In der Juni-Ausgabe meiner @gnulinux -Kolumne "Ückück und das #Fediverse" geht es dieses Mal um das Thema private Nachrichten, was wir als Mods und Admins wirklich sehen und warum ihr für eure Chats immer verschlüsselte Messenger verwenden solltet.
Den Artikel zum Nachlesen- und hören gibt es hier:
@stefan Aus.Social is supported by all of the fine members of the International Posters Union : Australian Branch @PostersUnionAU - We are a 100% members owned and operated service!
Trying to run a little experiment and want to make sure my understanding is correct.
If I post something on my fediverse server, assuming it takes some time to reach all of my followers' servers, does that post get inserted into their feeds as if posted at the original time, or rather on top of their feed, but with the original timestamp?
Example. I post something at 10am. It takes 5 minutes for it to reach your server. Someone on your server posts something at 10:04, showing up instantly on your feed.
Will my post be above or below that post? Does different fediverse software handle this differently?
Great questions! I've often wondered about timing from smaller instances ... it's very noticeable when I switch back and forth between Pixelfed and Mastodon. I follow mostly the same accounts in both places ... often I'll see something first in my Pixelfed feed, and it's later before I see the same post in my Mastodon feed. Not by a big difference but certainly a noticeable delay. 🤔
:heart_trans: Request for IT assistance :heart_trans:
Hi friends! Our SysAdmins are still blocked by a network issue that prevents our migration to the new servers. We are running out of ideas and would appreciate any possible support. If you have or know someone who has experience with IPv6 networks, then please contact me or another member of our staff. We would earnestly appreciate any help or advice!
The problem, as I understand it, is that traffic fails to pass through our OPNSense firewall. We have a /48 block allocated on the WAN side, and want to expose a public IP from the LAN. See this reply for a longer description and some discussion.
Hm. I wonder if I can get any fediverse admins onboard to disable all images on their instance on the World Sight Day in October, so that only alt text shows up.
Yo Chooms and #FediAdmins, we've cooked up something special for our instance, but we didn't want to keep all the fun to ourselves. So, we're dropping the "From CORTEX IMPLANT with love!" Emote Pack for all you fine folks in the Fediverse. Give your instance some extra Cyber-Style vibes, on the house! Enjoy! :cyberheart_pink::cyberheart_purple::cyberheart_red:
Dans le but de toujours renforcé le droit à la vie privée, le mien et ceux des autres utilisateurs de l'instance, j'ai le plaisir de vous annoncer qu'après plusieurs semaines de travail et m'étant inspiré des travaux d'autres #Fediadmins , l'instance bloque les moteurs de recherches ainsi qu'un ensemble de scrapper et autres directement au niveau du serveur et non au niveau des applications #vieprivee#rgpd
Hallo alle Fedi-Admins die Probleme mit Spam haben!
Die Mute-Liste 2.2.2
Ich habe die Spam-Liste aktualisiert und ~104 zusätzliche Instanzen gefunden, die weiterhin spammen! Ich habe, mit viel Hilfe von anderen Fedi Admins, die Instanzen in einer Liste zusammengestellt, die sie stumm schaltet und nicht von ihnen deföderiert!
Ich würde mich sehr über eine kleine Spende hier freuen, da Ich wirklich hart und lange an der Erstellung dieser Liste gearbeitet habe, was Ich angesichts meines aktuellen Zeitplans kaum rechtfertigen kann! Dankeschön!
Es gibt eine neue Art von Spam, die gleichen Instanzen sind betroffen wie vorher. Die Verantwortlichen in Japan sollen verhaftet worden sein.
Ist diese Liste importiert ist ein Großteil des Spams vorbei. Das ganze ist für euch leicht, geht mit einem klick! Zudem wird keinerlei Instanz für immer geblockt, keinerlei Follower etc. zerstört oder deföderiert, sondern nur stummgeschaltet. Das ist sehr leicht umkehrbar.
Ihr könnet diese Liste einfach importieren, indem ihr auf https://yourinstance.tld/admin/export_domain_blocks/new geht und yourinstance.tld durch die Domain derer Instanz ersetzt, von der ihr der Administrator seid!
