Social media platforms like Twitter and Reddit are increasingly infested with bots and fake accounts, leading to significant manipulation of public discourse. These bots don’t just annoy users—they skew visibility through vote manipulation. Fake accounts and automated scripts systematically downvote posts opposing certain viewpoints, distorting the content that surfaces and amplifying specific agendas.

Before coming to Lemmy, I was systematically downvoted by bots on Reddit for completely normal comments that were relatively neutral and not controversial​ at all. Seemed to be no pattern in it… One time I commented that my favorite game was WoW, down voted -15 for no apparent reason.

For example, a bot on Twitter using an API call to GPT-4o ran out of funding and started posting their prompts and system information publicly.

https://www.dailydot.com/debug/chatgpt-bot-x-russian-campaign-meme/

Example shown here

Bots like these are probably in the tens or hundreds of thousands. They did a huge ban wave of bots on Reddit, and some major top level subreddits were quiet for days because of it. Unbelievable…

How do we even fix this issue or prevent it from affecting Lemmy??

  • asap@lemmy.world
    link
    fedilink
    English
    arrow-up
    31
    arrow-down
    6
    ·
    3 months ago

    Add a requirement that every comment must perform a small CPU-costly proof-of-work. It’s a negligible impact for an individual user, but a significant impact for a hosted bot creating a lot of comments.

    Even better if you make the PoW performing some bitcoin hashes, because it can then benefit the Lemmy instance owner which can offset server costs.

    • Eiri@lemmy.ca
      link
      fedilink
      English
      arrow-up
      30
      ·
      3 months ago

      Will that ruin my phone’s battery?

      Also what if I’m someone poor using an extremely basic smartphone to connect to the internet?

      • finestnothing@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        3 months ago

        Only if you’re commenting as much as a bot, probably wouldn’t be any more power usage than opening up a poorly optimized website tbh

      • KillingTimeItself@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 months ago

        it would only be generated the first time, and possible rerolls down the line.

        Also what if I’m someone poor using an extremely basic smartphone to connect to the internet?

        just wait, it’s a little rough, but it’s worth it. 10 hours overnight would be reasonable. Even longer is more so if you limit CPU usage. The idea is that creating one account takes like 10 minutes, but creating 1000 would simply take too much CPU time in order to be worth the time.

      • asap@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        3
        ·
        3 months ago

        I’d actually prefer that. Micro transactions. Would certainly limit shitposts

        • explodicle@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          2
          ·
          3 months ago

          But that opens up a whole can of worms!

          • Will we use Hashcash? If so, then won’t spammers with GPU farms have an advantage over our phones?

          • Will we use a cryptocurrency? If so, then which one? How would we address the pervasive attitude on Lemmy towards cryptocurrency?

    • dan@upvote.au
      link
      fedilink
      English
      arrow-up
      6
      ·
      edit-2
      3 months ago

      How would this be enforceable, though? Part of the benefit of the Fediverse is that multiple different apps can communicate with each other (for example, you can see Lemmy posts on Mastodon). Even if Lemmy implements something like this, what’s to stop someone from commenting using a different app that doesn’t implement it?

      I’m actually surprised we don’t see more spam on ActivityPub-powered systems, since spammers don’t even need to have an account with Lemmy, Mastodon, etc and could instead have their own ActivityPub server to send the spam. I guess they don’t do that since the spam instance would be defederated pretty quickly.

      • KillingTimeItself@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        3 months ago

        it would have to be fundamental to the platform, i believe a few platforms have something similar where this generates a unique “key” used to identify the user.

        I think I2P does this?

        • zzx@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          3 months ago

          It doesn’t seem like a no brainer to me… In order to generate the spam AI comments in the first place, they have to use expensive compute to run the LLM.

        • nutsack@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          3 months ago

          what happens when the admin gets greedy and increases the amount of work that my shitty android phone is doing

          • explodicle@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            3 months ago

            Technically not, but spammers can already pay to outsource hashing more easily than desirable users can. So if we’re relying on hashes anyways, then we might as well make it easy for desirable users to outsource too.

            IMO that’s why the inventor of Hashcash just develops Bitcoin today.

    • nutsack@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      3 months ago

      I think the computation required to process the prompt they are processing is already comparable to a hashcash challenge