Mutelists, Blacklists: What's the difference? + FAQ

in #hivewatchers7 months ago (edited)

There has been much confusion about the various lists available on Hive. This post is meant to answer some of your questions to that regard. Please feel free to ask more questions as you see fit.

Decentralized blacklists and mutelists

These are on-chain lists based on the 'follow' function, which allows you to interact by either choosing to view in prominence or to hide from view the posts of another account.

Any user can create a list or subscribe to an existing list that someone else created. When subscribed or created, the list will govern which accounts the user will not see. This is currently widely used for phishing accounts.

  • List is for limiting interaction with accounts on it
  • Users and projects are able to create a coherent list of undesirable accounts (in their opinion)
  • Subscribers can limit what they themselves can see and keep their experienced focused
  • Lists mainly affect the frontend user experience
  • Lists do not have any effect on reward distribution

Spaminator blacklist

The Spaminator blacklist is for accounts that are involved in exploitation on Hive. This is usually directly related to the exploitation of the reward pool. The Spaminator bot works off a ledger of account names, the on-chain interactions of which it logs into its database as it streams the blockchain.

  • A hands-off bot written in Python
  • 76955 accounts on it right now
  • 1012 different account groups (grouped for classification purposes) of which many are different botnets
  • Very, very few users on it are unique individuals; most are exploitation accounts
  • No appeal timer, prompt removal is possible
  • No maximum amount of strikes for unique individuals

Only active accounts are logged and are given a warning downvote. Where they are a unique individual, they will come and reply in some way. The unique individuals are usually victims of hacking/phishing or of other scams against them. They are warned through the bot and are helped to recover.

Hivewatchers Banlist

What is commonly referred to as the 'Hivewatchers blacklist' is actually a 'banlist'. We are not sure on how this name originally came about as we inherited the project and it's list but that's its official name.

Hivewatchers is focused on fraud. Fraud can be defined as ID theft/deception, plagiarism (of all types), and generally fraudulent activities of various types.

  • Not part of Spaminator
  • Used to educate users and give them a chance to be removed
  • Only for unique individual accounts
  • Not used for botnets unless the botnet is based on deception
  • Has a timer that gets activated for removal after an appeal starts
  • A maximum two strikes and no more appeals are possible for unique individuals

Mutelist vs Spaminator vs Hivewatchers

Because of the words 'list' and 'blacklist' there are many points of confusion around their differences and similarities.

Stored centrallyMutelistSpaminatorHivewatchers
Stored centrally in databaseNoYesYes
Created by specific entityYesYesYes
Limits interactionYesNoNo
Frontend-focusedYesNoYes
Mandatory for usersNoNoNo
Automatically restores rewardsNoYesNo
Downvotes to warnNoYesYes
Upvotes to warnNoNoNo
Scope is set by defaultNoYesYes
Hides postYesNoNo
Is a hands-off botNoYesBoth
Is a featureYesNoNo
On-chain controlsYesNoYes

Outdated Terminology: 'Spam'

The word 'Spam' is being phased out because of several issues:

  • Too overused, vague and unclear
  • Commonly used to mislabel and thus downgrade major threats such as phishing that require urgency
  • Is often found attributed to everything irrespective of scope by users
  • Is used to label low-effort content, shorter content, content that is disliked by the user, content in languages that don't always properly display, etc.

The most predominant issue is phishing. When phishing becomes mislabeled as spam, the person being warned to either seek help recovering their account or to not click on a malicious link does not understand the severity of the matter. All phishing should always be referred to as 'phishing'.

The word 'spam' is actively being removed from Hivewatchers comments and we are currently in transition to that regard.

Hive.Blog Mutelist

This list is used for phishing/hacked accounts predominantly, with a few accounts spreading malware thrown in. It is a great list to follow by default and is also replicated in the Plenty of Phish repository, on Spaminator and several other places. Once an account is recovered and is safe, it is removed from the list.

This is one example of a Mutelist being used effectively and for a concrete purpose that warrants subscription and benefits all users irrespective of their beliefs, outlook, or anything else. It is strongly recommended that everyone takes all possible measures to prevent supporting hackers or falling prey to them.

image.png

FAQ

So why can't Spaminator just use a decentralized list? I still don't understand.
Spaminator is a bot and needs its data in a local ledger (on its servers) to function. It was made to purely read the chain (it streams the blocks) and constantly querying on-chain lists would put a huge load on the endpoints quite unnecessarily. Additionally, it has about 76k account on it, many of which are massive botnets and not individual users. They are listed in their respective categories and managed through our servers. Adding them to one massive on-chain list is just not practical.

