this post was submitted on 17 Oct 2023
0 points (NaN% liked)

Fediverse

19 readers
2 users here now

This magazine is dedicated to discussions on the federated social networking ecosystem, which includes decentralized and open-source social media platforms. Whether you are a user, developer, or simply interested in the concept of decentralized social media, this is the place for you. Here you can share your knowledge, ask questions, and engage in discussions on topics such as the benefits and challenges of decentralized social media, new and existing federated platforms, and more. From the latest developments and trends to ethical considerations and the future of federated social media, this category covers a wide range of topics related to the Fediverse.

founded 2 years ago
 

Whenever I see a run of spam posts on the fediverse, I've taken to looking at the usernames behind them. Nine times out of ten, they turn out to be from kbin instances. Here's a recent example:

https://kbin.social/u/valige

As I write this, that account shows 8 identical scam posts made within 7 minutes of each other, and nothing else. (I imagine they might be removed by the time you read this.) This is pretty common in my experience. These particular posts are all to kbin magazines, not lemmy communities, but I don't remember whether that's always the case.

Since the main kbin instance is not the only one broadcasting this stuff, I wonder if there's something about the kbin software that makes it attractive to spammers. Does anyone know?


Edit: Some examples that are still cached on my instance:

https://lemmy.ca/u/valige@kbin.social
https://lemmy.ca/u/NITIN-Hardiya279@kbin.social
https://lemmy.ca/u/ishadeshpande@kbin.social
https://lemmy.ca/u/varshareddy21@kbin.melroy.org
https://lemmy.ca/u/Satish-Kumar843@kbin.social
https://lemmy.ca/u/sareena@kbin.social
https://lemmy.ca/u/SidAvasthi@kbin.social

top 7 comments
sorted by: hot top controversial new old
[–] Pamasich@kbin.social 2 points 1 year ago* (last edited 1 year ago) (2 children)

kbin.social's admin (and kbin currently only supports one admin per instance) is also the main dev.

As I understand it, the sudden unexpected popularity of kbin caused infrastructure issues and made fixing bugs and limitations more important, while he still has to reach his feature goals to secure funding so he can actually continue working on kbin full-time. Additionally, real life had a lot of negative surprises in store he had to deal with.

All in all, he hasn't had much time at all to properly moderate the instance, And the past two weeks he's been gone entirely for real life reasons, leaving the instance unmoderated.

It's not an issue with the software itself, just with kbin.social (and of course other badly moderated instances) specifically.

[–] example@reddthat.com 1 points 1 year ago

that's not entirely accurate.

the main problem for non-kbin users, as @ono@lemmy.ca is using lemmy, is that kbin moderation actions, such as a moderator or admin removing spam will not federate to lemmy, as this is not implemented yet.
for a lemmy user, it appears that kbin doesn't have any moderation at all, while spam is being removed for kbin(.social) users at least.

for this reason, several lemmy instances have already either defederated from kbin or removed kbin communities from their instance.

[–] ono@lemmy.ca 1 points 1 year ago* (last edited 1 year ago)

just with kbin.social (and of course other badly moderated instances) specifically.

Yes, there's clearly a moderation problem, but it's not just kbin.social.

To rephrase the question: why is it that practically all the insufficiently moderated sites are kbin instances?

kbin currently only supports one admin per instance

An overwhelmed admin could partially explain why a lot of spam comes from a particular instance. But it wouldn't explain why most of the small instances generating spam have chosen kbin instead of lemmy.

[–] macallik@kbin.social 1 points 1 year ago* (last edited 1 year ago)

This post on why lemmy.world temporarily adjusted federation abilities w/ kbin has a bit more insight, especially in the comments:
https://old.lemmy.world/post/5289864

[–] SharkAttak@kbin.social 1 points 1 year ago

It's also probably cause spammers don't get (or care) federation at all. So in their mind gotta spam on kbin-->account on kbin.

[–] Fiivemacs@lemmy.ca 1 points 1 year ago (1 children)

Totally were removed. I reported every single one of them then blocked them.

Was that the same douche that attempted the amazon gift card trash on infosec?

[–] ono@lemmy.ca 1 points 1 year ago* (last edited 1 year ago)

Yes, it was. I've added a link to my local instance's copy, for reference.