The more people use Fedecan services, the more Fedecan will attract bots.
Which means Fedecan will have to do something for users to prove that they are human. When I joined, you guys had a registration prompt with manual review, but I imagine the prompts you gave could be automatically bypassed by an LLM fairly easily.
The naive solution is to do something like collecting government IDs like Facebook tried at one point. But that’ll just drive people away who don’t trust Fedecan with that info.
What would be your thoughts (admin thoughts, and community thoughts) to implement some ‘proof of unique personhood’ process with something like Canada Post Identity+? Basically, Canada Post verifies that users are human and is responsible for taking care of PII, and Fedecan just trusts Canada Post to not let the same user register multiple times. If done well, I think ‘Canada Post proves that every user account on this site is a unique human’ could be a real selling point for lemmy.ca and pixelfed.ca
Full disclosure, I heard about it in a Reddit thread of people complaining about bugs in it while they try to vote in the Liberal party election. But I bet this is just early adopter bugs, and the Liberal party clearly trusts it with their leadership elections.
Regardless, I think proof of unique personhood is a problem Fedecan will have to solve, and a solution through something as Canadian as the post office just seems more elegant than having the Fedecan admins reinvent the wheel.
I realize you guys (admins) are probably quite busy with IRL work and the Pixelfed launch, so if there was interest in this but no admin capacity to investigate further, I could volunteer to reach out to Canada Post and see what they could offer for non-profit use, including what it would cost Fedecan.
Thoughts?
EDIT: for people concerned about “but then CSIS knows which account is mine”, an anonymous credential system like U-Prove could be used to prove “1 lemmy.ca user = 1 unique real person”, while cryptographically guaranteeing it is impossible to link any particular lemmy.ca user to any particular human identity.
I think it isn’t the most useful spam reduction method as lemmy.ca and I’m assuming Pixelfed.ca federate with a block list rather than an allowlist. Bad actors can always run a new instance to bypas bans etc., even positioning the instances as valid moderated instances for a while before launching bot attacks.
I also think part of the joy of using a platform like lemmy is the pseudo-anonymous nature of the platform. That type of government identity verification begins to compromise that a bit, but maybe I have a more extreme view on the option of pseudo-anonymity being a paragon of the free internet.
Edit: Just to note I am not a lemmy.ca account, but I am a Canadian (which is in part why I picked sh.itjust.works, another Canadian owned instance)
Playing devil’s advocate: bots can be useful!
Think about the case where a bot fetches data (e.g . Weather, sports, stocks, etc) and publishes it regularly to a community. Or there is some task that can benefit from being automated such as an auto moderator.
It’s the malicious bots that are the most concerning.
- sincerely, not a bot
They would just come in via other federated instances. Bots haven’t really been a huge issue yet, but it’ll be a Fediverse wide one so we need a solution that would scale like that.
I’m also not keen on any sort of pii link to our users, even if it’s Canada post holding that data.
If we’re not selling user eyeballs or data, do we care if a user maps to a real person?
Bots haven’t really been a huge issue yet, but it’ll be a Fediverse wide one so we need a solution that would scale like that.
The current standard for Fediverse content moderation seems to be for each instance to manage its own content moderation policies, and each instance defederates / block those few instances that are particularly repulsive to them.
Taking content moderation as precedent for the issue of bot mitigation, the onus of mitigating bots will be on the instance admins, where known bot farms just get defederated.
I’m also not keen on any sort of pii link to our users, even if it’s Canada post holding that data.
A fair concern, but IMO needing something like this is inevitable. Maybe I’m just “early”, but I don’t think I’m wrong.
If the concern is ensuring each user can’t be linked to a specific set of PII, then an anonymous credential system like U-Prove could cryptographically guarantee that each account belongs to a unique real person, without revealing which real person it is.
(Many anonymous credential protocols, including U-Prove, come with ‘single-spend’ mechanisms that can be used to ensure one user can’t get two accounts.)
Basically, with anonymous credentials, you’d end up with two sets of data: One with whatever PII-linkable info Canada Post gave to Fedecan, and another containing the actual user accounts. But (provided users used Tor to prevent IP address correlation) it’d be cryptographically impossible to link the any of the first to any of the second.
