Follow

FediBlock needs your help! 

We are a small team compiling the instance blocklist at rathersafe.space/fediblock and we all don't have unlimited resources.
If you're passionate about keeping the a safe space reply to this post and tell us why you are motivated to join the team.

FediBlock needs your help! 

@fediblock Wouldn't be the blocklist being hosted for example on codeberg.org @codeberg be a solution easier to mantain as a community?

FediBlock needs your help! 

@linos @codeberg The list is not really the problem. We have a forum category for topics on each blocklist candidate and each topic contains a poll where we vote whether to block. We are 3 people and currently we need 3 votes to block. If we are more people we wouldn't have to wait for everybody to be online and react sooner. E.g. if we are 10 people it could be enough if 5 people voted to block as long as there is no vote against blocking.

FediBlock needs your help! 

@fediblock

How can we integrate a blocklist into our instances? Will there be something other than a list? Perhaps a process that we can run and or offer the list as a DNS blocklist or instructions on using your CSV?

re: FediBlock needs your help! 

@emacsen For now the CSV file only works for individuals (and even then for some reasons it doesn't seem to work).
With the Mastodon fork it is possible to import and export instance blocklists as an instance admin, but standart Mastodon doesn't have that feature (yet).

I'm not sure how a DNS blocklist would work.

re: FediBlock needs your help! 

@fediblock

DNS blocklists are the standard way that mail server blocks work. When a mail is sent from one server to another and the sender is new, the receiver makes a DNS request to a known DNS blocklist server making a DNS query for the IP of the sender and or the hostname of the sender. Based on the result, the mail is accepted or not.

The benefit is that DNS queries are cheap and highly cachable. It also alleviates issues of versioning your DB.

...

re: FediBlock needs your help! 

@fediblock

How might this integrate? Well that's a bit harder but you'd still need some software to do the DNS query. But it would mean less updating on the instance end.

re: FediBlock needs your help! 

@fediblock

Another benefit of DNS blocklists is that right now your list is something users must poll. You want new listing up ASAP.

You also want to reduce your own need to push updates, etc.

With a constructed blocklist, you can essentially generate a zonefile that you push up to some DNS server. That DNS server can be running your standard BIND.

And it's very hard to DDOS DNS. It's super lightweight and cached.

re: FediBlock needs your help! 

@emacsen Sounds cool, but also complicated. If someone is willing to set that up and it's not harder for us, we can use that system.

re: FediBlock needs your help! 

@fediblock

It's not especially complicated. It's how email blocking has been done since the 1990s.

As for the client, it wouldn't be hard to write. I don't remember much Ruby but I suspect it would basically be that the Mastodon server would create a new instance of Resov with the specified DNS server, then make queries and act accordingly.

As for the zonefile, etc. I haven't done it before but bet we could prototype as a weekend project.

DM me.

re: FediBlock needs your help! 

@fediblock @emacsen I'd be interested in implementing blocklist polling into funkwhale but I'd rather avoid having to use DNS for this. I'd favour a rest api for this.

re: FediBlock needs your help! 

@gcrkrause @fediblock @emacsen I could try to provide a DNS blocklist, maybe.
About the REST API, a single text file works wayyy better.

re: FediBlock needs your help! 

@semisol @fediblock @emacsen a REST API delivers a document and if it works better or not depends on the use case.

re: FediBlock needs your help! 

@gcrkrause @fediblock @emacsen A simple text file fetched every so often would suffice for a blocklist.

re: FediBlock needs your help! 

@semisol @fediblock @emacsen if its machine reable and contains the required information, yes. If you want to update a CSV or json file by hand I'd use it. Have fun :)

re: FediBlock needs your help! 

@semisol @gcrkrause @fediblock

Let's get a bit serious for a moment.

The most important thing is that none of the AP implementations I know of have any kind of mechanism to do blocking other than through some kind of manual/semi-manual process, so all of that is moot.

As for how it's delivered, if the number of entries is small and static, sure a text file fetched every day is fine, but I don't think that's really going to be good enough for long.

Third...

re: FediBlock needs your help! 

@semisol @gcrkrause @fediblock

Thirdly, I already wrote something that takes a CSV file and delivers it to a DNS server or serves the data as REST. I wrote it on Sunday.

I just need to write a README and throw it up online.

Let's summarize:

1. The code's done already (at least to prototype)
2. Static stuff is fine until the problem gets serious
3. None of it matters unless there's work done on the AP server end to support it.

re: FediBlock needs your help! 

@emacsen @semisol @fediblock I already offered to work on an implementation for Funkwhale. But it doesn't make sense to work on a implementation I don't agree with and one important fact is that the blocklist needs to deliver a reason, why an instance is on this list, so instance owners can review and manage this. Nobody wants to pull in some central defined filters without the tools to control this.

re: FediBlock needs your help! 

@gcrkrause @semisol @fediblock

There are three answers to this (yes I like the number three).

1. The code I wrote already can support different causes for being blocked- eg. harassment vs misconfiguration

2. This is a matter of trust. Do you trust the Oracle you're subscribe to. But this is how email has worked for billions of people for ~30 years.

3. You don't need to block messages, you can quarantine or review, or ask multiple Oracles

re: FediBlock needs your help! 

@emacsen @semisol @fediblock I'd say the email system and especially how blocking works and how centralized power is, is pretty much broken since like 10 years.

Beside this I think we more or less agree in our points of view: If a reason is provided and we built the implementations in a way which support subscribing to several blocklists, its going to be fine. But we should agree on a format, first.

re: FediBlock needs your help! 

@emacsen @semisol @fediblock I think this also explains why I don't think static stuff would work, but in the end as a consumer I don't care. I just think its more sustainable to automate the generation of the consumable file as much as possible.

For your first point, great stuff, great work! Do you have the sources somewhere already?

re: FediBlock needs your help! 

@gcrkrause @semisol @fediblock

The source, I need to write the README. It just woke up and it's 5am, but I'll write it later today when my eyes aren't blurry. :)

re: FediBlock needs your help! 

@emacsen @semisol @fediblock No hurry, good morning and have a good start in the day :)

FediBlock needs your help! 

@fediblock I’d love to help. Passionate about both safe spaces and the federated social networking protocols. I’d love to contribute something positive.

FediBlock needs your help! 

@fediblock I see scalable moderation as one of the most important problems to solve on the Fediverse. I created a thread to track various efforts based on web of trust but also see blocklists underpinned by due process as a viable solution. Maintainer of the #Ecko fork mentioned elsewhere in this thread.

It's very important to me that the future of social media prioritizes human beings over the technology. Efforts like this I see as important progress toward that goal.

Let me know what I can do to help.

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!