But this will definitely ban all VPNs
this post was submitted on 21 Feb 2024
6 points (66.7% liked)
lemmy.ml meta
1406 readers
1 users here now
Anything about the lemmy.ml instance and its moderation.
For discussion about the Lemmy software project, go to [email protected].
founded 3 years ago
MODERATORS
Yeah, there are numerous reasons told people would come from the same IP. And then once they realize that you're doing that they'll just spoof their IPs.
I havent thought of the many people using those.
Maybe to combat this, people with von could use email verification. I know its back to square one in terms of privacy but there are email aliases after all.
The other solution I could think of is account age/comment number or karma.
IP is not identity. They're usually dynamic and whoever had one last isn't the same thing that had it next.
Ipv4 addresses are scarce and even very large organizations may use same exit addresses with NAT or proxy or other connection tracking. Entire cities have been banned by services that didn't understand this.
It also would not be effective. Bad actors can easily circumvent it and good ones will often decide your service doesn't work and isn't worth using. Not to mention that it's better to let a thousand guilty go than to punish one who is innocent.
Very short blocks or heavy rate limits can be useful for flood control, though.
I agree, its not great in those cases. My idea wasnt a permanent ban of the ip since I know how this works. I‘m an admin.
I‘m analyzing the patterns and they’re not really flooding the system, they’re single accounts, posting once from different instances.
To combat this, we need to see what action we want to prevent. Ideally, the computer of the person posting this would explode. That not being possible, we‘re kind of limited.
In the case of the recent attacks it has first been a text, which probably got banned by an automod, then they resorted to pictures. We have software that can detect csam and delete it. I dont know if this would work with a picture like the spam pic they sent around. Maybe.
If you're thinking of the recent spam wave, they were using Tor. It's reasonably easy to block all Tor traffic. However, then you block all Tor users. You can't identify one Tor user from another, which is pretty much the point of Tor.
Thanks for pointing this out.
I feel like there is great potential for a „brace“ action federating in case of an attack where maybe tor stops functioning when one or more (trusted) servers recognize an attack.
This could include disabling tor for a certain amount of time.
Maybe we should also disable posts without comment history or account age of x. Then again, we could disable accounts from posting that have lain dormant for x amount of time.
Literally tons of ways to combat this.
Have you heard of Fediseer? Instances guarantee each other, and if there is say a spam attack from an instance, the instance that guaranteed them could remove the guarantee then any instance that syncs their federation to Fediseer would be defederated until the instance was guaranteed again. There's a bit more to it, but that's the basics.
Rest assured, where there are problems there are people working on solutions! But things take time
IP bans suck, they're not a good idea even if not federated.
I don't think there's a real solution to spam on the fediverse unless it's limiting stuff to closed-registration instances.
Feel free to argue why IP bans suck. So far, it has been „can be abused“ and „might hit innocents on occasion“ which both is the case for every rule and even law we have in the world. Closed registration is the same thing imo just implemented differently.
CGNAT IPs are shared by a wide range of customers, so you could unintentionally cut off an entire community in one go.
https://en.m.wikipedia.org/wiki/Carrier-grade_NAT
The only good scenario that IP bans work is if they are static, but there's not an easy way of checking that.