wizzwizz4
@h3artbl33d @Gina Right, that's exactly my point. The Mastodon software conflates access to previous reports etc (mods need this nearly always) with access to IP and email address (only needed in rare edge-cases), and doesn't even log access to the user details page, so we have to Just Trust moderators with it all.
That's also bad for moderators. If someone exfiltrates user data, and the detective comes 'round and says "who had access to this data?", I (as a mod) do not want to be on that list.
h3artbl33d :openbsd: :ve:
A moderator should be able to view a users details and reports about them. Having no access to the (limited) user view has a real impact on judgement calls for a moderator.
A moderator can virew the uses details - like previous reports and their e-mail address. And their IP address, if not disabled by the server admin.
A moderator is not able to hijack access to DMs. Even an admin can't do that from the interface. It is possible, but requires access to the database and being able to run queries and/or exports there.
It always remains an issue of trust. Larger instances can't be run by a single person, so you'll have to trust the admins to pick the moderators wisely.
If you are not okay with that, you can always spin up your own instance. That gives you full control, but can also be a burden because of the responsibilities that come with it.
Gina
@wizzwizz4 "everything falling apart" is a bit hyperbolic. They're tired and deserve a break after years of thankless, hard work. We now have a server of +10k people - surely we can manage to take on some tasks together.
wizzwizz4
@Gina Mastodon moderation isn't set up so you can just delegate it.
The default moderator role: https://docs.joinmastodon.org/admin/roles/#default-moderator-role has the permission "Manage Users", which “Allows users to view other users’ details and perform moderation actions against them.”. Afaict, that access to sensitive data isn't audit-logged.
That kind of access is not something you can easily delegate, but it's a package deal with stuff moderators need.
etc etc. Mastodon is not designed properly, and makes this much harder.
wizzwizz4
@Gina … As much as I like this place, I actually hope they're serious about leaving. Moderation is a huge burden, especially if there's nobody to kick the hard cases up to; and they've been shouldering far too much for far long. (At the very least, they should both take a break.)
wizzwizz4
@Gina I'd actually be blaming them for taking on more than they could handle, except that this was their first time doing something like this, and there aren't really resources from which they could've learned that they were setting themselves up for failure.
Meanwhile, I saw the signs, thought "wow, they must be really hyper-competent to be able to deal with this!", and said nothing. I doubt I'm the only one who stood by while everything fell apart.
wizzwizz4
@Gina It'd be a huge amount of work. I've been investigating this for a few years, but I don't think the Mastodon software (as currently implemented) is particularly compatible with keeping moderators healthy and safe.
Gina
@wizzwizz4 let's first see what is necessary in terms of keeping the lights on, if @kev and @mike are serious about leaving (which I still hope they're not!)
Gina
Alright everyone on #fosstodon, LISTEN UP. @kev and @mike are (presumably) quitting. They've set up an amazing place and built it out into a real community.
Now the question is.. what do we do? I'd really like this server to keep existing. Is anyone interested in continuing Fosstodon with me? :fosstodon:
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.