112
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 22 Jun 2023
112 points (88.4% liked)
Lemmy
13353 readers
1 users here now
Everything about Lemmy; bugs, gripes, praises, and advocacy.
For discussion about the lemmy.ml instance, go to [email protected].
founded 5 years ago
MODERATORS
Instances already have an ability to turn on both captchas and email verification.
Both should be turned on by default, imo.
Absolutely agree.
I do not, and that comment might put you on the list of people behind this attack.
As well it can put me behind it.
Are bots creating accounts? Yeah, most definitely. Do we have the tools to fight it, no we do not.
The only tool would be predicting behavior and, for example, adding additional question/action few days after registering.
There are almost 1000 lemmy instances already. Getting individuals to fix their signup settings so that they mandate CAPTCHA likely will have to be driven from the lemmy product update level and an agreed upon defederation list for non-conformant instances.
And bot farms would be able to spin up new instances themselves, so being able to do a blacklist based federation model (federate with all by default except x, y, and z) isn't going to be viable. There's going to have to be a whitelist (federate only with a, b, and c) and maintaining that as new instances get added will be problematic without an overarching way of pushing updates of known "good" instances automatically.