swicg / activitypub-trust-and-safety

ActivityPub Trust and Safety Taskforce
https://swicg.github.io/activitypub-trust-and-safety/
24 stars 0 forks source link

Proactive "Best Practices" recommendations for AP implementors #29

Open julianlam opened 1 day ago

julianlam commented 1 day ago

A best practices section in the first report would go a long way toward curbing problematic material from entering the fediverse. A proactive approach vs. reactive.

  1. @renchap from Mastodon suggests a dead-man switch that disabled new user registrations if no admins have logged in after a specified timeout.
  2. @julianlam (me!) from NodeBB suggests the use of a post queue to filter out spam waves from any new users with no posts. This is limited to smaller instances, as it requires human effort to scale.
renchap commented 1 day ago

Also do not default to open registrations for new servers, and inform the administrators that open registrations require significant and prompt moderation work

julianlam commented 1 day ago

Most spam centers not around getting their message seen, but rather to create backlinks to other websites.

A blanket noreferrer nofollow ugc value for rel works, but whether this stops spam is suspect (spammers don't tend to care if their spam doesn't work).

Preventing external links might be a natural next step.

ThisIsMissEm commented 1 day ago

@julianlam rel="ugc"? That's a thing?

ThisIsMissEm commented 1 day ago

From #31

Let's come up with some notes on general best practices for Trust & Safety that we can document in the initial report.

Some ideas:

julianlam commented 3 hours ago

@ThisIsMissEm it is, but how well it's understood by search engines is up for debate. Here's one documentation article that mentions it, but other references are far and few between.