I have recently uncovered a user who seems to be opening temporary accounts at QOTO, blocking all the moderators so we dont see their posts and then posting high offensive material (nazi imagery, transphobic and hateful derogatory content, etc) and then proceeding to announce to block list moderators and possibly on the #Fediblock list in general in an attempt to get us banned.
The issue of users being able to block moderators and do **exactly** this is something I have brought up to @Gargron before probably over a year ago but he has never acted on fixing this issue and does not see it as needing fixing from what I could gather (he can interject here if he would like).
It is something we as moderators are powerless to detect or act against unless someone actually reports the content first, that is the only way we will even see it. Thankfully none of the block lists have actually acted on this and no damage to QOTO has been done. But seeing as this may continue I want to make others aware of the problem, press Gargron to fix the issue once more, and also encourage **anyone** who sees such content on QOTO to please report it so we can act on it.
I can not personally confirm this but according to the block-list operator they seem to have reason to think it is @snow behind the attacks. This would be in line with the behaviors from snow I have witnessed in the past.
For the attempt by snow to spam and falsely accuse instances see here:
https://likeable.space/notice/A21ux0IbhoDJIkNxzc
For more information see these attempted block requests on QOTO that were made in this fashion:
https://schlomp.space/FediBlock/data/pulls/255/files
https://schlomp.space/FediBlock/data/pulls/248
(Note: originally posted from @freemo account. Repasted here to show up in QOTO announcements as well)
🇳🇱
Its false for 2 reasons..
1) **you** are the one who created those accounts and posted it
2) you made no attempt to actually report the account so moderators could even be aware of it and remove it, largerly because that wasnt your intent. You tried to get us blocked instead.
Sure does, a user can literally spam all the most vile hateful or even ilelgal things they want all day and as long as the moderators are blocked, and especially if they post unlisted and only to likeminded people so no one would ever likely report them we would never hear about it.
Some user could come months later and see months and months of such posts and assume (understandably so) that our server condones such behavior. Thankfully none of that has gotten that far yet. But it has come come close a few times where I have found quite old accounts that had us blocked for months with some horrific content that I never saw and never got a report on.
Just to note:
I did in fact see Michelle's post within two hours of it appearing, and suspended the account the next day after securing moderator consensus. I don't know if the other mods were blocked and I (the junior mod here at QOTO) escaped notice, or if I was simply the first to look at it. QOTO mods see [this discussion](https://qoto.org/web/statuses/105359847175216540) for details. The other account referenced in that convo was [@p0l6rb36r](https://qoto.org/admin/accounts/256176).
I think I also saw and ignored Nikon's post since I recognised the clip as a fairly common meme that doesn't really indicate support for Naziism. The problem is, even if a mod isn't blocked, how many want to watch yet another stupid resubtitled Downfall video? So videos where the thumbnail looks innocuous won't get any scrutiny (and in fact, that's what happened here - not a single person bothered to watch the video and report it). But when taking screenshots to report, dishonest actors can pick more offensive frames.
I recommend rolling back the IP blocks. Both michelle and nikon used the site via Tor and I don't think cutting off Tor users in general is a good idea. On the other hand, if you do want to block Tor, only blocking those two addresses is ineffective. The email blocks (both 10minutemail domains) look good though.
TL;DR: Blocking mods doesn't really seem to have been the problem in this case.
the ip blocks are **not** on the user ips themselves, and i agree we do not generally engage in IP blocks and certainly wouldnt do so on Tor intentionally.
The IP blocks you are seeing were because when i blocked the email domains (which were coming from 10minutemail but obscured) i told it to also block the ips associated with the MX entries for that email. so its actually ip blocks for the email side. If those wind up blocking the ability to use the site from Tor more generally then I would agree on rolling back the IP blocks.
as for the blocking mods issue, all I know is when i blocked nikon just recently I could not see their post directly when i went to their profile and could only see it when i searched for it through the domain interfact. That combined with the fact that it was their only post seemed worth of a block and ultimately why the blocking of moderators seemed to be part of the problem.
Michelle account had already been blocked, as you said, so i could not confirm if they too had blocked me or not. I do know at the time when I agreed with your decision I was looking at it through the admin interface as well and didnt think to even check if i was personally blocked at the time.
Mastodon's implementation of blocks is bad. Very, very bad. It's an attempt to emulate Twitter's block "logic", which is also bad.
On almost any other platform/protocol that came before modern social media, Alice blocking Bob means that Alice does not see anything Bob posts, and DMs/whispers from Bob either get silently dropped or rejected with a message. Bob is "blocked" from communicating with Alice.
Twitter and Mastodon (try to) also enforce the inverse; Alice blocking Bob also means Bob cannot see anything Alice posts. To some, this sounds fair and reasonable. The problem is, it can only ever be enforced on a website that requires an account to view content. And Twitter's entire business model is a global public conversation that anybody can tap into and participate in. 80% of visitors are lurkers, lurkers share by pasting links to other platforms. This is incompatible with requiring registration to view content.
