A combination of few trivial countermeasures in Mastodon servers would help raise the bar for spam attacks IMO.
On the outbound side:
1. Prevent the use of temporary/throwaway emails by default. (Can be done without blacklists via delayed verification)
2. Limit outbound activity (especially @mentions) from freshly minted accounts to accounts they don’t follow.
And inbound:
3. Limit inbound activity from infrequently seen instances.
4. Limit activity generally with servers running outdated versions/protocols.
5. Default new accounts to "Block DMs from people you don't follow”.
This won’t stop more sophisticated spam techniques, but it would prevent or mitigate the crudest methods like the current spam attack. This would free up human moderators to deal with bigger issues.
Other things would help too, but these are passive measures that require no attention from admins. It’s important that future abandoned instances aren’t so easily exploited.
#spam #fediverse #infosec
tellyworth /
npub1v6…ke549
2024-02-19 03:44:30
Author Public Key
npub1v68gwk9f3hkz02n3spe4dtj5fyp8tjdfu3c8nyzrl8ew7phg38pqwke549Seen on
wss://relay.nostr.bandPublished at
2024-02-19 03:44:30Event JSON
{
"id": "2eda7ae560bb2fdc9552a7df7dfa8b2790a4419efaf6a8224d5aae7085aab251",
"pubkey": "668e8758a98dec27aa71807356ae54490275c9a9e470799043f9f2ef06e889c2",
"created_at": 1708314270,
"kind": 1,
"tags": [
[
"t",
"spam"
],
[
"t",
"fediverse"
],
[
"t",
"infosec"
],
[
"proxy",
"https://ioc.exchange/users/tellyworth/statuses/111956084050262410",
"activitypub"
]
],
"content": "A combination of few trivial countermeasures in Mastodon servers would help raise the bar for spam attacks IMO.\n\nOn the outbound side:\n\n1. Prevent the use of temporary/throwaway emails by default. (Can be done without blacklists via delayed verification)\n2. Limit outbound activity (especially @mentions) from freshly minted accounts to accounts they don’t follow.\n\nAnd inbound:\n\n3. Limit inbound activity from infrequently seen instances.\n4. Limit activity generally with servers running outdated versions/protocols.\n5. Default new accounts to \"Block DMs from people you don't follow”.\n\nThis won’t stop more sophisticated spam techniques, but it would prevent or mitigate the crudest methods like the current spam attack. This would free up human moderators to deal with bigger issues.\n\nOther things would help too, but these are passive measures that require no attention from admins. It’s important that future abandoned instances aren’t so easily exploited.\n\n#spam #fediverse #infosec",
"sig": "ce7b2959ea3b2d15824fb5e50688eb33dcf9736bcca435c8edc7529ab16e3f7a8fddcb60222b5de17e46a821c2416510a1e3e320c18cb7ea2d4c0b13fa99ff8b"
}