this post was submitted on 23 Jun 2023
9 points (84.6% liked)

Lemmy

12572 readers
2 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to [email protected].

founded 4 years ago
MODERATORS
 

Instances, of course, have some bot-mitigation tools which they can use to prevent signups, etc.

However, what’s stopping bots from pretending to be their own brand new instance, and publishing their votes/spam to other instances?

Couldn’t I just spin up a python script to barrage this post, for example, with upvotes?

EDIT: Thanks to @[email protected] ‘s answer, I am convinced that federation is NOT inherently susceptible, and effective mitigations can exist. Whether or not they’re implemented is a separate question, but I’m satisfied that it’s achievable. See my comment here: https://programming.dev/comment/313716

you are viewing a single comment's thread
view the rest of the comments
[–] thepiggz 1 points 1 year ago (1 children)

It seems like you could so long as this instance federated with any other instance without implementing any type of whitelisting or vetting. I’m just guessing based off various things I’ve read.

[–] [email protected] 5 points 1 year ago

This is the how most instances operate at the moment. Some instances have an extensive blocklist, others have none or almost none. Whitelisting by default would be a bit antithetical to the idea of a federated social network, as any automated system for such a thing would still be able to be abused by the sort of person willing to set up a whole server just for spam or whatever and any manual system means you would probably end up with a bunch of small islands of federation and/or new instances being potentially unable to federate at all.