Instances, of course, have some bot-mitigation tools which they can use to prevent signups, etc.

However, what’s stopping bots from pretending to be their own brand new instance, and publishing their votes/spam to other instances?

Couldn’t I just spin up a python script to barrage this post, for example, with upvotes?

EDIT: Thanks to @Sibbo@sopuli.xyz ‘s answer, I am convinced that federation is NOT inherently susceptible, and effective mitigations can exist. Whether or not they’re implemented is a separate question, but I’m satisfied that it’s achievable. See my comment here: https://programming.dev/comment/313716

  • terribleplan@lemmy.nrd.li
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    Subdomains work, and AFAIK you can’t block a TLD, only the full domain. You could probably write a script to auto-block subdomains or something though.