I'm getting recovered!!
Unlike traditional SNS (Social Networking Service), Fediverse consists of multiple independent servers that speak the same protocol. With the same idea as Bitcoin, the idea has been getting traction to go against central models such as Twitter or Facebook.
Although the Fediverse model has some advantages over the traditional model, e.g., users' posting rights won’t be deprived because they can just host their servers to communicate with others, and big companies cannot interfere with their decisions (mostly), the Fediverse also has some drawbacks. One of them is the difficulty of blocking malicious attacks such as spamming.
With the central authority model, one moderator can just ban a malicious user from the system, and it's done. A well-known example might be X (ex Twitter), in which users will get banned from their moderators, and they need to go through a lengthy recovery process to get their accounts back. On the other hand, there are no central authorities in Fediverse, and it's totally possible to sign up for 1000 servers with one email address. Many servers are not actively moderated, and malicious users can just use the servers to perform actions such as spam attacks. Also, due to its nation's need to connect with other servers openly, it’s hard to limit requests from different servers in general.
Today, I woke up and found out that my small Mastodon server was down. As I dug in and checked the news from others, someone seemed to run a script that signs up for an account in un-moderated Fediverse servers and sends a bunch of spam messages to other accounts.
$ docker exec -it db psql
postgres=# \c mastodon
You are now connected to database "mastodon" as user "postgres".
mastodon=# \dt
List of relations
Schema | Name | Type | Owner
--------+------------------------------------+-------+----------
public | accounts | table | mastodon
...
public | blocks | table | mastodon
mastodon=# SELECT a.username, a.display_name, a.domain, a.url FROM accounts a INNER JOIN blocks b ON a.id = b.target_account_id;
username | display_name | domain | url
--------------+--------------+---------------------+-----------------------------------------
hc7nly11to | | m.n1l.dev | https://m.n1l.dev/@hc7nly11to
6n05wn10f3 | | urweibo.com | https://urweibo.com/@6n05wn10f3
l4mn5j34rw | | urweibo.com | https://urweibo.com/@l4mn5j34rw
wf3hicc0ds | | rhythmisskey.games | https://rhythmisskey.games/@wf3hicc0ds
fjiqgzmh8x | | india.goonj.xyz | https://india.goonj.xyz/@fjiqgzmh8x
7g4d8ozv07 | | urweibo.com | https://urweibo.com/@7g4d8ozv07
zo2k7avwj2 | | misskey.mofumofu.me | https://misskey.mofumofu.me/@zo2k7avwj2
i6i60hpl2o | i6i60hpl2o | www.gctaisentl.com | https://www.gctaisentl.com/@i6i60hpl2o
egr0k1fian | egr0k1fian | mastodon.acm.org | https://mastodon.acm.org/@egr0k1fian
jm8yli6ckv | jm8yli6ckv | bols.games | https://bols.games/@jm8yli6ckv
ga6jcmzlu4 | | m.corduba.tech | https://m.corduba.tech/@ga6jcmzlu4
vwhfagknzq | | morale.ch | https://morale.ch/@vwhfagknzq
5a4rgrpezm | 5a4rgrpezm | lawsocial.org | https://lawsocial.org/@5a4rgrpezm
zrrgj2ntau | zrrgj2ntau | qaf.men | https://qaf.men/@zrrgj2ntau
1jwx2035sr | | morale.ch | https://morale.ch/@1jwx2035sr
iozpaf6m3y | iozpaf6m3y | www.gctaisentl.com | https://www.gctaisentl.com/@iozpaf6m3y
bvzlyc5ltc | | morale.ch | https://morale.ch/@bvzlyc5ltc
bnnrxquast | | cryptodon.lol | https://cryptodon.lol/@bnnrxquast
y5gwliw5xs | | nekton.social | https://nekton.social/@y5gwliw5xsAs I checked the domains, I found that all of them lack safeguards to sign up for, and also, server admins have been inactive for a long time.
I generally enjoy Fediverse, but I see some drawbacks these days, such as today's incident.
Pasta 1000 Jagarico 700 m&m's 300
Sushi bowl 800 Salad 400 Chips 400 m&m's 200
Total 3800 kcal
push-ups
MUST:
TODO: