Post ATsxLCVC2tT7YhUXiK by blacklight@social.platypush.tech
(DIR) More posts by blacklight@social.platypush.tech
(DIR) Post #ATs6t1f1Z6LOD4KlaC by blacklight@social.platypush.tech
2023-03-22T11:05:10Z
1 likes, 0 repeats
Spam, spam and more spam.Today's another ordinary day of bots and hashtag pollution on Mastodon, as the admins of the big instances have apparently given up on keeping the place clean.I'm just one step away from temporarily blocking all content from mstdn.social and mstdn.ca until their admins get their shit back together. How are other #mastoadmins currently tackling these spam attacks?In the meantime, if you're on my instance and see more of this crap, please report it to me - I'm doing my best to block the hashtags and suspend content from these profiles, but something will inevitably fall between the cracks.
(DIR) Post #ATsB7xpeTvCyUogRQu by kikobar@acc4e.com
2023-03-22T11:52:41Z
0 likes, 0 repeats
@blacklight @stephan @yeri long ago we commented that spam was going to be the weakest link of the Fedi.We might be getting there. No amount of human effort is sufficient to stop a few thousand bots... we will need to up our game. 🙄
(DIR) Post #ATsF7JIFbSsCaH0JXc by kikobar@acc4e.com
2023-03-22T12:37:23Z
0 likes, 0 repeats
@blacklight to your original question, I haven't noticed anything in my tiny instance. No spam. Business as usual (so far).
(DIR) Post #ATsG89ve0RJrmfOmqO by blacklight@social.platypush.tech
2023-03-22T12:48:47Z
0 likes, 0 repeats
@kikobar out of curiosity, have you configured manual approval for hashtag trends?I have disabled manual approvals because it would take me a lot of time to manually approve hashtags on a daily basis, and I think that that, combined with being on some relays with high traffic, exposed me to a lot of this crap.For now it's more like an annoyance than a huge problem - we're still talking of disabling/suspending ~20 hashtags and accounts a day. But if the spammers decide to notch up a gear I may be forced to enable manual approvals of hashtags again and get off some of the high-traffic relays.
(DIR) Post #ATsGUNm3D6Qf5xVaCm by kikobar@acc4e.com
2023-03-22T12:52:48Z
0 likes, 0 repeats
@blacklight I disabled it long ago for the same reason.I thought I'd change it if I encountered problems, but I didn't (so far).I am also in quite a few relays, so I don't think that is the problem either.I believe you need to have subscribed to one of the hashtags to actually get the message in your feed, right?I don't follow tarot and things like that, but if they start polluting some of the things I follow, I'd be seeing the same I guess.
(DIR) Post #ATsGaCifDxDgXzhTXs by blacklight@social.platypush.tech
2023-03-22T12:53:53Z
0 likes, 0 repeats
@kikobar hmm that's a good point. I think some users on the instance may have subscribed to some of those hashtags, and some hashtags are apparently more exposed to tagspam than others...
(DIR) Post #ATsHAjvPFCEfxQ58Mq by kikobar@acc4e.com
2023-03-22T12:54:17Z
0 likes, 0 repeats
@blacklight on the other hand, if I understood correctly, this authorisation is to allow them to show as 'trending' in your site, it is not going to change the behavior of the feed.
(DIR) Post #ATsHAkxDPxHF9Jw5pI by blacklight@social.platypush.tech
2023-03-22T13:00:27Z
0 likes, 0 repeats
@kikobar indeed, my problem is with the trending list, not with the feed.Even if I haven't subscribed to those tags, but some users on the instance have, 20 spambots simultaneously storming the Fedi with posts with 20 hashtags are enough to skew the trending list.On larger instances 20 spambots may not be enough to skew the whole trending list, and that's why these posts don't end up trending on e.g. mastodon.social for long (because it's more likely to find 100-200 people there talking of another relevant topic). But it's not that hard to scale up the spambot volumes by just one order of magnitude and end up flooding trending lines on the largest instances too...
(DIR) Post #ATsHZRwnDndHRMVsDw by kikobar@acc4e.com
2023-03-22T13:04:52Z
0 likes, 0 repeats
@blacklight yup. And with no authentication of any kind and public APIs... we will soon be in email world of a couple of decades ago...
(DIR) Post #ATsHqpJjaMuyqOWu0W by blacklight@social.platypush.tech
2023-03-22T13:08:04Z
0 likes, 0 repeats
@kikobar on the other hand, as long as spam attacks are limited to hashtag flooding/hijacking, we could also just disable the trending lists on our instances. Probably they make even less sense anyway now that Mastodon supports explicitly following hashtags.
(DIR) Post #ATsHsIGhQpYqvKoGPY by kikobar@acc4e.com
2023-03-22T13:08:06Z
0 likes, 0 repeats
@blacklight it is also very easy to fish for our handles... so we can write bots to send thousands of DMs...That is an scenario we were discussing a few days ago, not sure if you saw the conversation:https://acc4e.com/@kikobar/110059135152094649
(DIR) Post #ATsI0yxsZTlrf39LPM by kikobar@acc4e.com
2023-03-22T13:09:53Z
0 likes, 0 repeats
@blacklight it is not difficult to read the API for hashtags and asses which ones are trending...Honestly, the only thing that is needed is someone with the motivation and resources to do it... like in the scenario I shared with you in the previous message.
