this post was submitted on 23 Jun 2023
9 points (84.6% liked)

Lemmy

12572 readers
2 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to [email protected].

founded 4 years ago
MODERATORS
 

Instances, of course, have some bot-mitigation tools which they can use to prevent signups, etc.

However, what’s stopping bots from pretending to be their own brand new instance, and publishing their votes/spam to other instances?

Couldn’t I just spin up a python script to barrage this post, for example, with upvotes?

EDIT: Thanks to @[email protected] ‘s answer, I am convinced that federation is NOT inherently susceptible, and effective mitigations can exist. Whether or not they’re implemented is a separate question, but I’m satisfied that it’s achievable. See my comment here: https://programming.dev/comment/313716

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 1 year ago (2 children)

Mastodon requires you to have a domain if I remember correctly. Maybe Lemmy has the same? Then it would cost some 10€ to get a new domain each time you get blocked.

[–] o_o 6 points 1 year ago

I see. So each instance in the “fediverse”, whether Kbin or Lemmy or Mastodon could have their own rules on what to allow. Those that allow too much and get spammed are likely to lose standing in the community and be defederated by other instances.

Requiring a domain and having a mechanism to block domains seems like a good approach to start with.

Thank you! That cleared it up for me.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

Subdomains work, and AFAIK you can't block a TLD, only the full domain. You could probably write a script to auto-block subdomains or something though.