They would just come in via other federated instances
True, but it would at least build a reputation of “1 lemmy.ca user = 1 real person”.
If we’re not selling user eyeballs or data, do we care if a user maps to a real person?
I’d say yes, we should care.
I’m not on lemmy to chat with bots; I want to know that when someone responds to me, that they’re a real person, and that if five people respond to me, they’re five different real people, even if I have no way of knowing who those real people are.
I also want people who see my posts to know there’s an IRL person behind them and that my account isn’t just one sockpuppet of many, though I don’t want them to know my IRL identity.
If I wanted to chat with bots I’d just generate an artificial group chat with a few ChatGPT or DeepSeek agents, lol.
Having pseudonymous identities is one of the reasons I prefer the reddit/threadiverse style of social media to Facebook/IG where alts are heavily discouraged.
I think a lot of people use alts. There are all kinds of scripts and tools and tutorials about how to manage them. If you dont see the need that’s fine for you.
The current standard for Fediverse content moderation seems to be for each instance to manage its own content moderation policies, and each instance defederates / block those few instances that are particularly repulsive to them.
Yeah pretty much
A fair concern, but IMO needing something like this is inevitable. Maybe I’m just “early”, but I don’t think I’m wrong.
I think it would be a major deterrent to new users. I do think it’s an interesting concept and would be an interesting experiment on a new instance. I suspect being only supported in Canada would just mean a low number of users though.
I also want people who see my posts to know there’s an IRL person behind them and that my account isn’t just one sockpuppet of many, though I don’t want them to know my IRL identity.
That’s reasonable, I’m just not sure that’s feasible on this platform. Lemmy is really designed to keep people anonymous. (I don’t even have a way to get a user ip address easily.) I also think that’s what the community has come to expect, so shifting that would get some pretty mixed responses.
In a way it feels like twitters verified feature, and that makes me wonder if it would work in mastodon
I do think it’s an interesting concept and would be an interesting experiment on a new instance.
I’m just not sure that’s feasible on this platform. Lemmy is really designed to keep people anonymous.
I was imagining that this kind of verification would be part of account registration. So it wouldn’t be like “you have two classes of user account, one has a checkmark or something”, but instead “you have one class of user account, and can’t log in unless you verify you’re a unique human”.
Which, yeah, would probably work better on a new instance, so people can choose “this is the server where having an account means I am a real person” vs “this is the server where I stay anonymous to everyone, including site admins”. An instance that mixed ‘unverified users’ and ‘verified users’ would probably just be hassle with no benefit.
If it was done on a designated instance, I don’t think anything would, at a technical level, prevent it from being done on any particular platform (eg. lemmy vs mastodon vs pixelfed). But I’ll concede that the design of Lemmy may make it the wrong platform for my proposal.
In a way it feels like twitters verified feature, and that makes me wonder if it would work in mastodon
I agree that it’s similar to Twitter’s verified feature.
But from what I’ve seen of Mastodon, Mastodon’s verification feature doesn’t work like Twitter’s - Mastodon just lets you put links on your profile and verify the link, but that’s just you proving to Mastodon that you control the domain name. Sort of like getting a TLS certificate from Let’s Encrypt, where you just prove to LE that you control the domain.
It’s not like a ‘verified’ status on the account as a whole.
So the way I imagine it, it’d work for Mastodon, but not by creating two classes of users - it’d just work by ensuring all users on the instance as a whole are verified.
What other platforms are Fedecan considering adding, and what sort of timeline do you guys have for your ‘next expansion’? I want to say there was a page that listed PeerTube, Friendica, Mastodon, etc. as potential ‘future expansions’, but I can’t find it anymore.
Maybe one of those could be the subject of an experiment like this (and if the experiment were successful, Fedecan could use it as a place for the community to hold votes on the direction of Fedecan, if you ever wanted to formally democratize any particular decision).
Friendica is the next one we’re looking at, but I haven’t done anything more than prelim research and securing a domain. I want to make sure pixelfed is running smoothly before adding more.
Mastodon feels well served already, there’s a plethora of instances.
I think it’s a great idea, if we can restrict participation to authenticated users.
