The Fediverse has a DDoS problem

⁨60⁩ ⁨likes⁩

Submitted ⁨⁨6⁩ ⁨months⁩ ago⁩ by ⁨punkyblob@lemmy.blahaj.zone⁩ to ⁨fediverse@lemmy.world⁩

https://aumetra.xyz/posts/the-fedi-ddos-problem

I was recommended to share this article I wrote a few days ago on here, too; so here we are!

The TL;DR is “link embed fetching communes” as a partial “fix” to the issue (pretty buzzwordy, sorry for that)

source

Comments

Sort:hotnew top

Zak@lemmy.world ⁨6⁩ ⁨months⁩ ago
The proposed solution of an intermediate server caching embeds is needlessly complex. The first server a link is posted to can fetch the embed, then push it out to every server receiving the post.

source
- skullgiver@popplesburger.hilciferous.nl ⁨6⁩ ⁨months⁩ ago
  [deleted]
  source
  - catloaf@lemm.ee ⁨6⁩ ⁨months⁩ ago
    The first server should be the one it was posted to. Then federate the embed just like the post itself.
    
    If a server is malicious, it doesn’t matter if that malice is transmitted in the post or in the embed, it should be defederated just the same.
    
    source
    -> View More Comments
  - rimu@piefed.social ⁨6⁩ ⁨months⁩ ago
    Not all servers are equal. I would trust a post from lemmy.world or lemmy.ml to have valid metadata, for example. It'd be great if admins had some way to specify trusted instances (with the biggest 6 instances as initial defaults).
    
    There would be other uses for the trusted instances concept. Automatic sharing of moderation actions, block lists, community lists, etc
    
    source
    -> View More Comments
- punkyblob@lemmy.blahaj.zone ⁨6⁩ ⁨months⁩ ago
  Actually an interesting point. My immediate concern with that idea is that it would open the door for disguising things for what they aren’t. The solution was made from the general caution of not trusting remote servers regarding content they not necessarily control.
  
  But yes, that would definitely be a solution, too.
  
  source
Carighan@lemmy.world ⁨6⁩ ⁨months⁩ ago
[deleted]
source
- punkyblob@lemmy.blahaj.zone ⁨6⁩ ⁨months⁩ ago
  How is this blog spam if it provides an approach on how to fix it (next to a recap)? I just put it on there because I collect stuff there.
  
  Image
  
  But yeah, whatever, Lemmy is an interesting place.
  
  source
- erlend_sh@lemmy.world ⁨6⁩ ⁨months⁩ ago
  This is certainly not spam but rather a blog response, a time honored practice as old as blogging itself.
  
  OP’s article links to the source article (albeit via its fedipost rather than its blog post; maybe best to link both) and contributes to the online discourse with a long form reply, detailing a possible solution.
  
  Mischaracterizing such a clearly well-intentioned contribution as “blog spam” is harmful.
  
  source
- ThillyGooth@lemmy.world ⁨6⁩ ⁨months⁩ ago
  This is not spam. The blog post discusses a current hot topic. There’s no advertising on the site. OP has nothing to gain by sharing this. Don’t make people hesitate to post quality content just because the topic has been discussed elsewhere.
  
  source