Mastodon, an alternative social network to Twitter, has a serious problem with child sexual abuse material according to researchers from Stanford University. In just two days, researchers found over 100 instances of known CSAM across over 325,000 posts on Mastodon. The researchers found hundreds of posts containing CSAM related hashtags and links pointing to CSAM trading and grooming of minors. One Mastodon server was even taken down for a period of time due to CSAM being posted. The researchers suggest that decentralized networks like Mastodon need to implement more robust moderation tools and reporting mechanisms to address the prevalence of CSAM.
If I’m running a tiny little single-user instance on a potato and my post goes to the mastodon.social federated feed, it would be impolite for them to direct 20,000 requests at my potato all at once. Instead, their servers grabs one copy and serves it to their users. If they’re set up for 20k eyeballs online at once, they’ve got capacity to serve them all the photo.
Mastodon has a configurable clean-up period for cached media so you don’t use infinite disk. That gives a bad actor an easy way to robustly host images for a couple days: post it, let it federate out, and then take your server down. Everyone else is now doing crimes for you, and cleaning it up is a reactive process by dozens of server admins.