Project

General

Profile

Actions

tickets #130189

closed

Weird content on paste.o.o

Added by TBro about 1 year ago. Updated 10 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Paste
Target version:
-
Start date:
2023-06-01
Due date:
% Done:

100%

Estimated time:

Description

Hi all,

today I found -pasting some stuff- that there is quite some weird shit going on including TOR-Links and Torrent links to material I'm not willing to click on - on paste.o.o
Plus some weird republican propaganda going wild.

See yourself: https://paste.opensuse.org/pastes

What todo about this? Maybe asking the legal team as well?

Do we need to put some login-barrier on paste.o.o (would be a shame) or at least ask the developers to implement some basic antispam features or moderation tool?

my 2 cents... open for discussion before $KeyboardWarrior sees those contents and shit hits the fan

Actions #1

Updated by crameleon about 1 year ago

  • Category set to Paste

I guess there will always be spam on a public service. How to deal with offensive spam is a good question - most anti-spam measures I can think of (captchas, rate limiting, ..) do have impact on the user experience, especially since the service is not only used in the browser, but using the command line susepaste script as well. Moderation would likely require a full time job. Hope someone else has better ideas.

Actions #2

Updated by hellcp about 1 year ago

Antispam is made more difficult by people expectedly posting machine logs on the service. There is some moderation implemented in the service, I was planning on adding flagging too, but didn't yet. I would be open to both contributions, ideas and also moderators to join in removing questionable content.

Actions #3

Updated by pjessen about 1 year ago

crameleon wrote:

I guess there will always be spam on a public service.

Yeah, I think that is a fact. I am only surprised it was never a problem before.

How to deal with offensive spam is a good question - most anti-spam measures I can think of (captchas, rate limiting, ..) do have impact on the user experience, especially since > the service is not only used in the browser, but using the command line susepaste script as well.

Let's check where the spams are coming from - hopefully they are coming via the website, in which case a captcha might help.

Actions #4

Updated by crameleon about 1 year ago

  • Priority changed from Urgent to High
  • Private changed from Yes to No

moderators to join in removing questionable content

Feel free to add me.

Actions #5

Updated by luc14n0 11 months ago

crameleon wrote:

moderators to join in removing questionable content

Feel free to add me.

Plus one here.

And this situation makes me wonder:
Should we implement some sort of Terms of Use?

That would make things clear for everybody, since it's a public service. And in
case drastic measures have to be taken against noncomplying parties, no one could
say: "But I didn't know that. Where does it state that?"

Any thoughts?

Actions #6

Updated by pjessen 11 months ago

luc14n0 wrote:

Any thoughts?

Overengineering ๐Ÿ˜€

Actions #7

Updated by luc14n0 11 months ago

pjessen wrote:

luc14n0 wrote:

Any thoughts?

Overengineering ๐Ÿ˜€

No, no. I think that would be called "overlawyering" ๐Ÿ˜›

I mean, [ahem] from one lawyer to another (me puts on his lawyer hat!) [cough] [cough].
Being paste.o.o the way it is, do we know whether would there be any
liability, or some sort of legal concern? I take pastebin.com as an example, and
its "Terms of Service" [1].

By the way, for the record, Jacรณb told me on the admin chat room that the same
terms used around openSUSE would apply to paste.o.o as well. So, if there's
a pre-cooked text somewhere, I'd be happy to send a PR adding a link in the
bottom of page.

  1. https://pastebin.com/doc_terms_of_service
Actions #8

Updated by pjessen 11 months ago

Thanks for that response, very nice, chuckle!
I feel quite certain we (i.e. SUSE) are responsible for whatever is published on paste.o.o. That seems only too easy to deduce from similar platforms, social media etc.
Hence, to avoid any trouble, we should do what we can to keep unrelated stuff away from paste.o.o - which is why we talked about having moderation.
Wearing my lawyer's cap - because paste.o.o is essentially dedicated to a single purpose, I don't see any problems arising out of kicking out unwanted stuff.
paste.o.o is not Twxtter or Z or Facebork. It should be quite clear what is and what isn't wanted, I can't imagine any moderator having much trouble determining that, unless perhaps if it is in a language he/she does not understand.
Having said all that - by all means, let's add a link to some T&C text, it certainly won't hurt.

