Comment on Many new members post and delete their accounts
LifeInMultipleChoice@lemmy.world 17 hours ago/discussion I wonder how one could help mitigate any of it. Let’s say we looked at piefed. From what I have have seen published by instances is that the IP from a user is recorded for 12 months from registration, and all IPs a user logs in from are recorded for 90 days. That would mean cross referencing logs may be possible to catch multiple accounts logging in fron the same location but I would assume (maybe without understanding) since many users I discuss things with use a VPN throughout much of their usage the VPN companies would have severe overlap in what IPs are being used during login/registration over time. This would cause issues trying to recognize patterns. Like say I wrote a script that told an account to log into a VPN sever, login to an account in a database, make a post/comments, then log out of them at account, out of the VPN, into another VPN sever, into another account and continue on doing so the IP would keep changing. Is there any way you could really verify it is the same user without putting in extensive tracking of users. Aka you could try to track browser uniqueness would make the bots more catchable but you are also the tracking the user base more, making it have even less privacy. The bot could then add something to alter browser settings used to obscure the uniqueness between logins, but really in the end what would the upsides be compared to the downsides. Ultimately it may create a constant heightened security that ends with all users being very non-anonymous across the platforms and still have bots just changing one more setting
noretus@crazypeople.online 14 hours ago
IP logging is only relevant if an user sticks to one instance. I (transparently) swapped from Sopuli to this one (because I like the domain name) and realized that it really doesn’t take a lot of effort to make an account on any instance one comes across. I looked at the ones that pop up in the All feed and I think like one of them had a requirement to link an pre-existing social media profile. Everything else was at most “tell us a little about yourself” which is a pretty insignificant hurdle. And ultimately, as you point out, there’s always VPNs. Which I suspect are actually even more popular than average on Lemmy as I think people here are inclined to be more techy. I also suspect increasing tracking would kinda go against the appeal of Lemmy in general. Furthermore, it may create the issue where the efforts to prevent malicious users makes the service more unappealing to regular users but doesn’t actually really prevent even slightly organized troll campaigns.
My opinion is that they should do away with voting entirely for one measure. It’s low-effort engagement that has been one of the biggest problems in modern social media. If something is worth engaging with, ACTUALLY ENGAGE WITH IT. Comment, share your thoughts. Ask questions. Instance admins would still of course have to deal with malicious accounts but they’re easier to spot when they can’t just subtly manipulate content by votes. I know they can see who voted and how on any given post but that’s a few clicks away and they’d have to be somehow prompted to actually take a look. And then they’d have to investigate every account and try to figure out if they are actually legitimate users or malicious. Unless the user is in their instance, they can’t even see their votes on other posts directly. They’d have to coordinate with the user’s instance admin which I wouldn’t put a lot of faith in. Significant effort for a job that’s already pretty thankless. However, if the only engagement people can do is actually posting, that becomes easier. You can see user’s post history and 0-effort trolls stand out quickly. They also already should have rate limiting, which prevents users from creating new posts unnaturally fast (I imagine this is stricter on posts than votes).
It’s not that much of a problem YET, I don’t think. I browse by All - New because I use Opt-out protocol (blocking communities I’m not interested in) as opposed to Opt-in (Subbing, though I do sub to what I really care about). I’m not sure how many others do this but Lemmy moves slowly enough for this to be viable and it mostly neutralizes vote-manipulation for me personally. While I would like to see Lemmy gain traction, it would also mean my system would start breaking down, making sorting by active more appealing - which would bring back the issue of vote manipulation.