Instances, of course, have some bot-mitigation tools which they can use to prevent signups, etc.

However, what’s stopping bots from pretending to be their own brand new instance, and publishing their votes/spam to other instances?

Couldn’t I just spin up a python script to barrage this post, for example, with upvotes?

EDIT: Thanks to @Sibbo@sopuli.xyz ‘s answer, I am convinced that federation is NOT inherently susceptible, and effective mitigations can exist. Whether or not they’re implemented is a separate question, but I’m satisfied that it’s achievable. See my comment here: https://programming.dev/comment/313716

  • Sibbo
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Mastodon requires you to have a domain if I remember correctly. Maybe Lemmy has the same? Then it would cost some 10€ to get a new domain each time you get blocked.

    • o_o@programming.devOP
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      I see. So each instance in the “fediverse”, whether Kbin or Lemmy or Mastodon could have their own rules on what to allow. Those that allow too much and get spammed are likely to lose standing in the community and be defederated by other instances.

      Requiring a domain and having a mechanism to block domains seems like a good approach to start with.

      Thank you! That cleared it up for me.

    • terribleplan@lemmy.nrd.li
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      1 year ago

      Subdomains work, and AFAIK you can’t block a TLD, only the full domain. You could probably write a script to auto-block subdomains or something though.