this post was submitted on 21 Feb 2024
210 points (94.5% liked)

Technology

34828 readers
16 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.

Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.

Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
[email protected]
210
Spam attack on Twitter/X rival Mastodon highlights 'fediverse' vulnerabilities (techcrunch.com)
submitted 8 months ago by [email protected] to c/[email protected]
36 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 7 points 8 months ago* (last edited 8 months ago) (15 children)

email verification might slow *spam down, but manual approvals seems like the best option from having the best results out of the two. You could be more able to tell if someone is a spammer or even a ban evader potentially before they are approved to join the server.

[–] [email protected] -5 points 8 months ago (11 children)

I think the best solution are federating ip bans and maybe mass registration prevention.

The idea would be to note your ip in the account which then gets federated and if this ip registers a third account, it gets blocked. (Two might be a changing ip or a lost password)

[–] [email protected] 13 points 8 months ago (5 children)

IP bans are not very useful considering that almost nobody has a static IP these days.

CGNAT IP addresses change frequently and can be shared by over 100 users. I find it very annoying to have to connect to a VPN until my IP changes because someone else got the IP I'm using banned.

Browser fingerprinting would be a better way of detecting ban evaders.

[–] [email protected] 1 points 8 months ago (1 children)

browser fingerprinting is inherently bad for privacy and would require scripts that nobody wants to run

not to mention the GDPR issues with servers having that amount of data

[–] [email protected] 3 points 8 months ago (1 children)

I'm not a fan of fingerprinting either, although good luck avoiding it considering just how much of the web is behind Cloudflare.

[–] [email protected] 5 points 8 months ago (1 children)

the fediverse largely prides itself on no tracking, in fact in the past instances that used cloudflare have been harshly criticised.

This is against the fediverse's core values

[–] [email protected] 1 points 8 months ago

I've had my server behind Cloudflare this entire time. Should I not be doing that? At a minimum I need something to hide my server's real IP.

load more comments (3 replies)
load more comments (8 replies)
load more comments (11 replies)