not worth listening to. Being a crypto bro doesn't mean you need to change your user name... unless you intend to scam people.

I'll revise my opinion if rappers ever make crypto names cool.

[–] [email protected] 0 points 4 months ago

can you block users by wildcard?

Nope. You also can't prevent users from viewing your profile. It's not like Facebook where you block someone, they're gone and can't even see you. On Reddit, they can see you, and just log onto another account to harass and downvote you.

[–] [email protected] 10 points 4 months ago

The problem with almost any solution is that it just pushes it to custom instances that don't place the restrictions, which pushes big instances to be more insular and resist small instances, undermining most of the purpose of the federation.

[–] [email protected] 24 points 4 months ago (10 children)

Add a requirement that every comment must perform a small CPU-costly proof-of-work. It's a negligible impact for an individual user, but a significant impact for a hosted bot creating a lot of comments.

Even better if you make the PoW performing some bitcoin hashes, because it can then benefit the Lemmy instance owner which can offset server costs.

[–] [email protected] 5 points 4 months ago (1 children)

There was discussion about implementing Hashcash for Lemmy: https://github.com/LemmyNet/lemmy/issues/3204

[–] [email protected] 5 points 4 months ago* (last edited 4 months ago) (4 children)

It seems like a no-brainer for me. Limits bots and provides a small(?) income stream for the server owner.

This was linked on your page, which is quite cool: https://crypto-loot.org/captcha

[–] [email protected] 2 points 4 months ago (1 children)

Hashcash isn't "cryptocurrency".

load more comments (1 replies)
load more comments (3 replies)
[–] [email protected] 7 points 4 months ago (2 children)

That's a hard NO from me, dawg. If Lemmy goes down that path, I will just not comment. My account settings let me just block bots. I dont need my resources wasted so I can interact with the "good bots".

[–] [email protected] 7 points 4 months ago* (last edited 4 months ago) (6 children)

How much resources are we talking about here? If it's 3% of your CPU usage for 2 seconds, you're really going to have an issue with that?

Whatever solution should be negligible for you, but costly for a botfarm.

Here's a live example, not exactly onerous: https://demo.mcaptcha.org/widget/?sitekey=pHy0AktWyOKuxZDzFfoaewncWecCHo23

(Obviously in Lemmy's case you wouldn't have the additional unecessary checkbox)

[–] [email protected] 3 points 4 months ago* (last edited 4 months ago) (1 children)

That's not what I consider negligible on my phone, which is already resource constrained. Yes, I have a problem with an app that intentionally wastes my valuable resources. I wouldn't care so much from my desktop, but I mostly just use a desktop client to do things I can't easily do on my mobile clients.

No big deal. It's not as if my participation is especially valuable. I would just participate less.

edit: my objection is obviously more in principal than it is practical, but it would hardly be the first time I walked away from software (or a network) on philosophical grounds.

load more comments (1 replies)
load more comments (5 replies)
load more comments (1 replies)
[–] [email protected] 8 points 4 months ago (3 children)

At that point aren't we basically just charging people money to post? I don't want to pay to post.

load more comments (3 replies)
[–] [email protected] 31 points 4 months ago (2 children)

Will that ruin my phone's battery?

Also what if I'm someone poor using an extremely basic smartphone to connect to the internet?

[–] [email protected] 12 points 4 months ago (2 children)

Only if you're commenting as much as a bot, probably wouldn't be any more power usage than opening up a poorly optimized website tbh

load more comments (2 replies)
load more comments (1 replies)
load more comments (6 replies)
[–] [email protected] 0 points 4 months ago

related: https://lemmy.blahaj.zone/post/16150311

[–] [email protected] 7 points 4 months ago (10 children)

You were targeted by someone and they used the bots to punish you. It could have been a keyword in your posts. I had some tool that would down vote any post where I used the word snowflake. I guess the little snowflake didn't like me calling him one. I played around with bots for a while but it wasn't worth it. I was a OP on several IRC networks back in the day and the bots we ran then actually did something useful. Like a small percentage of reddit bots.

load more comments (10 replies)
[–] [email protected] 19 points 4 months ago* (last edited 4 months ago) (3 children)

One time I commented that my favorite game was WoW, down voted -15 for no apparent reason.

I wouldn't use that as evidence that you were bot-attacked. A lot of people don't like WoW and are mad at it for disappointing them. *coughSHADOWLANDScough*

load more comments (3 replies)
[–] [email protected] 3 points 4 months ago

Isn’t there code / the magic incantation of prompt text that we can deploy to get bots to reveal themselves? Even if it take more than one response?

load more comments
view more: ‹ prev next ›