Gregory's ServerSo what is going on? Recently mastodon.social (m.s) has been the target of crypto spam attacks. Attackers have joined m.s and started to post many irrelevant crypto related posts. Moderators on m.s have tracked down these bad actors and isolated them, but some sneak through while the moderation effort tracks them down. It has been dealt with pretty swiftly.
|
29 comments
 @Gargron People point to the issue of "too big to defederate" as a reason that large instances like m.s are a bad thing. The logic goes that if bad actors are left unchecked then other instances can not simple defederate m.s because that would block too many other accounts. It is certainly true that it is not really possible to defederate a very large instance so large instances have a big responsibility to police themselves. @Gargron Smaller instances always have the threat of defederation as motivation for doing a good job of moderating their users, but bad actors piling on a smaller instance happens too as we have seen in numerous attacks. Simply defederating that instance without any means of re-federation would disenfranchise all those users, so that's another issue that needs our attention. @mastodonmigration @Gargron My impression is that the risk of being on a smaller instance is that it is more likely to stop being supported at some point and then you have to go through the effort of switching to another instance. Even though this isn't supposed to take much effort, it is still an effort with some ramifications. @DiamondHeighter @mastodonmigration @Gargron That's what happened to me. I was able to import my follows but I lost my content and had to start from scratch. @lydialurch @DiamondHeighter @mastodonmigration thatโs why Iโm currently setting up a little instance of one. Itโs like five bucks a month and moderation will be easy ๐ A Mastodon account has often been compared with email. So having your own little instance is like setting up your own mailbox under your own domain instead of signing up for one of those โfreeโ accounts. With one of the Mastodon hosting services, itโs fairly easy. @nellie_m @lydialurch @DiamondHeighter @mastodonmigration This sounds like a good solution. What service are you doing that through? Are new instances automatically federated? @AshleyMarineP @lydialurch @DiamondHeighter @mastodonmigration I found an open spot at Weingรคrtnerโs. Thereโs also Masto.host and a few others. Have a look at https://growyourown.services - thatโs a good starting point. (and as always, big shout out to @feditips for all the tireless work on helping us newbies ๐) @lydialurch @DiamondHeighter @mastodonmigration @Gargron same. The Fediverse didnโt stick for me the first time around and when I was ready to give it another try a few years later my instance (and account) was gone   @mastodonmigration @Gargron I can recommend https://mstdn.social & https://masto.ai since @stux / @stux@masto.ai does moderate them quite well and doesn't do much of #defederation outside the obviously irredeemable hatespeech instances... @kkarhan @TFFPrisoner @mastodonmigration @Gargron @stux @stux@masto.ai ?!!??? Doesn't ring any bells to me... @ech @TFFPrisoner @mastodonmigration @Gargron well, if you don't like the rules of an instance, do #SelfHosting. Jist be aware that instances and users can still block one anytime for any reason. Just like #eMail. Also I'd like to see some sources since that completely goes against the experience I have with @stux @stux@masto.ai ... @mastodonmigration @Gargron @globalpilgrim @Gargron You can open an account on another instance and keep your current account. You can look at https://joinmastodon.org/servers for some information on various instances. A good way to get a feel for an instance is to look at their /explore page (eg. https://universeodon.com/explore), which shows you what posts are currently popular among members of that instance. Happy hunting.  @mastodonmigration How can I verify or disprove this allegation? I saw no boosts or replies to the toot. Thx @Gargron @kevindalley @Gargron Full statement: Hello everyone! Weโve seen a large number of spam direct posts from mastodon.social. We have temporarily limited federation with them. Apologies for the inconvenience, we plan to reassess/reenable full federation tomorrow if the issue is resolved. https://sfba.social/@announcements/110368103560944346 ... We are using โlimitedโ federation. This setting means that we only receive and process events for people who are followed by our users...  @mastodonmigration @Gargron  @mastodonmigration @Gargron There is another argument. Every time a spam wave comes from mastodon.social, they cause reports on smaller instances and the admins of these smaller instances have to deal with those reports, which costs time and energy. That's not something normal users see, but we admins have to deal with. This extra work is caused my mastodon.social. It happened 3 times in less than 10 days. @jwildeboer @Gargron That is because they hackers are currently targeting mastodon.social. The next attack could be against another instance. Would the extra work then be caused by that instance. No. In both cases it is caused by the hackers. What they want to do is to get us blaming each other, when it is the invader that is at blame. @mastodonmigration @Gargron The hackers don't care about the Blame Game. They try to use loopholes and social engineering to get their stuff sent, is all. Making the fediverse and specifically mastodon more resilient and less attractive as a target โ that IS our task. @mastodonmigration @Gargron Changing the default in Mastodon to "DMs only from people I follow" would already stop many attacks and, IMHO, would also meet expectations of users. The last few spam waves used that loophole โ that anyone can send DMs to anyone by default.  @jwildeboer @mastodonmigration @Gargron I completely agree and I do not like that itโs so open I have a bigger problem with puritanical idealists with a large ego thinking they can just slide into my DMโs and basically harass me to insist I stop using Twitch just because they have some political disagreements with Twitch. Or when Iโve had other idealists annoy me in DMโs because they didnโt like a hashtag I used. We should have comtrol over DMโs period  @mastodonmigration /cc @jwildeboer |
Also happening recently, Eugen Rochko @Gargron, the developer of Mastodon changed the sign up process, ostensibly to make it simpler, such that people now are funneled onto mastodon.social (m.s) unless they select a different instance. This has been the source of some concern that m.s will be oversubscribed and be vulnerable to hacker attacks, as well as performance issues. Some regard the concentration at m.s as anti-Fediverse in principle.
3/
#moderation
Also happening recently, Eugen Rochko @Gargron, the developer of Mastodon changed the sign up process, ostensibly to make it simpler, such that people now are funneled onto mastodon.social (m.s) unless they select a different instance. This has been the source of some concern that m.s will be oversubscribed and be vulnerable to hacker attacks, as well as performance issues. Some regard the concentration at m.s as anti-Fediverse in principle.