The potential role of a 3rd servers to mediate between Beehaw and Lemmy.world
As this #RedditBlackout accelerates the Fediverse experiment, I feel the urge... the need... to chime in with my 2-cents.
My summary of the current lay of the land: Beehaw saw a wave of pornography spam and decided to shut Lemmy.world off and Defederate from this server. I'm too new to this community to fully understand the wants/needs of each individual server, but I've been around the internet long enough to recognize that porn-spam is an age-old trolling technique and will occur again in the future. Especially as small, boutique, hobbyist servers pop up and online drama/rivalries increase, online harassment campaigns (like coordinated porn spam attacks) are simply an inevitability.
Lemmy.world wants open registrations. Beehaw does not: Beehaw wants users to be verified before posting. This is normal: many old /r/subreddits would simply shadowban all 1-year old accounts and earlier... giving the illusion that everything is well for 5+ or 10+ year old accounts, but cut out on the vast majority of spam accounts with short lives. This works for Reddit where you have a huge number of long-lived accounts, but its still not a perfect technique: you can pay poor people in 3rd world countries to create accounts, post on them for a year, and the these now verified accounts can be paid for by spammers to invade various subreddits.
I digress. My main point is that many subreddits, and now Lemmy-instances/communities, want a "trusted user". Akin to the 1+-year-old account on Reddit. Its not a perfect solution by any means, but accounts that have some "weight" to them, that have passed even a crude time-based selection process, are far easier to manage for small moderation teams.
We don't have the benefit of time however, so how do we quickly build trust on the Fediverse? It seems impossible to solve this problem on lemmy.world and Beehaw.org alone. At least, not with our current toolset.
But lets add the 3rd server, which I'll hypothetically name "ImNotAnAsshole.net", or INAA.net for short.
INAA.net would be an instance that focuses on building a userbase that follows a large set of different instances recruiting needs. This has the following benefits.
Decentralization -- Beehaw.org is famously only run by 4 administrators on their spare time. They cannot verify hundreds of thousands of new users who appear due to #RedditBlackout. INAA.net would allow another team to focus on the verification problem.
Access to both lemmy.world and Beehaw.org with one login -- As long as INAA.net remains in the good graces of other servers (aka: assuming their user filtering model works), any user who registers on INAA.net will be able to access both lemmy.world and Beehaw.org with one login.
Custom Moderation tools -- INAA.net could add additional features independently of the core github.com/LemmyNet programming team and experiment. It is their own instance afterall.
Because of #2, users would be encouraged to join INAA.net, especially if they want access to Beehaw.org. Lemmy.world can remain how it is, low-moderation / less curated users and communities (which is a more appropriate staging grounds for #RedditBlackout refugees). Beehaw.org works with the INAA.net team on the proper rules for INAA.net to federate with Beehaw.org and everyone's happy.
Or is it? I am new to the Fediverse and have missed out on Mastodon.social drama. Hopefully older members of this community can chime in with where my logic has gone awry.
I actually thought about starting my own server with very strict user verification, but I don't really have hosting capacity other than a personal server with like... One 9 of uptime. Nor do I care to change that.
But I think there would be serious draw with a user base that was guaranteed to be a real person, like through phone or face picture verification. Not everyone would go for it because not everyone wants to trust a random with that kind of information, but it worked on some subreddits like /r/fatfire for guaranteed proof of wealth. Think of it like having a public Facebook or Twitter account. Nothing stops you from having a bunch of anonymous alts, but certain servers might only want people from that vetted list. I'd certainly do it. If someone else wants to physically host the server, I'd be happy to vet people. But who would trust me?
I'd say that phone/face verification is an overkill. Moreover, as you have already mentioned not everyone would go for it. Especially the kind of people who like Fediverse and open-source software in general will be more wary of such practices in general, I suppose. I'm not a fan of such practices myself because I care about privacy and the proposed tactic really reminds me of mainstream social media.
I think that so far the verification system works just alright. Being verified by a small text while signing up works. Using the same pseudonym and contributing to the community with quality content and decent comment history to build yourself a positive reputation also does.
The strictest I'd be willing to support is Lobste.rs model. Invite-only with tree-bans.
If Alice invites Bob, and Bob invites Charlie... when Alice is Tree-banned, then Bob-and-Charlie are both part of the ban (as well as everyone else Bob And Charlie invited).
That is: you're fighting the wrong battle with verification. People don't want real life identities in practice, what they want is bans that actually fucking work. When tree-bans ban your entire invite list, people pay attention and change their behavior.
I kind of like the idea behind that, but how do you even kick off a server like that? It would have to be a local community of people who knew each other in real life. Otherwise if some early user ends up being an asshole, suddenly a third of your instance is gone because he's a digital Genghis Khan in terms of prolific progeny.
Lobste.rs has a great model of invite-only tree-bans. If Alice invites Bob, and if Bob invites Charlie... all three of them would be banned if Alice were Tree-banned.
This provides us with multiple benefits.
Exponential growth -- Invites exponentially grow as the server becomes more popular.
Exponential moderation -- Instead of having to ban 100 people from a troublesome instance, a Tree ban allows one-moderation action to exponentially affect far more users. This cuts off the bulk off spam / troll / bot accounts. Now spammers / trolls / bots have to have recruitment campaigns that try to comingle "legitimate" users with their spam/troll, increasing their level of effort.
Rescue operations -- For the 'innocent' users who got banned from tree-bans, they can be rescued by reassigning them to a trusted sponsor after the tree-ban. Tree-bans aren't permanent, they're just entries in a database entry like everything else.
Curation of communities -- Slows down the community growth to help keep a tight feel, but not so much that spammers become hard to deal with.