Comment by probably_wrong
6 hours ago
> I think someone should start a community online where AI isnt allowed.
In case you haven't followed the saga, the latest[1] digg.com relaunch failed because they couldn't deal with the bot onslaught [2]. Whoever finds a reliable way to keep AI out of an online community first is likely to become a very rich person.
[1] Second-to-last, actually, seeing as there seems to be a new homepage right now.
[2] https://www.techspot.com/news/111698-digg-relaunch-fails-two...
I suspect real ways to keep AI out of a community, or really to have an online community at all, are going to be structurally incompatible with making anyone rich. The possibility of getting rich poisons the incentives.
Altman’s orb is as terrifying as it is because businesses might see it as a solution to a real problem—a problem he helped to create.
We've already got models that can handle it - eg web of trust. We don't want to use them.
Plus "AI" is a spectrum, with "the AI fixed a typo for me" at one end, and "the AI writes my posts for me" at the other.
Web of trust has been a miserable failure because of the GPG's horrible UX and high entry barrier. It's dead, Jim.
I think they were referring to invitation trees like lobste.rs.
> Whoever finds a reliable way to keep AI out of an online community first is likely to become a very rich person.
I believe it’s the opposite: You have to pay competent human moderators. Like here on HN.
Half the posts here are AI grifting.
That’s a pretty extraordinary claim. Do you have anything quantitative to back it up? HN has bots, I think that is a fair assumption, but half? How do you know that for sure?
3 replies →
> In case you haven't followed the saga, the latest[1] digg.com relaunch failed because they couldn't deal with the bot onslaught [2]
Given that they wrote their goodbye post using LLMs and gave up after such a short amount of time, I don't take that at face value the same way I don't believe AI layoffs
Perhaps requiring webauthn credential for any post/comment with a whitelist of permitted webauthn hardware devices which must have touch/interaction enabled.
I'd have to read the FIDO specs, however the only place I've seen webauthn hardware pinning in the wild is with Azure AD/Entra which is ostensibly based on token GUID. If this is the only enforcement mechanism available, it's spoofable.
FIDO tokens are designed to able (if authorized by the software, your web browser typically offers a pop-up where you can decline this) to prove their membership of a batch of tokens, but not their individual identity.
The Entra feature you thinking of lets somebody say "Only things which can prove they're in this list work". This could make sense if you, as their employer, issue every employee a custom DoodadCorp Doodad FIDO key and so you don't want somebody's Yubikey or off-brand generic device to work. It's stupid and you shouldn't do it in other scenarios, but your "this is how we detect humans" idea is arguably a scenario where that could make sense.
[Edited to add: This feature is called "Attestation"]
Doesn't actually work that well. Browsers hate this, the hardware isn't actually difficult for bots to access, and privacy story is bad. There are solutions being worked on.
Then you’ll end up with a forum of only bots because they’ll spoof it and real people won’t put up with the hassle.
This would result in hardware farms of such devices being automatically operated, like the existing iPhone farms used for similar purposes.
Pay per interaction model? 1 cent per post.
Probably the only solution. But the penny has been deprecated so it will have to be a nickel.
Only copper was deprecated. Real $0.01 absolutely exists in your bank etc.
Anyway, marketers see a popular site like a physical billboard, where they would pay thousands a month for their message to be seen by thousands of people. If you made it cost pennies to post, and a few more pennies to boost and astroturf, AND that the post would be seen by millions of people, they'd say "By Grabthar's hammer, what a bargain!!" and order a hundred more per day...
Isn’t the solution high-quality identity verification? There are piles of digital identity companies out there. They make money selling to banks for KYC compliance. Heck, there are background check as a service companies designed to add trust to gig economy platforms.
I used to think that a small payment could accomplish the same thing, but X selling blue check marks proved that doesn’t help much. Well, at least it’s a much weaker signal than the previous curated version.
The challenge is any barrier to entry high enough to discourage motivated spammers is also high enough to discourage casual users. That disrupts the network effects you’ve traditionally needed to bootstrap a social website.
If I was trying to get a new social site off the ground right now, I would try:
1) secure a good brand from the pre-AI era. Twitter, Digg, Friendster, MySpace. Something that motivates a first look.
2) Require third party identity verification on sign up, configured so the social site is never the custodian of PII, though require enough demographics to support high-value advertising later. Verification is free to the user, ideally provide multiple verification options- one US and one EU at minimum.
3) Target a few core communities and invest. Find the people who moderate historically great subreddits, were active in twitter communities during the good years, etc. get them in your platform. Maybe even pay them.
That should be enough to tell you if it’s going to work or not.
Age verification with facial ID? ;)
lobste.rs uses a web-of-trust referral system. I guess it still involves a moderator killing off bad nodes, but it seems to scale well
yeah but I can't post there because I don't know anyone with an account and frankly CBA traipsing around looking for someone who has an account.
does seem like more things will have to go this way though
+1, if anyone wants to help me I'd be honored. mail me at ramon(@)odeva(.)nl
Blizzard's Real ID system would fix all of this. It was ahead of it's time /s