this post was submitted on 30 Jul 2023
78 points (100.0% liked)
Fediverse
757 readers
1 users here now
A community dedicated to fediverse news and discussion.
Fediverse is a portmanteau of "federation" and "universe".
Getting started on Fediverse;
- What is the fediverse?
- Fediverse Platforms
- How to run your own community
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You're thinking about it the wrong way. Despite a major hub of lemmy being down if you have an account on another instance you can continue using the network nearly as though nothing had happened. Individual instances may have greater or lesser reliability but the social network is very robust.
If thats how Lemmy should be used it would be helpful if we could identify yourself across servers. Like email has pgp that lets you sign your emails to prove it's really you. Would be cool. π
Yeah I think the fediverse biggest limitation in general to achieving most of its stated goals is the fact that accounts are bound tightly to an instance
I follow nine other instances.
Then you should appreciate that the reliability of the social network is just fine. The idea is this social network isn't dependent on one instance.
Now, granted, if a big one struggles, the network loses some communities temporarily, but the network is stable and other instances remain active.
It's just growing pains from an extreme influx almost literally overnight and generally just that this is somewhat early days. It's going to be messy, it always is early on, no matter what the social network.
Also...there's a non-zero chance it's getting hit relentlessly by DDOS.
What's DDOS?
DDOS = denial of service attack. Attacker sends a bunch of requests overloading a service and causing other clients to experience.timeouts due to the service not being.abe.to.handle the load.
Distributed denial of service.
That first D is the one that makes the attack a real problem.
Yep, this is key. If youβre getting a bunch of malicious traffic from one source, thatβs easily fixed. Just drop the traffic.
But when that traffic is coming from hundreds or thousands of sources, that becomes much harder to address. Can you just drop traffic from those sources? Sure! But then you also risk dropping legitimate traffic.
There are also services that can automate the detection and prevention of DDOS attacks such as CloudFlare and Akamai, but these can get expensive very quickly, so it can significantly increase the cost to running the instance in question.
I honestly forgot what the first D was at that moment lol. While I agree it technically can be done pretty badly without distributed attacks. I read in the past couple of years of an approach attackers used was to make an application DOS itself from a single request. I think it required a vulnerability in the application in this instance though.
Twitter did this recently lol
It's like a group of people standing in line for the cashier and they each buy a single peanut with cash and have a question to the manager.
I like that picture, it makes it easier to understand for people who aren't that much into computers.
And now you can use that picture to even extend it with: We're currently enjoying our checkout at different registers, where there's not peanut nutjobs at the register. I like it too.
I read that it was a DDOS but I wonder what the motivation for doing that is? It isn't like you can extort any money out of lemmy.
Some people are just spiteful shitheads. Also, there's been a bit of a wave of DDOS attacks against US-registered sites lately- Archive of Our Own, a fanfiction website, got DDOSed a few weeks back. Seems like they're going after any site that doesn't have good DDOS protection and is based in the US.
I've had to go through a major change in thinking and adjust my interpretation in major ways.