Distributed Troll-blockers

Erik R
!Hubzilla Support Forum

Hi there, we now meet Simon the Troll and we now have to deal with blocking a user. I recall there are ways to block a user from my hub but I realize that we all need to discover Simon and block 'em separately on each hub.

So, here is my thought; is there a need for a distributed blocking mechanism or at least a kind of warning mechanism. Before we even reach world domination we will eventually stumble on our first threatened user, the first sexual abuse, the first fraud and in this case there is not a single point to contact, each and every one of us must both discover the problem and block it. Thinking of it many face-book frauds would work here too (like pretending being a friend on vacation with a stolen wallet and passport) but I am not as highly specialized on Hubzilla as the techs are on face-book.

I realize this need to be scrutinized and done with delicate care, we would like to distribute an indication of a troll but not start a bad reputation because of an misunderstanding.

Perhaps we need to do some strategic and philosophical thinking here?
Paco Menzar Bien

@Michael MD said "my comment was about the worry about much more serious and very real network-wide threats like automated spam or organised trolling
(by "organised" I mean someone hiring lots of people to do some kind of deliberate trolling - a nasty kind of threat that has been seen in places like facebook in recent years)

A while ago I had an elgg server which became totally inoperative because of these trolls who filled the blog without substance and added links that went to their interests. I could not cope to erase their intrusions.
If these people learn how to fill our streams with garbage, then we're screwed.

The second problem the only solution I see is educating. Unfortunately the lynchings exist and I am pessimistic that they disappear, we can try to mitigate them.

Sorry, I'm sorry I did not understand the problem and stay on the surface.
Mike Macgirvin
As long as you choose a privacy role besides 'social -federation', everything you see in your stream is the result of you personally allowing it. You can also personally disallow it. If you choose 'social-federation', you give up this control and your privacy.  Unfortunately this is the choice that every other decentralised communication software provider has made. And nobody questions this because they find it convenient to 'follow tags' and comment on posts of people you've never met. With this convenience comes the ability to spam the entire federation/fediverse.

The entire reason (and I've said this before) for the rise of the 'social network' in computer history is because of email spam. People needed a safe place to communicate only with friends and without all the advertising noise. Now, Facebook and other "social networks" are one of the largest sources of advertising noise and unsolicited/undesired communications. Email has been given to the wolves - nobody is seriously fighting email spam any more.

If you don't learn from history you are doomed to repeat it.

If you want to keep your exposure to spam at a minimum, turn off or disable the public stream and set your privacy role to something besides 'social-federation'.  Then the only way you are going to see unwanted stuff is "friends of friends" and public forums. Public forums can remove members and even disable automatic joining (this is new), but in an extreme case you may be forced to disconnect from or block the forum. You can still communicate with your immediate friends, and the site admin doesn't need to become a 'nanny' or 'censor' for their members. You're in control of your own stream. This is really the only solution which can ever actually work. If you allow unfiltered and unrestricted communications from anybody in the world, ultimately that's exactly what you're going to get.
Haakon Meland Eriksen (Parlementum)
  last edited: Wed, 23 May 2018 15:23:16 +1000  
We are looking into Robotic Process Automation (RPA) in the public sector, and if we are, so are spammers. RPA lowers the bar for becoming an advanced spammer, i.e. more will appear as long as there is a profit. Put simply, RPA is the modern form of the Windows 3.1 Macro Recorder utility, you record a script of user actions, then replay it like a robot to automate boring tasks a human would do, and today this includes combining / stringing together normal GUI and browser automation, OCR and image recognition, as well as working with APIs across networks. RPAs are available as commercial platforms - proprietary and FLOSS - or at no cost on Github, with support for general purpose programming languages like Python for their automation scripts to leverage a vast number of Python libraries like sentiment analysis. All this means sofisticated automated spamming of your social stream from a botnet of fake accounts is a script kiddie away, and the only way to stop it from infecting you is by using a digital prophylactic like Mike suggests to be safe.