Mastodon (and the Fediverse) have grown, now spam and bots are going to become a more common and challenging threat to instances
Mastodon (and the Fediverse) have grown, now spam and bots are going to become a more common and challenging threat to instances
Absolutely. I’d be very happy to see this community grow bigger, but there will be chances of increased spam and bot attacks the larger it gets.
The key to avoiding malicious exploits from screwing everyone over is to keep the codebase open-source (and resources spread out), so that any vulnerability can be identified quickly and patched.
To my knowledge that’s how Linux has been able to stay relatively virus free in the user sphere. Obviously there are shell scripts that can instantly crash or wipe your computer if you run them, and privilege escalation bugs that have been found and fixed, but generally Linux has been much better than Windows in that regard which still has some DOS-era quirks.
You don’t need an exploit to send spam however. Anyone can currently write a client which posts spam messages to an ActivityPub instance. It is a weakness of any open federated service. The alternative would be a closed system where moderators would first have to approve any instance federation, but that’d be a very different and insular Fediverse…
I think ultimately we’ll end up with very Email-like mitigations. Blacklists (spamhaus), message content heuristics, sender verification, etc.
Almost every social media site (FB, Reddit, YT, Twitter) and online newspaper comment section has a good share of spam and harassment anyway, it’s up to “an algorithm”, moderator, or verification system to remove as much as feasible.
I’m more thinking of servers unexpectedly down or purged, people hijacking or spoofing others’ profiles, etc. which the way the Fediverse network is setup should make it a little more resilient overall.