Alternativ könnt ihr auch auf Einstellungen => Moderation => Föderation => Importieren drücken, um diese Liste zu importieren.
Beachtet, dass zwar alle Instanzen mit einem Klick importiert werden können, dass aber diese Instanzen einzeln entfernt werden müssen, wenn der Spam vorbei ist.
Beachtet auch, dass es nur Sinn ergibt, diese Liste zu importieren und die Spam-Instanzen stumm zu schalten, wenn ihr euren Spam lokal und nachhaltig blockiert habt, wie hier beschrieben.
Hello all Fedi Admins who have problems with spam!
The Mute List 2.2.2
I have been updating the spam list and found ~104 additional instances that continued spamming! I, with lots of help of other Fedi Admins, have compiled the instances into a list which mutes them, and does not defederate from them!
I'd highly appreciate a small donation here as I've worked really hard and long on creating this, which given my current schedule I can hardly justify! Thanks!
There is a new type of spam, the same instances are affected as before. Those responsible in Japan are said to have been arrested.
Once this list is imported, most of the spam is gone. The whole thing is easy for you, with just one click! In addition, no instance is blocked forever, no followers etc. are destroyed or unfollowed, only muted.
You can simply import this list by going to https://yourinstance.tld/admin/export_domain_blocks/new and replacing yourinstance.tld with the domain of the instance you are the administrator of!
Alternatively, you can also click on Settings => Moderation => Federation => Import to import this list.
Note that although all instances can be imported with one click, these instances must be removed individually when the spam is over.
Also note that it only makes sense to import this list and mute the spam instances if you have blocked your spam locally and permanently, as described here.
As odd as that sounds. The inkscape forum banns Chinese letters. Which is not something we wanted to do, but which became necessary because if the spam.
The spam controls are actually quite good. Ranging from blocking a post yo instantly shutting down an account.
I'm (not) sorry if this sounds like gatekeeping, but if you aren't technical enough and/or don't have the time to administrate an instance properly, please do not host a fediverse server. At the very least, don't allow open registrations or keep it single-user.
I've seen users losing their entire social graph due to instances randomly shutting down or losing their data, which is unfair to those users and paints a negative light of fediverse. And now, we're seeing the entire fediverse bogged down with spam because of instances that fail to mitigate bots, affecting the experience of everyone else.
In a related light, it's concerning how a small group of actors (at least based on our internal intelligence) can degrade the experience of the fediverse this effectively. It signals that we have a have a long ways to go in terms of the technologies, strategies, and tools we use to mitigate bad actors in the fediverse. What we currently have isn't enough for a resilient fediverse.
@lea For personal instances go and deploy unstable git commits or patches you wrote yourself for all I care but I agree, as soon as you start publically accepting users you need to be a bit more careful. I will make an exception for private signups where an instance exists for the purpose of general testing.
someone on a Japanese hacker forum decided it was a good idea to spam the entire Fediverse because they wanted to cancel a minor that DDoSed a Discord bot which apparently made them lost millions (what?)
A Discord bot. I can't make this shit up man.
The real culprit seems to be someone who goes by mumei in the ctkpaarr.org forums, whose first post was literally a threat to ap12, that if they don't delete their "Kuroneko Server" Discord bot, they will spam every blog, forum and SNS and cancel him.
This shit is ridiculous.
The ap12 account from mastodon-japan was actually fake, and this dude impersonated a minor to get all of the Fediverse (us) to bully him.
@cappy Glad to see anyone jumped on guy without doing foresincs first. You #cybersecurity . In Cyber the first step is anamysing the situation, not jumping around screaming like monkeys. At least some had their "heure de gloire" screaming order with big hashtag you have to avoid or get smacked on. Poor dude.
Today's attack proved that the Fediverse is unfortunate pretty vulnerable even to just a skid (or maybe OP who warned the skid).
The cause of the attack includes:
insufficient moderation on some servers allowing mass account creation.
no good methods to filter out even just a keyword for an entire instance.
Even though most of us survived the first wave, we have to prepare for the second and future ones:
Servers should enable the equivalent feature in their software that enables moderators to check if an account is ok first before letting them post anything.
Mastodon, Misskey and major software should implement a regex filter that ignores posts from any instances.