565
submitted 3 months ago* (last edited 3 months ago) by Buttflapper@lemmy.world to c/technology@lemmy.world

Social media platforms like Twitter and Reddit are increasingly infested with bots and fake accounts, leading to significant manipulation of public discourse. These bots don't just annoy users—they skew visibility through vote manipulation. Fake accounts and automated scripts systematically downvote posts opposing certain viewpoints, distorting the content that surfaces and amplifying specific agendas.

Before coming to Lemmy, I was systematically downvoted by bots on Reddit for completely normal comments that were relatively neutral and not controversial​ at all. Seemed to be no pattern in it... One time I commented that my favorite game was WoW, down voted -15 for no apparent reason.

For example, a bot on Twitter using an API call to GPT-4o ran out of funding and started posting their prompts and system information publicly.

https://www.dailydot.com/debug/chatgpt-bot-x-russian-campaign-meme/

Example shown here

Bots like these are probably in the tens or hundreds of thousands. They did a huge ban wave of bots on Reddit, and some major top level subreddits were quiet for days because of it. Unbelievable...

How do we even fix this issue or prevent it from affecting Lemmy??

you are viewing a single comment's thread
view the rest of the comments
[-] asap@lemmy.world 24 points 3 months ago

Add a requirement that every comment must perform a small CPU-costly proof-of-work. It's a negligible impact for an individual user, but a significant impact for a hosted bot creating a lot of comments.

Even better if you make the PoW performing some bitcoin hashes, because it can then benefit the Lemmy instance owner which can offset server costs.

[-] Eiri@lemmy.ca 31 points 3 months ago

Will that ruin my phone's battery?

Also what if I'm someone poor using an extremely basic smartphone to connect to the internet?

[-] finestnothing@lemmy.world 12 points 3 months ago

Only if you're commenting as much as a bot, probably wouldn't be any more power usage than opening up a poorly optimized website tbh

[-] nutsack@lemmy.world 5 points 3 months ago

my phone

poorly optimized website

rip

[-] nutsack@lemmy.world 1 points 3 months ago

my phone

poorly optimized website

rip

[-] KillingTimeItself@lemmy.dbzer0.com 1 points 3 months ago

it would only be generated the first time, and possible rerolls down the line.

Also what if I’m someone poor using an extremely basic smartphone to connect to the internet?

just wait, it's a little rough, but it's worth it. 10 hours overnight would be reasonable. Even longer is more so if you limit CPU usage. The idea is that creating one account takes like 10 minutes, but creating 1000 would simply take too much CPU time in order to be worth the time.

[-] explodicle@sh.itjust.works 8 points 3 months ago

At that point aren't we basically just charging people money to post? I don't want to pay to post.

[-] asap@lemmy.world 2 points 3 months ago

I'd actually prefer that. Micro transactions. Would certainly limit shitposts

[-] sunzu2@thebrainbin.org 4 points 3 months ago

shitposters are the bed rock of any healthy online community

[-] explodicle@sh.itjust.works 2 points 3 months ago

But that opens up a whole can of worms!

  • Will we use Hashcash? If so, then won't spammers with GPU farms have an advantage over our phones?

  • Will we use a cryptocurrency? If so, then which one? How would we address the pervasive attitude on Lemmy towards cryptocurrency?

[-] dan@upvote.au 7 points 3 months ago* (last edited 3 months ago)

How would this be enforceable, though? Part of the benefit of the Fediverse is that multiple different apps can communicate with each other (for example, you can see Lemmy posts on Mastodon). Even if Lemmy implements something like this, what's to stop someone from commenting using a different app that doesn't implement it?

I'm actually surprised we don't see more spam on ActivityPub-powered systems, since spammers don't even need to have an account with Lemmy, Mastodon, etc and could instead have their own ActivityPub server to send the spam. I guess they don't do that since the spam instance would be defederated pretty quickly.

[-] KillingTimeItself@lemmy.dbzer0.com 2 points 3 months ago* (last edited 3 months ago)

it would have to be fundamental to the platform, i believe a few platforms have something similar where this generates a unique "key" used to identify the user.

I think I2P does this?

[-] half_built_pyramids@lemmy.world 2 points 3 months ago

If the bots are already using gpt4 then a little crypto heat is essentially the same thing

[-] KillingTimeItself@lemmy.dbzer0.com 1 points 3 months ago

you'd still need to front it on the bot farm side though. Shit's still costly.

