I noticed that my server import the bans from other instances. I think it’s a great feature at the moment where there is no complains of anyone creating servers to abuse it, but I feel like it’s bound to happen if there is no safety for it.

If we want to keep it easy for creating servers, maybe they should have a trust level, that could be set either manually or with some heuristics. I like the idea of some heuristics with the option for the admins to take some manual action.

(dunno if it’s the right place to discuss that, is there some more appropriate community to ask things about lemmy itself, since this one is specific to lemmy.world?)

  • @breadsmasher
    link
    English
    51 year ago

    What type of bans are you seeing imported? Theres community and instance bans. It makes sense for instance A to import Instance Bs hosted communities banlist, but it would be wild if its importing instance level to then ban from both instances

    • @[email protected]
      link
      fedilink
      English
      4
      edit-2
      1 year ago

      It’s not clear but if you run an instance you just have a giant ban list in your admin page. No details about them.

    • @[email protected]OP
      link
      fedilink
      4
      edit-2
      1 year ago

      I didn’t ban anyone on my instance, it’s a new one. They appear on this screen and in the modlog, it doesn’t say anything about the type of ban

    • @[email protected]
      link
      fedilink
      51 year ago

      But that’s a manual process. It would be nice to monitor the federation status of all servers and slap an algorithm like K-Means on that to find clusters and outliers.

      You could then decide which ones to autonatically federate/defederate based on that data.

      I’m going to look into that, maybe I can write the part that gathers the data.

    • @[email protected]OP
      link
      fedilink
      11 year ago

      It’s a manual action, that must be taken for all instances AFAIK. An attacking software could pretend to be thousands of new instances, and a DDOS attack against lemmy is something that already happened in the past.

  • @[email protected]
    link
    fedilink
    English
    11 year ago

    Been wondering this myself. Just didn’t want to say it out loud and give someone an idea hah

    • @[email protected]OP
      link
      fedilink
      11 year ago

      I was a bit conflicted about asking that too. I guess for anyone actively searching for vulnerabilities to attack that will be obvious enough