Lemmy

12514 readers

56 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.

founded 4 years ago

MODERATORS

nutomic@lemmy.ml

Question: isn’t Federation inherently more susceptible to bots? (programming.dev)

submitted 1 year ago* (last edited 1 year ago) by o_o@programming.dev to c/lemmy@lemmy.ml

8 comments fedilink hide all child comments

Instances, of course, have some bot-mitigation tools which they can use to prevent signups, etc.

However, what’s stopping bots from pretending to be their own brand new instance, and publishing their votes/spam to other instances?

Couldn’t I just spin up a python script to barrage this post, for example, with upvotes?

EDIT: Thanks to @Sibbo@sopuli.xyz ‘s answer, I am convinced that federation is NOT inherently susceptible, and effective mitigations can exist. Whether or not they’re implemented is a separate question, but I’m satisfied that it’s achievable. See my comment here: https://programming.dev/comment/313716

you are viewing a single comment's thread
view the rest of the comments

[–] Sibbo@sopuli.xyz 6 points 1 year ago (2 children)

Mastodon requires you to have a domain if I remember correctly. Maybe Lemmy has the same? Then it would cost some 10€ to get a new domain each time you get blocked.

[–] o_o@programming.dev 6 points 1 year ago

I see. So each instance in the “fediverse”, whether Kbin or Lemmy or Mastodon could have their own rules on what to allow. Those that allow too much and get spammed are likely to lose standing in the community and be defederated by other instances.

Requiring a domain and having a mechanism to block domains seems like a good approach to start with.

Thank you! That cleared it up for me.

[–] terribleplan@lemmy.nrd.li 3 points 1 year ago* (last edited 1 year ago)

Subdomains work, and AFAIK you can't block a TLD, only the full domain. You could probably write a script to auto-block subdomains or something though.