Skip Navigation

User banner

th3raid0r

@ th3raid0r @tucson.social

Posts
20
Comments
130
Joined
3 yr. ago

One foot planted in "Yeehaw!" the other in "yuppie".

My Alts:

If you see th3raid0r associated with any other instances it is NOT me and you should block and/or report them.

If an admin does not delete that user - they are complicit in bot spam and the instance de-federated.

  • Americans overestimate how many social media users post harmful content

    Jump

  • I certainly don't doubt the top line trends here in this study. However, I wonder how the fediverse might differ. Anyone can set up a Lemmy or Mastodon instance, regardless of their technical aptitude and desire to secure the instance from toxic content. It's also inherently more anonymous. A more direct comparison might be 4chan not Reddit.

    Both of the platforms they studied on have more sophisticated methods to determine bad actors because of their dominance. Particularly Facebook, where a profile is supposed to be mappable to a single, real identity.

    That being said, there's a very real concern about how algorithms end up placing these "loud mouths" in other people's feeds. After all, outrage is still something that is preferred by algorithms. So those 3 to 7% of users creating the toxic content, might represent an outsized proportion of views.

    It's good to know the reality on these platforms is that most people are reasonable. I guess the bigger question is why people come to the opposite conclusion. And I think that algorithms overly indexing on outrage are part of that.

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • Well, You're more than welcome to reach out on more secure comms, such as matrix to get the proof! It's strange how that's basically standard for most of the other respectable instances, but not here.

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • Do I know if they are the exact same individual - no - I can't know that because I don't have IP information from other instances. To use this limitation as a bludgeon is dishonest. Admins that host sockpuppets and know it aren't likely to ever reveal this information.

    Do I have clear evidence that the UM/CM0002/BarryGoldWater user(s) that attempted signup on my instance are bots - Oh definitely yes.

    Now, I see you are a mod not an admin. I do not typically share my methods with non-admins, and definitely not over a public forum like this.

    If the dbzer0 admin wants my supporting information, they may DM me with their preferred matrix handle/server, and i will happily discuss there.

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • Give the documents then? And am I a bot now too?

    Interesting how you continue to leave out the security implications of posting this publicly.

    Odd that.

    I know not if you are a bot, you aren't on my instance, nor would it be likely you could get through my process.

    I do know that you are awfully defensive of sockpuppet like behavior though.

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • Nooope, I have IP data, email logs, and other things. However, much of the data had fallen off my WAF retention period. Oddly convenient how you just assume I don't have these things rather than keeping them close because I don't want the bots to figure out how I'm catching them.

    When you conveniently leave out that providing proof reduces an admins ability to re-use certain detection methods, it makes me pretty convinced you're complicit.

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • How do you identify sock puppets? Are they all the same IP?

    From an Admin perspective, most botnets do a good job of distributing most of their traffic. But the key is they don't distribute ALL of their traffic.

    From a user perspective my advice is generally "if it quacks like a duck"...

    That is, is the persona that of an extreme stereotype? Are they overly contrarian? Is what they are doing destructive to those who claim similar identities? Then it's likely a sockpuppet.

    And if it isn't - oh well, treat them like one anyways - it's better for society that way.

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • CM0002 may not be shaking the cage as hard, but he is still a bot - and associated with the same botnet when I got a burst of signups for UM and his alts.

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • Barrygoldwater is a bot associated with UM. UM also is associated with CM0002 from an IP standpoint given the last "bot signup attack" I experienced. (Fun fact they use barrygoldwater in their email they use to sign up from)

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • Or rather, this admin, do they have a WAF? Are they analyzing the traffic that comes in? Are the sure they're checking every point of interaction for consistency? If no, then they didn't really "Check".

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • This admin will state that UM is a bot. And wouldn't ya know it some of the other signup attempts used the alt names. Weird that.

    I don't think many admins know infosec practices very well to be frank.

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • Fuck all, but luckily TrickDacy is here to instantly believe any baseless accusation.

    As an admin who had to fend off UM's bot signups - it's definitely not unfounded.

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • I have a more effective way of confirming things like this if interested…

    Probably not more effective than my method - but you need to be an instance admin to be able to use my method.

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • Yeah, whatever man - I had a huge "attack" one day, and wouldn't you know, about 4-5 of the usernames listed here were involved in that. Odd that. Also, their traffic patterns were hugely suspect.

    I spent hours into investigating that "perhaps these are real users" and nope, they fell right into my honeypot routes. UM and CM0002 are bots, full stop.

    They also aren't Tucsonans, which is why I didn't approve their signup.

    I don't think many admins actually know how to properly audit for bots - and honestly, that problem is harder when you're a global instance.

    It's part of why I don't think global instances will work for the fediverse, too vulnerable to bot manipulation. We need proof of humanity - and that scales better with local nodes.

