Chao-c'Mar 12

This is call for all moderators of Mastodon instances with open registration policy: let's cooperate, let's fight botnets together. We can share mail domains and blocked IP addresses.

I am trying to keep registrations open for the next big wave of Mastodon migration, which I believe is inevitable.

There are very few actual humans, willing to do some sustained harm - most of the malicious activity are bots. And we can track where they register and operate from. Ultimately, we can learn who is doing this shit and who pays for it...

#mastodon #moderation

Show threadmirek kratochvilMar 12
@xChaos hey is there DNSBL support for mastodons? imo that would be great. Solves so much mail spam.
Show threadChao-c'

@exa I am not sure, if it can be configured automatically. I was thinking about manual lists. But it is just SQL table anyway, so importing any existing list into SQL table should be easy.

Botnets use each mail domain only few times, because co-hosted managed Mastodon instances probably somehow share the blocked mail domains and IP lists, which saves them lot of work.

But blocking is not enough. I wonder who is running the botnets. If we have databases of those weird .com domains, we can somehow figure out who pays for them. The IPs are probably IPs of compromised machines, so the owner of the IP can be contacted and honeypot installed.

The blocking is not enough... we need to analyze the situation. The common understanding is, that they are Russian propaganda botnets, but it is more than that. They are somehow AI powered, and they may be run by some actor, which is just willing to hire the botnet to anybody, who pays them (including Russian propaganda).

Instead of closing registrations, which means giving up future migrations from corporate networks, we need to somehow think about it. If they are trying to abuse us, it means, that they take us seriously. But who are they?

Mar 12 at 8:14amWeb
Show threadmirek kratochvilMar 12

@xChaos nah the usual issue is the same as with mail spam: if you equip a random someone with $1000 and a small botnet access, they can send disproportionately more spam&hate than you can ever prevent for the same amount of investment. That's the economy of the thing, and for our beloved hate sources these resources are negligible.

The only way out is to equip cheapest tools that probabilistically decrease the chance of success as much as possible. Spam stops once the cost is not ignorable.

Show threadmirek kratochvilMar 12

@xChaos Finding Re who they are: From what I saw, the end point is almost always script kids.

Making pocket money for their next thing. Likely learning a lot. Working up the chain. :)