(DIR) Post #ATsJ4hiWjtmhHUJ7jM by kikobar@acc4e.com
2023-03-22T13:12:37Z
0 likes, 0 repeats
@blacklight moreover, they can just attack the obvious ones mastodon, mastoadmin, linux, etc...In fact what you are seeing by them attacking the tarot and related, is probably a proof of concept for a future attack. 🤔
(DIR) Post #ATsJ4iGug3I308OaKO by kikobar@acc4e.com
2023-03-22T13:16:31Z
0 likes, 0 repeats
@blacklight by the way... Mastodon does not push the toots, right?... they are pulled by the receiving instance...This means that if you want to make a big attack you need a massive server, otherwise you would cause a self-ddos on your own server, right?Am I correct?
(DIR) Post #ATsJ4itCNhumusJA0G by kikobar@acc4e.com
2023-03-22T13:17:47Z
0 likes, 0 repeats
@blacklight this is what they might be measuring with this small attack... estimating resources needed.
(DIR) Post #ATsJ4jQsMUqybK43Um by blacklight@social.platypush.tech
2023-03-22T13:21:46Z
0 likes, 0 repeats
@kikobar that's a good point indeed.Creating ~20 spam bots that push ~20 tags trending on niche instances is not that expensive in terms on resources, but it's already sufficient to pollute the trending lists on a long tail of small/medium instances, where you aren't that likely to have >20 people talking of the same topic at the same time. Easy win.And, of course, it's a good gym to estimate the resources required for larger attacks.
(DIR) Post #ATsSRmXXsCc4UFFYum by drummer86@mastodon.stickbear.me
2023-03-22T15:06:47Z
0 likes, 0 repeats
@blacklight Hello. I am not affiliated with management, but use the mstdn.ca instance. Have you tried contacting management about the incoming spam problem you are facing that you say originates here? #MSTDNCA
(DIR) Post #ATsSUqNA53CZF3qx6m by adam457@mstdn.ca
2023-03-22T15:07:12Z
0 likes, 0 repeats
@blacklight Seven Mary Three - Water's Edge
(DIR) Post #ATsSaOBhmeR7Z98f0i by adam457@mstdn.ca
2023-03-22T15:08:22Z
0 likes, 0 repeats
@blacklight Hello, I am not affiliated with management here, but I am using the mstdn.ca instnace. You should try contacting management here about the spam problem you say you're facing on your instance. #MSTDNCA
(DIR) Post #ATsUC80WURusLFT38S by Pheneatis@mstdn.ca
2023-03-22T15:26:20Z
0 likes, 0 repeats
@blacklight We're definitely doing our best when we notice hashtag spam, but with how many people we host, we can't see them all. If they don't get reported, there is a big chance that we won't see them.
(DIR) Post #ATsvyRtGZBIOfbL49w by chad@mstdn.ca
2023-03-22T20:37:38Z
1 likes, 0 repeats
@blacklight beg your pardon? Get my shit together?The report button works and our volunteer team is on top of it.
(DIR) Post #ATsxLCVC2tT7YhUXiK by blacklight@social.platypush.tech
2023-03-22T20:52:58Z
0 likes, 0 repeats
@chad sorry for the moment of frustration - it's just been the 3rd day in a row that my trending section got flooded by hashtags associated to spam, and I've had to spend ~1hr a day just to clean up the junk and suspend accounts.Maybe it doesn't make a big difference on larger instances because ~20 spam bots simultaneously talking of the same thing isn't enough to move the needle of the trending topics.But on smaller instances that those larger instances are relayed to it makes the difference between a neat trending section and a spamhouse that requires admin intervention at least once a day.And, I believe, this is also the intention behind these campaigns - go more or less undetected by pushing modest-scale spam content on larger instances, which in turn gets relayed on smaller instances and generates hashtag pollution, and all of a sudden you have hundreds of domains linking your content.I reported some of those accounts twice in the previous occurrences, but nobody AFAIK acted. The 3rd time I just suspend the accounts on my instance without reporting them, but I'll make sure to report them next time.I'd just ask for more support if one of these campaigns happens again in the future. If your instances are the regular targets of spambots, and other instances are affected too (or, better, they are affected the most), then maybe it makes sense to start looking for patterns that make these campaigns possible and start closing some of those gaps.
(DIR) Post #ATuQ0bKbcye0JS1rO4 by Pheneatis@mstdn.ca
2023-03-23T13:48:52Z
0 likes, 0 repeats
@blacklight We don't necessarily act on too many hashtags reports, so make sure you put a note in there to tell us it's flooding you on purpose. We'll be able to act in that case.
(DIR) Post #ATyJcee4hGeBf7csHg by blacklight@social.platypush.tech
2023-03-25T10:56:12Z
0 likes, 0 repeats
@Pheneatis I have just spotted (and reported this time) another hashtag flood.The pattern is again the same: accounts with no profile picture, with only 2 posts, and bombing of occult-related hashtags, mostly with links to unrelated YouTube videos.Most of them are still from mstdn.social, but many are from mastodon.social, mastodon.online and masto.ai too: all large instances where their campaigns are likely to go under the radar (we're talking of 10-20 spam posts per attack, not enough to swing the trends on a large instance), but once those posts trickle down to smaller instances they'll just poison their trending topics.Another interesting finding: all the spam bots always mention @Mage_of_Aquarius.