Email or username:

Password:

Forgot your password?
Eugen's posts Post Back to profile
Top-level
Huggenknubbel :apache:

@moanos_foss yes dezentralisation prevent spam. we saw that with emails.
oh... wait...
@gargron

4 May 2023 at 13:42 | Wall-to-wall | Open on social.tchncs.de
16 comments
moanos [foss edition]

@Hughenknubbel @Gargron Depends. It's easy to block one server (when it is not "to big to block"). And problems never affect the whole network.

4 May 2023 at 13:44 | Open on lediver.se
SolSoCoG

@moanos_foss @Hughenknubbel so you would just block an instance that is targeted by spam abusers? :schmusekadser:

4 May 2023 at 13:47 | Open on ieji.de
moanos [foss edition]

@SolSoCoG @Hughenknubbel Yes until they solved the issue.

We (lediver.se) also limit mastodon.social for the time being. But a smaller instance would make less problems

4 May 2023 at 13:49 | Open on lediver.se
nhan
Yonle
@moanos_foss That's just gonna make your users having hard time to communicate with his friend at that blocked instance.
4 May 2023 at 14:10 | Open on fedi.lecturify.net
nhan

@moanos_foss @Hughenknubbel @Gargron how about when it is "to big to block"? And why can't they spam the whole network? Obtaining a list of accounts as they're doing now and just... spam like email?

4 May 2023 at 13:49 | Open on mastodon.social
Huggenknubbel :apache:

@moanos_foss there must be only one Docker Container Script, that setting up Mastodon instances automatically with random users while sleeping and federating some time and you will have the same problems. @gargron

4 May 2023 at 13:55 | Open on social.tchncs.de
moanos [foss edition]

@Hughenknubbel Nope, you need domains to do that, they are at least somewhat expensive (you can block a root domain and all subdomains)

4 May 2023 at 13:57 | Open on lediver.se
Huggenknubbel :apache:

@moanos_foss i think, there are easy ways to "buy" a domain with an API.

4 May 2023 at 14:01 | Open on social.tchncs.de
moanos [foss edition]

@Hughenknubbel Bu you still have to pay it. And I guess domain registrars also have anti-spam measures (as they also have to deal with the outfall). So while not bullet-proof it's much better.

4 May 2023 at 14:03 | Open on lediver.se
Pauliehedron ✅ :donor:

@moanos_foss @Hughenknubbel

My stolen credit card number this past weekend had 8 transactions (over an hour) on it before the fraud detect at the bank took action. Average transaction was $20 USD.

Funding is not a problem for a determined mal-actor.

4 May 2023 at 14:12 | Open on infosec.exchange
Baloo Uriza

@Hughenknubbel Email didn't have as effective antiabuse measures, and what did get implemented tended to be terrible (like reject on DNSBL).

4 May 2023 at 13:50 | Open on social.tulsa.ok.us
Huggenknubbel :apache:

@BalooUriza nothing prevent spammers to setting up thousend of micro instances.

4 May 2023 at 13:58 | Open on social.tchncs.de
Baloo Uriza

@Hughenknubbel There isn't, no, but, that's easily relatively easily mitigated since it's harder to set that up across multiple ASNs. But it does avoid the "overcrowded, undermoderated" problem large instances tend to have.

4 May 2023 at 14:00 | Open on social.tulsa.ok.us
DELETED

@Hughenknubbel @moanos_foss @Gargron decentralization doesn't prevent spam as an only step. but it's certainly a valid approach along with other mitigations. one big juicy centralized target vs many different smaller ones that can intervene at their interface

4 May 2023 at 13:56 | Open on techhub.social
METADESTROYER !! (He/Him)

@Hughenknubbel @moanos_foss @Gargron weirdly bad faith reply given that the domain of the email world has been completely overtaken by large instances

4 May 2023 at 14:28 | Open on masto.ai
Go Up