Will there be a Hivewatchers decentralized on-chain Mutelist or Blacklist?
Yes. The Hivewatchers list is quite short in comparison to Spaminator and is meant to focus on fraud, as we already discussed. We'll have an announcement to that regard. We will likely end up with two lists on Hivewatchers; one for accounts that are permanently on and one for those that have a chance to appeal or are appealing.

Do you recommend I follow the Hivewatchers list and set my account to automatically downvote everything on it?
We ask that you keep yourself safe. Some of the accounts we deal with belong to individuals who are extremely dangerous, are known for targeted harassment, death threats, stalking, doxxing, and other similar activities. Use your personal discretion.

Are all accounts granted appeals?
No. ID thieves, exploitation ring operators, hackers/phishers, or systemic repeat fraudsters are not granted further consideration. There is a limit to our 'revolving door'. Repeatedly having the same accounts mislead the community in their appeals is damaging to Hive.

My account is both on Hivewatchers and Spaminator. Why?
In cases where there is fraud coupled with exploitation of the blockchain and its reward mechanism, the account may fit both scopes. If the account is part of a botnet or an organized ring, then it will likely be on both.

Is short-form content allowed on Hive?
All content is treated the same way: It should be at least 50% original to have some value and anything taken from the internet should be clearly cited. Short-form content doesn't mean that suddenly there is free reign to copy/paste other people's work and make money off it. It is never acceptable to steal from others for personal profit.

I tried to use the on-chain Mutelist/Blacklist feature and I discovered bugs or issues. What do I do?
The decentralized list feature is still being developed. Please submit your bugs/issues to https://gitlab.syncad.com/hive/condenser

Should I report hacking/phishing, even if it's not on chain but still related to the Hive ecosystem in general?
Yes. Please contact @guiltyparties and outline what happened. Even if your dapp got hacked please advise.

I hate Hivewatchers and Spaminator and want to disrupt all activities, so I'm upvoting everything Spaminator downvotes.
If you've decided that scammers should be rewarded, we ask you to still please ensure that you are not supporting those who hack and phish other people's accounts. Just reach out to @guiltyparties on Openhive.chat or Discord and I'll set you up with the appropriate lists to exclude from your 'curation'. It's not an all or nothing deal. If you are supporting phishing you will be treated the same as the hackers themselves.

Sort:  

It may be worth making my appearance here in the comments since we are on topic..

My only purpose is to maintain a mute list of hacked users. Feel free to follow it.
Top 40 witnesses and whitelisted users can add users to my mute list through the !HACKED command.

I also automatically add/remove accounts mirroring @spaminator and @guiltyparties's black lists and I automatically mute hacked accounts in all communities that make me moderator, but that's still not 100% working due to a bug in Hivemind.

Service offered by @keys-defender

A couple of months ago I subscribed to another accounts mute/blacklists and bizarrely I lost every single person I was following. I unsubscribed and they were still all gone. Kinda put me off that feature. I hope its fixed now

Congratulations @hivewatchers! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :

You made more than 11000 comments.
Your next target is to reach 12000 comments.

You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

Check out the last post from @hivebuzz:

Hive Tour Update - Decentralized blacklists and Mutes lists
Support the HiveBuzz project. Vote for our proposal!

Hello, I am writing to you because I need you to consider my opportunity to opt for an appeal, since I consider it unfair on your part that for a publication where apparently you have doubts about it, such as plagiarism, they suspend my entire blog, if you verify all the content that I have published Up to the present date they are completely my authorship, the invitation is open to you to review each of my publications and read them completely so that you can verify your doubts. In addition to that I emphasize that the content they consider has been plagiarism, it is the opinion regarding a movie, it should be noted that it is almost impossible to make an opinion different from other sources when talking about the same story, there may be similarity but that is not it means that it is plagiarism. I appreciate you take my opinion into account in this comment and evaluate my situation as soon as possible. and THAT I HAVE TRIED TO COMMUNICATE WITH YOU THROUGH DISCORD AND I HAVE NO ACCESS.