After a year online the free speech-focused instance ‘Burggit’ is shutting down. Among other motivations, the admins point to grievances with the Lemmy software as one of the main reasons for shutting down the instance. In a first post asking about migrating to Sharkey, one of the admins states:
This Lemmy instance is much harder to maintain due to the fact that I can’t tell what images get uploaded here, which means anyone can use this as a free image host for illegal shit, and the fact that there’s no user list that I can easily see. Moderation tools are nonexistent on here. It also eats up storage like crazy due to the fact that it rapidly caches images from scraped URLs and the few remaining instances that we still federate with. The software is downright frustrating to work with, and It feels less rewarding overall putting effort into this instance because it feels like we’re so isolated.
A few weeks later, in the post announcing that Burggit was shutting down, another admin says the same:
The amount of hoops that burger has to go to in order to bring you this site is ridiculous. To give you an idea of how bad this software is, there’s no easy way to check all the images uploaded to the site (such as through private messages). When the obvious concern of potential illegal imagery is brought up to lemmy devs, they shrug and say to plug in an expensive AI image checker to scan for illegal imagery. That response genuinely has me thinking that this is by design, and they want it to be like this. We can’t even easily look at the list of registered users without looking through the DB, absolute insanity.
The other thing is there’s no real way to manage storage properly in Lemmy, the storage caches every image ever uploaded to any instance forever.
Also the software is constantly breaking.
They also say that Kbin has many of the same problems, so I’m just curious to know if the admins of bigger Lemmy & Kbin instances feel the same way about these software.
I was not handling it fine, it was generally chaotic, and in the Matrix chats I remember it being chaotic, for both attacks. Luckily by the second one we had db0’s tooling to help a bit more, but there still many of us who were exposed to the images. We lost a lot of instances during those two attacks from admins who justifiably didn’t want to take on the risk.
I completely understand how crazy it was, but the lack of response from you guys was disheartening, it really did make me wonder if I should continue hosting or if I should bail out. Ultimately, I decided to stay obviously, but had to do some hard extra steps, like reducing privacy and registering with the feds for CSAM.
So like I said, I’m torn. I respect you guys for everything you do, but that was a moment where all other development should have stopped to immediately address a real problem, and while you think a roundtable would have just been feel good, I think we could have kept a lot of instances online if it had been done. Assurances that yes, new changes are coming, and official suggestions like “Here are the endpoints to delete the images”, or nominating db0 or someone as the person in charge of the outbreak. It was honestly a scary time, and for us owners who accept a lot of risk, for many of them it was too much.
Anyway, I have a habitual case of foot in mouth disease, so it was immediately after posting that comment that I heard about 0.19.4, and immediately felt stupid. I tried it last night but I kept getting timeout errors and something about “Could not get user’s /inbox” or something, I’ll try 0.19.5 today. Thank you for bringing additional mod tools, they’ve been hugely needed. I know they’re not glamorous to make, but they keep the communities healthy and strong.
Edit: 0.19.5 also failed. I wrote up a github bug on it, until then I unfortunately have to stay on 0.19.3 https://github.com/LemmyNet/lemmy/issues/4850
The entire time after the Reddit migration was extremely chaotic. I dont remember when exactly the CSAM attacks happened, but around that time we were already very exhausted from all the urgent work we had to do on scaling, patching security vulnerabilities and fixing countless bugs. I also dont remember receiving any requests from admins to help out with this. So if you notice something similar in the future, feel free to message me directly. Anyway we are only two people working full-time on Lemmy, and have lots of different tasks to take care of. So it gets very difficult to give everything the attention it deserves, and to prioritize things correctly.
I honestly think you peeps need to somehow invest in your communication strategy somehow. Such communication breakdowns is/was causing schisms in the lemmy community which is an extreme shame as that’s in turn driving away the same potential contributors that would help the software improve faster to cover these same points. I would argue that saying things like “we’re still in beta, come back in 2 years if you can’t handle the heat” is not doing you any favours. I know you are technically correct, but there’s no reason to phrase it like that, yanno? Not everyone interprets such statements the same way and for non-ASD/ADHD people, this can parse very hostile and confrontational, even if you honestly didn’t mean it to be read like that.
Apologies in advance for the unsolicited advice, but have you considered reaching our for some community outreach person to join your team? Such positions won’t necessarily fill themselves and you need to ask for it. But at this point I think it might significantly help the lemmy project avoid such drama.
Nice suggestion
How else would you say this? And who do you suggest reaching out to? Keep in mind that it would have to be a volunteer position as we dont have the funds to pay for it.
You could have volunteers working on the communication aspect. That doesn’t have to be a paid position.
I’ll let db0 suggest a better phrasing for the “we’re still in beta” part
Sure but its not so easy to find volunteers. Would you or db0 be willing to do this?
I feel like people already see me around a lot, I would avoid being “overexposed” if that makes sense.
Maybe someone with less activity on Lemmy would be better for that job?
At the end of the day, it’s mostly to discuss with you guys how to present things to the audience, and being more present when issues like the CSAM issues arise, potentially even switching priorities to convey the message to the community that this issue was serious and that you were aware of it.
Again, I’m not saying you guys didn’t do anything, but as always, it’s mostly on how to communicate in a situation rather than having a look at what was done or not.
If I had the skills and the time, I would. But I’m an AuDHD tech-nerd, and vastly unsuited and unsuitable for such a role. The point is not to ask the specific people making this suggestion as a gotcha, it’s to recognize there’s a problem area which might be solved with another volunteer with the right skillset and take the steps to find one. To put it another way, you are already painfully cognizant that lemmy needs some DB attention. There’s no point in asking people who bring up performance issues if they can do the necessary DB work, but there is a point in making an open call for people with DB optimization expertise. Does this make sense?
Having another volunteer also means more work for us, as we need to communicate with this person regularly. It also means that we maintainers get more removed from the users, and wont be able to talk with them directly anymore. And in my experience, volunteers are very motivated in the beginning, but most of them get bored or busy after a while and then you need to find someone new again. Not really worth the hassle in this case.
Also the database issues mentioned in this thread may simply be from lack of ram.
Yes I understand that. I meant making an open call for volunteers on that aspect. Note that I’m in the same boat with my own FOSS project where it’s not always easy to find the volunteers, but at least I don’t have the same pressures as you face on this area. Not saying this is going to be an easy fulfillment, but it can be perhaps something to pursue.
Note that I’m AuDHD, so I’m not the best person to actually do these things. It’s because I know my limitations that I have compensated by learning to notice these pitfalls in communication. I would also need someone to help me in the same situation as you.
Nevertheless, If I were to speculate, I wouldn’t even go in that direction. From what I’ve seen, most people who know what they’re doing in this aspect will just say something like “we acknowledge the issue and we’ll do what we can to handle it asap” or whatever, just so people don’t feel left in the cold, you know? Again, don’t take what examples I write as the exact practice as it’s not my area of expertise. I’m just (badly) parroting what I saw work better.
Its easy to say this now, more than half a year later. But youre ignoring that we were completely overworked and exhausted back then. That said Im taking your feedback into account and will hopefuly to handle it better in the future.
I was around when a user when the CSAM attacks happened. That was crazy stuff, sorry you admins had to go through it.