this post was submitted on 13 Sep 2023
11 points (78.9% liked)

Lemmy.world Support

3202 readers
37 users here now

Lemmy.world Support

Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.

This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.

This community is subject to the rules defined here for lemmy.world.

To open a support ticket Static Badge

You can also DM https://lemmy.world/u/lwreport or email report@lemmy.world (PGP Supported) if you need to reach our directly to the admin team.

Follow us for server news 🐘

Outages πŸ”₯

https://status.lemmy.world

founded 1 year ago
MODERATORS
ruud@lemmy.world
MrKaplan@lemmy.world
jelloeater85@lemmy.world
lwadmin@lemmy.world
Serinus@lemmy.world
11
Does Lemmy currently gives too much trust to other instances? (lemmy.fbmac.net)
submitted 1 year ago* (last edited 1 year ago) by fbmac@lemmy.fbmac.net to c/support@lemmy.world
10 comments fedilink hide all child comments
 

I noticed that my server import the bans from other instances. I think it's a great feature at the moment where there is no complains of anyone creating servers to abuse it, but I feel like it's bound to happen if there is no safety for it.

If we want to keep it easy for creating servers, maybe they should have a trust level, that could be set either manually or with some heuristics. I like the idea of some heuristics with the option for the admins to take some manual action.

(dunno if it's the right place to discuss that, is there some more appropriate community to ask things about lemmy itself, since this one is specific to lemmy.world?)

top 10 comments
sorted by: hot top controversial new old
[–] breadsmasher@lemmy.world 5 points 1 year ago (2 children)

What type of bans are you seeing imported? Theres community and instance bans. It makes sense for instance A to import Instance Bs hosted communities banlist, but it would be wild if its importing instance level to then ban from both instances

[–] fbmac@lemmy.fbmac.net 4 points 1 year ago* (last edited 1 year ago) (1 children)

I didn't ban anyone on my instance, it's a new one. They appear on this screen and in the modlog, it doesn't say anything about the type of ban

[–] CookieJarObserver@sh.itjust.works 1 points 1 year ago

I think i recognize one of the names, that person posted CSAM

[–] willya@lemmyf.uk 4 points 1 year ago* (last edited 1 year ago)

It’s not clear but if you run an instance you just have a giant ban list in your admin page. No details about them.

[–] Emperor@feddit.uk 3 points 1 year ago (2 children)

If someone was abusing it they'd rapidly get defederated.

[–] nottheengineer@feddit.de 5 points 1 year ago (1 children)

But that's a manual process. It would be nice to monitor the federation status of all servers and slap an algorithm like K-Means on that to find clusters and outliers.

You could then decide which ones to autonatically federate/defederate based on that data.

I'm going to look into that, maybe I can write the part that gathers the data.

[–] Emperor@feddit.uk 2 points 1 year ago

Anything that makes Lemmy's "immune response" quicker has to be a plus.

[–] fbmac@lemmy.fbmac.net 1 points 1 year ago

It's a manual action, that must be taken for all instances AFAIK. An attacking software could pretend to be thousands of new instances, and a DDOS attack against lemmy is something that already happened in the past.

[–] willya@lemmyf.uk 1 points 1 year ago (1 children)

Been wondering this myself. Just didn’t want to say it out loud and give someone an idea hah

[–] fbmac@lemmy.fbmac.net 1 points 1 year ago

I was a bit conflicted about asking that too. I guess for anyone actively searching for vulnerabilities to attack that will be obvious enough