Mind you - focusing on the real issue for a moment, what's the status of the moderation?

Actions #9

Updated by luc14n0 11 months ago

pjessen wrote:

Thanks for that response, very nice, chuckle!
I feel quite certain we (i.e. SUSE) are responsible for whatever is published on paste.o.o. That seems only too easy to deduce from similar platforms, social media etc.
Hence, to avoid any trouble, we should do what we can to keep unrelated stuff away from paste.o.o - which is why we talked about having moderation.
Wearing my lawyer's cap - because paste.o.o is essentially dedicated to a single purpose, I don't see any problems arising out of kicking out unwanted stuff.
paste.o.o is not Twxtter or Z or Facebork. It should be quite clear what is and what isn't wanted, I can't imagine any moderator having much trouble determining that, unless perhaps if it is in a language he/she does not understand.
Having said all that - by all means, let's add a link to some T&C text, it certainly won't hurt.

Yeah, I'm thinking of something like what Ubuntu's paste [1] does. That should dot our I's and cross our T's, clarifying things considerably for John/Jane Does using the service. My real concern is random people that doesn't share our assumptions, and somehow we end up in a tough spot, legally.

Mind you - focusing on the real issue for a moment, what's the status of the moderation?

Well, I did two mass deletions on this Saturday - 07/29/2023. There were:

  • Several pastes with very sketchy (Tor/ magnet) links with plenty of "tags" around, including child pornography;

  • Content related to my red book dot com (it looked like posts, and very disturbing comments from some sort of comments section);

  • Pastes selling stolen credit card information, and similar stuff.

Those were the most critical ones IMO. But there are several pastes with advertising waiting to get nuked.

  1. https://paste.ubuntu.com/
Actions #10

Updated by luc14n0 11 months ago

  • Status changed from New to In Progress
  • % Done changed from 0 to 50
Actions #11

Updated by pjessen 11 months ago

luc14n0 wrote:

My real concern is random people that doesn't share our assumptions, and somehow we end up in a tough spot, legally.

That is sort of what I meant when I said "overengineering".
The regular, legitimate user is not a problem, we don't need to do anything about him.

Mind you - focusing on the real issue for a moment, what's the status of the moderation?

Well, I did two mass deletions on this Saturday - 07/29/2023. There were:

  • Several pastes with very sketchy (Tor/ magnet) links with plenty of "tags" around, including child pornography;
  • Content related to my red book dot com (it looked like posts, and very disturbing comments from some sort of comments section);
  • Pastes selling stolen credit card information, and similar stuff.

Those were the most critical ones IMO. But there are several pastes with advertising waiting to get nuked.

Wow, I didn't know it was that bad.

Actions #12

Updated by luc14n0 10 months ago

  • Priority changed from High to Normal
  • % Done changed from 50 to 100

As of yesterday, August 27, I reached a milestone of deleting the most obvious questionable
content, or at least I think so, after many rounds of pastes deletion.

I'm marking the ticket as 100% done, but I'm not sure whether we should close it or keep it
open for discussion. Of course our job is not done, as from time to time someone will have
to take a look around.

P.S.: I still have unfinished business with paste-o-o, I haven't forgot.

Actions #13

Updated by crameleon 10 months ago

Thank you for the great work, @luc14n0!

I don't think we need to keep this ticket open. The pastes in concern have been deleted, and there will always be new ones, making it sort of a routine maintenance task instead of a one-off incident.

Actions #14

Updated by luc14n0 10 months ago

  • Status changed from In Progress to Resolved

Sure. I just didn't want to "sweep the discussion under the rug" >:~D

Actions

Also available in: Atom PDF