Regardless, if it's not enough, just make it more lmao.

[-] higgsboson@dubvee.org 7 points 3 months ago

That's a hard NO from me, dawg. If Lemmy goes down that path, I will just not comment. My account settings let me just block bots. I dont need my resources wasted so I can interact with the "good bots".

[-] asap@lemmy.world 7 points 3 months ago* (last edited 3 months ago)

How much resources are we talking about here? If it's 3% of your CPU usage for 2 seconds, you're really going to have an issue with that?

Whatever solution should be negligible for you, but costly for a botfarm.

Here's a live example, not exactly onerous: https://demo.mcaptcha.org/widget/?sitekey=pHy0AktWyOKuxZDzFfoaewncWecCHo23

(Obviously in Lemmy's case you wouldn't have the additional unecessary checkbox)

[-] higgsboson@dubvee.org 3 points 3 months ago* (last edited 3 months ago)

That's not what I consider negligible on my phone, which is already resource constrained. Yes, I have a problem with an app that intentionally wastes my valuable resources. I wouldn't care so much from my desktop, but I mostly just use a desktop client to do things I can't easily do on my mobile clients.

No big deal. It's not as if my participation is especially valuable. I would just participate less.

edit: my objection is obviously more in principal than it is practical, but it would hardly be the first time I walked away from software (or a network) on philosophical grounds.

[-] explodicle@sh.itjust.works 6 points 3 months ago

If we can't find a more practical solution, then is it really a "waste" of resources? Right now we're paying with much more expensive time and attention.

[-] nutsack@lemmy.world 0 points 3 months ago* (last edited 3 months ago)

that was pretty fast. i think if I was a bot sending prompts to an AI to generate posts, i probably wouldn't care about this amount of computation at all

[-] asap@lemmy.world 2 points 3 months ago

Must be strange to live in a world where you can't imagine that software could have configurable parameters, such that you could find something that's fine for a person posting individual comments and painful for a bot farm.

[-] nutsack@lemmy.world 3 points 3 months ago

15 seconds to generate a post from the prompt with ai, and 1/15 seconds for the hashcash challenge is supposed to inconvenience the bot wizards?

[-] asap@lemmy.world 3 points 3 months ago

If they're running their own LLM hardware, and their Lemmy spam posts are generating enough revenue to cover that, then I take it back, because that is impressive.

I guess we're fucked.

[-] ayyy@sh.itjust.works 1 points 3 months ago

It’s not always about profit, it’s also about controlling the narrative. The more expensive that is, the less the narrative can be controlled by money.

[-] KillingTimeItself@lemmy.dbzer0.com 1 points 3 months ago

it's a one time cost at creation of the account. Or at least that should be the idea.

[-] tree@lemmy.ml 5 points 3 months ago

There was discussion about implementing Hashcash for Lemmy: https://github.com/LemmyNet/lemmy/issues/3204

[-] asap@lemmy.world 5 points 3 months ago* (last edited 3 months ago)

It seems like a no-brainer for me. Limits bots and provides a small(?) income stream for the server owner.

This was linked on your page, which is quite cool: https://crypto-loot.org/captcha

[-] zzx@lemmy.world 6 points 3 months ago

It doesn't seem like a no brainer to me... In order to generate the spam AI comments in the first place, they have to use expensive compute to run the LLM.

[-] KillingTimeItself@lemmy.dbzer0.com 1 points 3 months ago

most of the time this "expensive" compute is just openAI

[-] nutsack@lemmy.world 6 points 3 months ago

what happens when the admin gets greedy and increases the amount of work that my shitty android phone is doing

[-] zaphod@sopuli.xyz 2 points 3 months ago

Hashcash isn't "cryptocurrency".

[-] explodicle@sh.itjust.works 1 points 3 months ago

Technically not, but spammers can already pay to outsource hashing more easily than desirable users can. So if we're relying on hashes anyways, then we might as well make it easy for desirable users to outsource too.

IMO that's why the inventor of Hashcash just develops Bitcoin today.

[-] nutsack@lemmy.world 2 points 3 months ago* (last edited 3 months ago)

I think the computation required to process the prompt they are processing is already comparable to a hashcash challenge

[-] TheKMAP@lemmynsfw.com 1 points 3 months ago

But that's on the LLM side not the bot side.

this post was submitted on 05 Sep 2024
565 points (96.2% liked)

Technology

60090 readers
2892 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS