BrianKrebsMar 2
Someone has registered a ton of new accounts and is spamming with messages saying I'm a pedophile. Sorry @jerry
Show threadJerry πŸ¦™πŸ’πŸ¦™Mar 2
@briankrebs I just nuked the ones you reported. I’ll keep an eye out for more
Show threadBrianKrebsMar 2
@jerry just search messages for krebson. reporting them all would take quite some time.
Show threadJerry πŸ¦™πŸ’πŸ¦™Mar 2
@briankrebs my apologies - I didn't intend for you to have to report them. I went spelunking and found about 60 accounts taken over, about 2/3 of which hadn't posted yet. I'll keep searching for more. My sincere apologies for this.
Show threadAllpointsMar 2

@jerry @briankrebs this, right here, is one of the major reasons why the fediverse is awesome. Actual humans administering instances and caring about their users.

#Fediverse #SysAdmin

Show threadRob RicciMar 2

@allpoints @jerry @briankrebs

This is how moderation *should work*, done by people who understand their users and the actual threat model

Show threadJerry πŸ¦™πŸ’πŸ¦™Mar 2
@ricci @allpoints I dunno. I feel like I let @briankrebs down by letting so many accounts get taken over to dog pile him.
Show threadDroppie [opensoc]Mar 2

@jerry

so many accounts get taken over


eeek, that's extremely alarming! because i much prefer the feature-set of #Friendica compared to Masto, these days my daily fedi is the former [from whence i post this now], with my #infosecspace account mainly "just" for emergency fallbacks. now i'm wondering if i should make a habit of visiting it daily again just to keep an eye on it πŸ€”πŸ€·β€β™€οΈ

@briankrebs @ricci @allpoints

Show threadJerry πŸ¦™πŸ’πŸ¦™
@msdropbear @briankrebs @ricci @allpoints enable 2 factor authentication and you won’t have to worry.
Mar 2 at 11:52pmWeb
Show threadDroppie [opensoc]Mar 3

@jerry

hmmmm.

Two-factor Auth

Scan this QR code into Google Authenticator or a similar TOTP app on your phone. From now on, that app will generate tokens that you will have to enter when logging in.

If you can't scan the QR code and need to enter it manually, here is the plain-text secret:

can't see how that is any help for me

  • my phone is for only calls & texts, nothing else
  • all my fediversing & browserising is done on my Linux pooters
  • i will never use any google service by choice
  • i never use qr codes

πŸ€”πŸ€·β€β™€οΈ

ta anyway.

@ricci @allpoints @briankrebs

Show threadplasticine_eraMar 3

@msdropbear @jerry @briankrebs @ricci @allpoints

I don't know if this particular one is any good/secure ..but there are TOTP code apps for linux (like this one) you could check out if you don't want to go the phone based route. You may need a camera if you want to import QR codes.

https://github.com/paolostivanin/OTPClient. with instructions https://github.com/paolostivanin/OTPClient/wiki/How-to-use-OTPClient

GitHub - paolostivanin/OTPClient: Highly secure and easy to use OTP client written in C/GTK3 that supports both TOTP and HOTP

Highly secure and easy to use OTP client written in C/GTK3 that supports both TOTP and HOTP - paolostivanin/OTPClient

GitHub
Show threadDroppie [opensoc]Mar 3
@plasticine_era thx. @ricci @allpoints @jerry @briankrebs