Hm. I wonder if I can get any fediverse admins onboard to disable all images on their instance on the World Sight Day in October, so that only alt text shows up.
someone on a Japanese hacker forum decided it was a good idea to spam the entire Fediverse because they wanted to cancel a minor that DDoSed a Discord bot which apparently made them lost millions (what?)
A Discord bot. I can't make this shit up man.
The real culprit seems to be someone who goes by mumei in the ctkpaarr.org forums, whose first post was literally a threat to ap12, that if they don't delete their "Kuroneko Server" Discord bot, they will spam every blog, forum and SNS and cancel him.
This shit is ridiculous.
The ap12 account from mastodon-japan was actually fake, and this dude impersonated a minor to get all of the Fediverse (us) to bully him.
Hallo alle Fedi-Admins die Probleme mit Spam haben!
Die Mute-Liste 2.2.2
Ich habe die Spam-Liste aktualisiert und ~104 zusätzliche Instanzen gefunden, die weiterhin spammen! Ich habe, mit viel Hilfe von anderen Fedi Admins, die Instanzen in einer Liste zusammengestellt, die sie stumm schaltet und nicht von ihnen deföderiert!
Ich würde mich sehr über eine kleine Spende hier freuen, da Ich wirklich hart und lange an der Erstellung dieser Liste gearbeitet habe, was Ich angesichts meines aktuellen Zeitplans kaum rechtfertigen kann! Dankeschön!
Es gibt eine neue Art von Spam, die gleichen Instanzen sind betroffen wie vorher. Die Verantwortlichen in Japan sollen verhaftet worden sein.
Ist diese Liste importiert ist ein Großteil des Spams vorbei. Das ganze ist für euch leicht, geht mit einem klick! Zudem wird keinerlei Instanz für immer geblockt, keinerlei Follower etc. zerstört oder deföderiert, sondern nur stummgeschaltet. Das ist sehr leicht umkehrbar.
Ihr könnet diese Liste einfach importieren, indem ihr auf https://yourinstance.tld/admin/export_domain_blocks/new geht und yourinstance.tld durch die Domain derer Instanz ersetzt, von der ihr der Administrator seid!
Alternativ könnt ihr auch auf Einstellungen => Moderation => Föderation => Importieren drücken, um diese Liste zu importieren.
Beachtet, dass zwar alle Instanzen mit einem Klick importiert werden können, dass aber diese Instanzen einzeln entfernt werden müssen, wenn der Spam vorbei ist.
Beachtet auch, dass es nur Sinn ergibt, diese Liste zu importieren und die Spam-Instanzen stumm zu schalten, wenn ihr euren Spam lokal und nachhaltig blockiert habt, wie hier beschrieben.
Hello all Fedi Admins who have problems with spam!
The Mute List 2.2.2
I have been updating the spam list and found ~104 additional instances that continued spamming! I, with lots of help of other Fedi Admins, have compiled the instances into a list which mutes them, and does not defederate from them!
I'd highly appreciate a small donation here as I've worked really hard and long on creating this, which given my current schedule I can hardly justify! Thanks!
There is a new type of spam, the same instances are affected as before. Those responsible in Japan are said to have been arrested.
Once this list is imported, most of the spam is gone. The whole thing is easy for you, with just one click! In addition, no instance is blocked forever, no followers etc. are destroyed or unfollowed, only muted.
You can simply import this list by going to https://yourinstance.tld/admin/export_domain_blocks/new and replacing yourinstance.tld with the domain of the instance you are the administrator of!
Alternatively, you can also click on Settings => Moderation => Federation => Import to import this list.
Note that although all instances can be imported with one click, these instances must be removed individually when the spam is over.
Also note that it only makes sense to import this list and mute the spam instances if you have blocked your spam locally and permanently, as described here.
Yo Chooms and #FediAdmins, we've cooked up something special for our instance, but we didn't want to keep all the fun to ourselves. So, we're dropping the "From CORTEX IMPLANT with love!" Emote Pack for all you fine folks in the Fediverse. Give your instance some extra Cyber-Style vibes, on the house! Enjoy! :cyberheart_pink::cyberheart_purple::cyberheart_red:
Hi Fediverse admins / devs! I've got a question about instance software.
