There have been a number of comment spam attacks in various posts in a couple of /c’s that I follow by a user/individual who uses account names like Thulean*

For example: ThuleanSneed@lemmy.tf in !coffee@lemmy.world

and ThuleanPerspective2@eviltoast.org in !anime@ani.social

edit: Also ThuleanSneed@startrek.website in !startrek@startrek.website

The posts have been removed or deleted by the respective /c’s mods, and the offending accounts banned, but you can see the traces of them in those /c’s modlogs.

The comments consist of an all-caps string of words with profanities, and Simpsons memes.

An attack on a post may consist of several repeated or similar looking comments.

This looks like a bored teenager prank, but it may also be an organization testing Lemmy’s systemic and collective defenses and ability to respond against spam and bot posts.

  • SheeEttin@programming.dev
    link
    fedilink
    English
    arrow-up
    4
    ·
    7 months ago

    A lot of this stems from instances running old versions with loose registration requirements, like no captcha. This is a problem in a federated system because there’s no barrier for a banned user to just jump to another instance.

    Perhaps it would be a good idea if, when Lemmy has anti-spam measures implemented like rate-limiting and captchas for registration, it disabled federation with instances that are at a lower version, to motivate small instances to upgrade and enable the new features.

    • Quill0@lemmy.digitalfall.net
      link
      fedilink
      English
      arrow-up
      3
      ·
      7 months ago

      What I really want to see is the ability to set a threshold for a server to reach before it will federate.

      Example: you have a server, you don’t allow others to federate unless those servers force captcha or approval of user registration

      • nutomic@lemmy.mlM
        link
        fedilink
        English
        arrow-up
        2
        ·
        7 months ago

        The problem is that a server could very easily lie and claim to have captchas when it really doesnt.