Re: On The Safety of Publicly Open-Registration Solid Servers

po 2. 10. 2023 v 4:30 odesílatel Emelia Smith <emelia@brandedcode.com>
napsal:

> Given the talk of the hosted server for the solid community, I'd just like
> to point out that any server setup will & must have both CSAM and other
> illegal content filtering/scanning.
>
> Running an open-registration solid server without those is basically like
> running an open FTP server in many ways: anyone could be uploading anything
> to it, and the server operators do ultimately have legal responsibility for
> the content on their solid servers.
>
> What would perhaps be better is time & energy making it possible to spin
> up a quick development environments, which would be more ephemeral and less
> likely to be a target for abuse, as that'd be limited in abuse vectors.
>
> This comes to mind because I'm currently working on trust & safety and
> moderation tooling for the Fediverse, and CSAM has been a major talking
> point over recent months, especially as some bad actors have been
> deliberately flooding servers with CSAM (both real and computer generated),
> and violent gore content.
>
> Just asking for an email for sign up likely isn't enough... if the
> software you used supported S3 compatible storage, you might be able to use
> Cloudflare's CSAM scanning solution.
>
> But honestly, the better answer is disposable developer environments via
> an easily runnable local server, rather than public open-registration
> servers.
>
> The code running platforms like CodeSandbox, Glitch, and Repl.it all had
> similar issues where fraudsters and scammers used their free services for
> hosting scam websites to steal people's credentials & private information,
> and all have since implemented content scanning & filtering.
>

What about an invite only approach, similar to bluesky?

Or users with high reputations in a web of trust?

>
>
> Yours,
> Emelia
>