Up until now, I've been running a fork of glitch-soc that has served me well. Unfortunately, however, I'm starting to run up against some of Mastodon's limitations and the effort to maintain my own fork is just too much. (seriously, fuck Rails and especially Webpacker :blobfoxangry:) I'd like to switch instance software to something with more features out-of-the-box. I'm considering Calckey, but I don't have any experience with it or any other Misskey derivative. The feature set looks great on paper but I'd like to hear from someone who has actually run it (or at least seriously evaluated the software). I'd greatly appreciate any and all input! I'm especially curious about these questions:
The "Fediverse Software Comparison" table has a few mistakes in the Mastodon and glitch-soc columns. They're minor, but it makes me wonder if that table is really trustworthy? The table is based on personal knowledge
There's currently an incident involving some kind of Japanese skids who call themselves the "Kuroneko" organization.
They seem to be attempting to commit DDoS attacks on Misskey servers, constantly creating new accounts on compromised instances and spamming advertisements for their hacking services.
Admins who are federating with these compromised servers, while they might not get compromised themselves, may be affected by the sheer amount of traffic volume from their spam.
Admins are advised to #fediblock or temporarily stop sending requests to affected servers for now, if they don't want to get secondhand DoS'd
IMO I never expected them to be Japanese out of all things, kinda funny. They also host VOICEROID and VOICEVOX TTS bots on their Discord apparently. Kinda a weird flex I guess.
#fediadmins are advised to temporarily disable sign-ups for now, or implement some anti-spam measure to limit signups to not get spammed.
Currently they are targeting #misskey and #mastodon, but other #activitypub servers may soon be targeted.
Today's attack proved that the Fediverse is unfortunate pretty vulnerable even to just a skid (or maybe OP who warned the skid).
The cause of the attack includes:
insufficient moderation on some servers allowing mass account creation.
no good methods to filter out even just a keyword for an entire instance.
Even though most of us survived the first wave, we have to prepare for the second and future ones:
Servers should enable the equivalent feature in their software that enables moderators to check if an account is ok first before letting them post anything.
Mastodon, Misskey and major software should implement a regex filter that ignores posts from any instances.
Today is the deadline for Fediverse #moderators to fill in our #Moderator Needs Assessment - the survey will remain open but today is the cutoff for IFTAS to review the responses and begin work on solutions.
If you administrator, manage, or moderate an ActivityPub service of any size - please take a few minutes to let us know how we can be helpful.
All questions are optional, skip anything you don't want to share:
I'm (not) sorry if this sounds like gatekeeping, but if you aren't technical enough and/or don't have the time to administrate an instance properly, please do not host a fediverse server. At the very least, don't allow open registrations or keep it single-user.
I've seen users losing their entire social graph due to instances randomly shutting down or losing their data, which is unfair to those users and paints a negative light of fediverse. And now, we're seeing the entire fediverse bogged down with spam because of instances that fail to mitigate bots, affecting the experience of everyone else.
In a related light, it's concerning how a small group of actors (at least based on our internal intelligence) can degrade the experience of the fediverse this effectively. It signals that we have a have a long ways to go in terms of the technologies, strategies, and tools we use to mitigate bad actors in the fediverse. What we currently have isn't enough for a resilient fediverse.
:heart_trans: Request for IT assistance :heart_trans:
Hi friends! Our SysAdmins are still blocked by a network issue that prevents our migration to the new servers. We are running out of ideas and would appreciate any possible support. If you have or know someone who has experience with IPv6 networks, then please contact me or another member of our staff. We would earnestly appreciate any help or advice!
The problem, as I understand it, is that traffic fails to pass through our OPNSense firewall. We have a /48 block allocated on the WAN side, and want to expose a public IP from the LAN. See this reply for a longer description and some discussion.
Trying to run a little experiment and want to make sure my understanding is correct.
If I post something on my fediverse server, assuming it takes some time to reach all of my followers' servers, does that post get inserted into their feeds as if posted at the original time, or rather on top of their feed, but with the original timestamp?