Welcome to another busy week, with the FediForum conference, Mastodon 4.2 update, new safety tools, and more. Let's dive right in:

FediForum

The update on FediForum got big enough to be it's own post, which you can read here:

https://fediversereport.com/fediforum-september-2023/

Mastodon 4.2

Mastodon has officially launched the 4.2 update. With this update come a variety of highly anticipated features, such as opt-in search and a better onboarding experience. Here is the official blog post by Mastodon announcing the update. It has gotten a fair bit of media attention as well, with articles by The Verge and TechCrunch. Both focus on how Mastodon has gotten easier to use with this new update, via the onboarding process, but also via better interaction if you open a Mastodon post on a server that is not your own home server.

Mastodon has been focused on getting consent from people for being included into search. This is inherent in a decentralised platform; you cannot make any assumptions about other people who run their own server, as they are completely free to have their own preferences. This is not without drawbacks however, as searching tools become more valuable when they cover a larger percentage of the network. Mastodon CEO Eugen Rochko indicated that 14k people have opted into search so far, after that the search patch has been available for over two weeks on the biggest server, mastodon.social. This makes it less than 5% of active users that have opted into search after two weeks. Other fediverse software projects are following the design of Mastodon when it comes to opt-in search: Firefish recently moved to the same opt-in structure, and now Pixelfed has annouced to do so as well.

The 4.2 update comes with other great features as well. A personal favourite of mine in this update is the new option of exclusive lists. You can now set an account to be 'exclusive', and posts by accounts on this list do not show up in your home feed anymore, and you only see them while you're looking at this list. I use this to add bots such as the mastodonusercount bot and the Alt Text Health bot to an exclusive lists. They are interesting bots with information that I want to know, but do not need to clutter up my home feed. Now, I can keep track of the information the bots send out, and only see it when I want to.

Fedi-safety

Recently, Lemmy has experienced multiple attacks where people weaponised Child Sexual Abuse Material (CSAM), as I've written about here. By uploading CSAM to Lemmy communities, they expose the admins of Lemmy servers to significant liability, as well as hurting both the actual victims as well as the people who see the images.

One of the practical problems that admins face here is that automated scanning of images is possible, but locked behind large providers such as Cloudflare. For a small server admin it is not feasible to meet all the regulatory requirements to be able to partake in such automated scanning. Beyond that, people are hesitant to use Cloudflare in the first place, as it does mean that all your content gets scanned by a large tech company. One part of the things these scanning tools do is compare images that get uploaded Lemmy for example against a dataset of known CSAM. As such, access to these tools is often highly restrictive

@db0, who also created the AI Horde, used the knowledge he build up there to create a tool called Fedi-safety. This tool allows admins to scan their database for CSAM. Instead of comparing against an actual dataset of CSAM, it instead uses the abilities provided by generative AI tools to determine if an image contains both sexual content as well as depictions of children. @db0 has a more detailed explanation here. In the description of the Fediverse Safety tool, he explains that "this tool will have a lot false positives". False positives means in this case the tool will classify an image as CSAM when it is not. Considering the costs that come with having false negatives (an CSAM image does not get classified as CSAM), this might be a worthwhile tradeoff for admins.

Now, @db0 created the another update, which is integration of the fedi-safety tool directly into Lemmy. Once it is installed, the scanning of images now happen when a user tries to upload an image. When the scanner thinks the image is unsafe, the image cannot be uploaded and spread around the network at all. As with the fedi-safety tool, it comes with the price of false positives. One thing that does stand out about it is that the scanning of images can be completely self-hosted on your own GPU. People can be hesitant about sending images to third party scanners. With this tool, the scanning can be done by the same server admin who you are already entrusting your image to. Another aspect that people worry about is if their content is used to train an AI. The fedi-safety tool does not do that, as it is completely locally run, and immediately deletes images after scanning.

FediGov

FediGov is an campaign that is started by the Free Software Foundation Europe, with the goal of convincing public authorities to rethink their use of social media. The initiative hopes to convince more governments to use the fediverse, suggesting that they use Mastodon, PeerTube and Pixelfed instead. They list four main reasons why governments should do so: sovereignty, privacy, the use of public funds, and legal certainty. These arguments are noticeably similar to the arguments that the Dutch and Swiss governments recently gave when they introduced their own Mastodon servers this summer. Especially the arguments around sovereignty and privacy were explicitly mentioned as core reasons for the Dutch and Swiss governments to start their Mastodon pilots, indicating that this is indeed strong arguments for the FSFE to focus on.

The links

• IFTAS is offering funding for personal digital safety services to fediverse moderators.
• An excellent guide by WeDistribute on how to connect your WordPress blog to the fediverse.
• Kbin has restricted federation to only other Kbin and Lemmy servers. Admin Ernest cites "recent spam campaigns, untested features, and the lack possibility of quick fixes on the new infrastructure" as the reasons.
• Talking about Kbin, @reiver documents his experiences as a new Kbin admin here.
• Flipboard is working on full federation. This is fairly exciting news, and something I'm sure that will be revisited soon.
• Renaud Chaput is now officially the CTO of Mastodon.
• MissKey, not to be outdone by Mastodon's major 4.2 update, has a major update as well. The patch notes are only available in Japanese, here, further reinforcing the concept that MissKey is primarily for the Japanese side of the fediverse.
• Lemmy is starting with a bi-weekly development update. The first version is here.
• Evan Prodromou posted some comments about the SWICG rechartering process. This week saw another meeting of the SWICG as well about this. I could not make it, and have not gotten around diving into this. Expect an update on this next week.

Final note

On a final note: last week I promised an update on the situation with The Bad Space. After spending quite some time on it, and realising I still had not a full overview of the entire situation, I don't think I am in a situation where I can give a fair and balanced overview of the situation. The situation cannot be seen independent of both a historical context, as well as a larger analysis of block lists in general. This is not something I can provide at this time. Thank you for your understanding.

That's all for this week, thanks for reading! If you want to receive this update every Sunday directly in your mailbox, subscribe below!