Since the beginning of the recent spam attack https://mastodon.social/@Gargron/111953045633249137, I have been monitoring Masto.host and, when possible, taking action to mitigate the effects of this attack.
All actions I made should have minimal impact. Still, in cases where that was not so I have communicated those actions to the admins. So, if you have not received my email, no action was taken on your server.
Today, I noticed that some accounts started to send spam even on instances that changed the registration mode to require manual validation. This was because the accounts were created when registrations were open but never sent a message, so they were not identified as problematic.
To find all accounts that may still exist in a similar situation, I will run a script on all instances that should suspend accounts from this attack even if they have not sent any message. This script was tested on several cases, thousands of accounts, and no false positives were found. Once that is done, you can check the moderation action log to see if any accounts on your server were suspended.
To do so a restart be required that will cause around 30 seconds of downtime.
@mastohost fantastic work. Although my tiny instance is probably not likely to be affected, I really appreciate your proactive communication! Thank you for going above and beyond for all of our instances!
@fribygda@mastohost In the context of the perceived threat, and with the proactive communication to affected instances, and the changes being tested on the scale of thousands of accounts and with the ability to quickly revert the suspensions - no, I think it would be difficult to interpret these actions as a breach of trust. If there had been any issues, I’m sure that assistance would be provided to any admins who needed to revert the change en masse for their instance.
But those admins chose to subject themselves to the threat. They did not choose for Masto.host to run this dangerous script on their servers which can affect real people. It doesn't matter that they didn't find an issue with the script, we should still be the ones to decide if it runs.
When Masto.host makes themselves into a policeman who can just barge in like this and take over our servers without consent - how can we feel safe that our servers are being respected?
This all feels extremely uncomfortable from my point of view. My trust has certainly been shaken by the fact that Masto.host won't ask for my consent before they do such a thing to my server.
To me, it's a pandoras box, opening the question of when and will they decide to run other such severe scripts on my server completely without asking if it's okay?
I am informing admins of this action, I am not destroying any data and admins can see what was done and remove the suspension if they don't like it. If they decide to do that, the accounts will be reverted to the state they were before running this script.
But how do you know if the admins even see your message?
That's one important reason for why you need consent, not just so that they can for whatever reason say no, but so that you have confirmation they even know it happened.
Wait for them to respond and agree. That's what I suggest. It's not really your problem to begin with, it's the server admin's problem. The demarcation line of responsibility, and thereby privacy and soverreignty, must start somewhere.
I'm not even most worried about this situation, but about the precedent for server break-in that it sets.
@fribygda I didn't think that waiting for them one by one to reply or not reply and having accounts on my servers continue to send spam would be the best solution.
Sending spam is not only a usage that I don't want on my infrastructure but it is in fact my problem because if one of my IP gets blocked, multiple instances are affected. It's exactly the same reason your email provider doesn't allow you to send spam and will block your account for doing so.
@fribygda Regarding this being a precedent, it is not. In the past, whenever I identified an account on my infrastructure that was clearly and obviously spamming the network, that account was suspended and the admin informed.
The fact that you have a history of going into servers to enforce your own moderation rules is appalling and only shows that the problem of provider policing is more severe and that you don't respect your clients on an important point.
@fribygda what you call policing and enforcing my own moderation rules, other people call great work to stop the spam attack that is happening. One could even say that having the tools to do so and not doing it would be appalling and not respecting my clients.
@mastohost Okay, but how do you define a spam attack? And are spam attacks the only thing you'll enter our servers to automatically moderate?
What I experience is someone suddenly using a lot power I never thought they'd use, and now I don't know your boundaries anymore. I don't know what could happen or what you could rationalize doing because somebody else pushed you to.
@fribygda I can't provide you of a list of reasons why in the future I might do this or that.
My boundary is what I already told you, being transparent in what I do in Masto.host.
What I thought 7 years ago when I started Masto.host is not valid today, same for last month. The Fediverse is new and nobody has ever had to deal with the challenges that we are facing.
I'm learning daily and doing what I believe is right. I will admit mistakes but don't feel this is the case in this situation.
"My boundary is what I already told you, being transparent in what I do in Masto.host"
That's not a boundary, or if you tried to make it boundary, it is no boundary at all - you may allow yourself anything in the end, and we'll just have to take it.
@fribygda Yes, you have all the power! You own your servers data and are free host it however you like. That is the most power you can have online.
I don't know if what the future brings will make you more or less uncomfortable. I could never imagined last week the amount of work I had to do this week and all that this attack involved. So, I can't say what I might have to do next week.
However, there's also the fact that Masto.host is a big provider. I don't know the numbers, but I've thought that maybe you are the biggest single provider of them all.
This means that your actions may affect the whole fediverse, not just the individual server.
Your actions could shape the fediverse to some extent. Even voting with one's feet may not escape the reach of your power then, as you, like the tech billionaires, have control of our relationships.
@fribygda@mastohost Absolutely not. To assert that taking a server down is better than defending it is nonsense (it would turn a simple spam attack into a massive DoS), and will impact more users for far longer than the minimally invasive measures masto.host is using - proactively and transparently - to defend their own infrastructure (which isn't optional, if they want to keep running it in future) and that of the clients paying for exactly that service.
@fribygda@mastohost As ever, if you don't want the managers of your service managing your service, your choice is to run it yourself at higher cost and workload, with a lower-level service provider that allows for, and passes on costs for, higher usage and impacts. Frankly for $9 a month, the service here is excellent.
If authoritarian coercion in server moderation is the real price we pay, it may indeed not be worth it. That is a question we will have to ask ourselves.
Anything can be rationalized in the name of a greater good, but I don't want my community to become a victim of the next greater good. That's why there should be a separation of concerns.
You can sign up for having your server invaded, but I shouldn't lose my choice not to.
@mastohost Man I may be complaining alot about the mastodon software itself lately lmao, but masto.host as a host and organization is fantastic and I do appreciate all you do!
Add comment