  • Locked

    DonaldJMusk is running dozens of accounts

    Jump

  • Admin of tucson.social here - when UM signed up at tucson.social he made some crucial mistakes that made him easy to identify as a bot. Unfortunately, since this affects my security posture, I'm not keen on publicly posting what it is as he still makes the same mistakes.

    However, let me add this - there are multiple places we should be validating are accessed from the same IP in a registration flow - all to many bot farms centralize certain aspects of their operations and use the same IP every time for only certain parts of a given flow.

    I'll also add that many admins are either stupid about site security, or actively complicit in the bot problem.

  • And now what?

    Jump

  • I also just lost my father last Monday. He was in Quartzsite, AZ.

    Have you tried checking CL or Hotpads for a short term Casita? That'll save you a lot vs hotels.

  • Totes me

    Jump

  • Audhd here, It would be nice if it were a quiet log file. I log straight to the console AND it's probably with DEBUG enabled.

  • Framework Laptop 16. Upgraded!

    Jump

  • Yeah as soon as I saw that I went from "must buy" to "eh, maybe if my current laptop breaks". I mean, I know the iGPU is basically the same as the desktop, but with slower memory it won't really compare.

    Maybe next generation.

  • Linux is now 34 years old. Happy Birthday!

    Jump

  • You too!? Ha! Today I learned.

    I'll always know exactly how old Linux is. It's exactly as old as I am.

  • Linux is now 34 years old. Happy Birthday!

    Jump

  • Eh, it's more like the pregnancy announcement. Imo the v0.01 release on Sep 17th is a "Birthday".

    But then again I'm biased on this. 🙃

  • LYING TO CHILDREN

    Jump

  • Perfection!

  • Tucson Politics @tucson.social
    th3raid0r @tucson.social
    Featured

    Looking to get politically involved in Tucson? Start here

    takeactiontucson.org
  • Tucson Politics @tucson.social
    th3raid0r @tucson.social
    Featured

    Temporary Rule - Any Articles referencing "Deporting" a U.S. citizen shall henceforth be required to use the term "Exile" in the title.

  • UAP - The Most Active Community Discussing UAP/UFOs @lemmy.world
    th3raid0r @tucson.social

    How to photo/video a UFO/UAP - An astrophotography based approach

  • UFOs @lemmy.world
    th3raid0r @tucson.social

    How to photo/video a UFO/UAP - An astrophotography based approach

  • Tucson Politics @tucson.social
    th3raid0r @tucson.social

    Announcing Project Cornerstones - A collaboration with the Pima County Democratic Party - Protesting made easy

  • Gaming @beehaw.org
    th3raid0r @tucson.social

    My dad just got back online after years of boondocking it - he likes tactical shooters with a rich map making scene - what's out there?

  • Android @lemmy.world
    th3raid0r @tucson.social

    PSA - If your Pixel no longer connects to your wifi after the most recent update - disable WPA3 on your router.

  • Entertainment @beehaw.org
    th3raid0r @tucson.social

    Is it just me, or is Sci-Fi experiencing a sort of cultural renaissance right now?

  • Linux @programming.dev
    th3raid0r @tucson.social

    Trying out the different Arch based distros for fun and science - Why does Garuda perform so bad?

  • Neurodivergence @beehaw.org
    th3raid0r @tucson.social

    How would you describe your neurodivergent idiolect?

  • Programming @programming.dev
    th3raid0r @tucson.social

    As an SRE, what do I do about Alerts caused almost entirely by poor customer communication or misuse of a product?

  • Autism @lemmy.world
    th3raid0r @tucson.social

    What earplugs do y'all recommend? My sensory issues putting things in my ears makes most of them unpleasant for me.

  • Tucson Politics @tucson.social
    th3raid0r @tucson.social

    As we go into the 2024 Election season - some reminders

  • Tabletop Gaming @beehaw.org
    th3raid0r @tucson.social

    Awww yeah, my copy of Cities Without Number just arrived!

  • Tabletop Gaming @beehaw.org
    th3raid0r @tucson.social
    FoundryVTT Module

    github.com /th3raid0r/FoundryVTT-AI-Description-Generator/releases/tag/v3.0.0-alpha
  • DevOps @programming.dev
    th3raid0r @tucson.social

    Jeff Geerling made his book "Ansible for DevOps" Free on linkedin today.

    leanpub.com /ansible-for-devops/c/CTVMPCbEeXd3
  • Technology @beehaw.org
    th3raid0r @tucson.social

    Google sunsets Domains business and shovels it off to Squarespace

    www.theverge.com /2023/6/16/23763340/google-domains-sunset-sell-squarespace
  • Arizona @lemmy.world
    th3raid0r @tucson.social

    Tucson has an instance at tucson.social - feel free to join us! Especially our /c/sunsetshowdown!

  • Tucson @lemmy.ml
    th3raid0r @tucson.social

    An instance just for Tucson, owned by Tucsonans

    tucson.social