Back

The long story short with the Mastodon spam woes this weekend is it’s a deliberate attack exploiting Fediverse and Mastodon issues.

They’re using Tor exit nodes and everything is automated. I think they can just keep running it, as there is no barrier to stop them.

To keep it in perspective, though, I don’t think it’s a big deal at present. People should just ignore it.

There is a bunch of technical issues it highlights, which is that Fediverse is very open to abuse at present. There’s no spam filtering at all. It’s like email from 1996. It’s wide open to abuse.

IMHO Mastodon admins should enable CAPTCHA for registration - it’s supported out of the box - if they run open sign ups.

Ideally Mastodon would add easy install third party plugins (a la Wordpress etc) so people could develop optional plugins for anti-spam and anti-malware.