But Mastodon is free! It's open! It's run by you! It's by the people! It's for the people! Why on Earth would you want/need to emulate those evil bastards at hellsite dot com?
Because of market pressure. As it turns out, Mastodon's target market, people who were too toxic for twitter, routinely used the blocker-is-invisible-to-blockee logic as a weapon on twitter. Obviously, they expected their full toolkit to be available on Mastodon. But Mastodon is decentralized; you can only reliably perform this sort of restriction on the blocker's server. that's it. that's a very small part of the fediverse.
What's the solution? Understand that this is gaslighting literally everyone involved. It also gives a false sense of security, which I feel is important to mention, because these features are almost always forced upon us for reasons of health and safety.
Imagine relying on an antifeature of blocking that can ve defeated by logging out and actually fooling the moderation for a while. 🤣
What's next for Mastodon? Fact-checker disclaimers for user posts containing information declared mostly false by snopes?
You dont even need to log out, just go to the server directly rather than viewing it through your local account client.. literally just need to go to their feed directly. I do it all the time and its more of an annoyance than any sort of security
@snow That’s a bug, and it’s not the same issue. This is about seeing posts of someone who blocked you.
Oops, I misread it, after I block my sock account, and the sock account is still can read my post..
This thread is so entertaining, I think that’s the problem of posting nazis characters in artworks could trigger tastytea… 
But all I have to say is:
STOP ONLINE BULLYING NAZI CHARACTERS!!!
They are cute!!! :ablobmeltsoblove: :ablobhearteyes:
Correct, I complained the same thing to the pleroma development term already.
This is so brain dead.
Can you copy your post to here and let them to know?
https://git.pleroma.social/pleroma/pleroma/-/issues
I should able to view all the post even the person blocked me.
The way I solve this is have read only sock accounts in big instances, can no one know my name on there.
@QOTO @Gargron @arteteco @Sphinx @khird @freemo
🌿 
:ignucius:
@r000t
I don't see much logic behind blocking people on a public platform, with the exception of targetted bullying
@freemo
This was his response.
I called a guy a guy after said guy spent literally months telling bald-faced lies about me for months straight, btw. That was my big crime.
Threatening an autistic person with violence is OK tho.
But again that was mostly aimed at people who were viewing my other post anyway; it's getting shared a lot for some reason. I wanted people to know what Eugene's stance was on violeng rhetoric. Given that's a big topic recently.
Join Mastodon has yet to respond to my request for follow up comment. Also attached.
@QOTO @Gargron @arteteco @Sphinx @khird
I'd say clients allowing remote follow of users and even servers allows people to bypass this.
I don't really agree that Mastodon targets people too toxic for twitter. Ive found in my Fedi travels that it is significantly less toxic.
It is an interesting game problem: if I don't want people harassing me, I want to be able to prevent their account from following me. this eliminates the opportunistic harassers, but not someone determined, particularly on a distributed network. But it does allow people to engage in bad behavior in other ways. But it does seem to be a problem with open registrations.
Maybe as an admin, a smart thing to do is to run a local block bot that kicks anyone that blocks an admin of their own server.
@QOTO @Gargron @arteteco @Sphinx @khird @freemo
The solution is to add phone number verification and extreme logging...
#RoadToTwitter #NeverCensor
@QOTO @Gargron @arteteco @Sphinx @khird @freemo
𝚜𝚎𝚕𝚎𝚊 
@r000t @QOTO @Gargron @arteteco @Sphinx @khird @freemo
There are use-cases where the inverse logic is appealing, e.g. wanting to participate but not show posts to an abusive ex. What seems to be the natural compromise is (1) Alice blocking Bob prevents Bob from sending messages or replies to Alice, and (2) if Alice is private (only approved logged-in users can see her posts), Bob is blocked from seeing her content. GNU rooot makes a good point that if the content is public, there is no point in blocking any logged in user from seeing it. Note that (2) doesn't require any additional action because (1) prevents Alice from even seeing Bob's request to see Alice's content.
There are important use cases for private groups beyond the abusive ex. In my area (economics), public discussion is immediately attacked by trolls and poorly educated partisans. Having a private, restricted conversation is often necessary for having a good conversation.
And perhaps needless to say, it should be possible for a Mastodon instance to prevent blocking mods. What is beautiful about Mastodon is that if I don't like an instance's policies, I can move to another instance or start my own. This structure allows absolute free speech while allowing individuals to avoid speech they want to avoid through instance policies. Blocking moderators prevents enforcement of instance policies, so undermines the value of Mastodon.
It's not spam, the pic 1+2 looks quite cute! 3+4 is meme.
"falsely accuse"? Where is falsely accuse? the receipts is on there openly, where is "falsely"? Although the admin of #fediblock is brain dead.
@Gargron @arteteco @Sphinx @khird @freemo