Imagine your life is so worthless that you decided to ddos a feddiverse instance
I mean it could also be someone that was hired to do it. You know getting rid of the competition before it becomes a real competitor.
They’re a nuisance, but are proving the benefits of a decentralized system more than anything else.
Turn the question back, actually. Do the DDOSers even think they’re achieving anything relevant, beyond being a bit annoying? .world is down from time to time, wow, how terrible. It’s not like I can’t log onto any other server and interact with world’s channels and threads from there, only to have my posts and upvotes become globally available as soon as world is back- Oh, wait, that’s exactly how it works.
Each instance keeps a local copy of the communities they’re federated with. Users of that instance interact with the local copy, and instances communicate with each other to tell what’s going on.
This means that, if .world crashes at 5PM, and you have an account on lemm.ee, you can go to lemm.ee’s local copy of world->worldnews, find a thread started at 4PM, comment on it, and other lemm.ee users will see and upvote/downvote your comment.
When .world is back on at 7PM, lemm.ee will tell it: “Hey, Cold_Brew_Enema said [Thanks a lot for the gold kind stranger] and got 6 downvotes”, and .world will update the thread with your comment and downvotes for users of all instances to see.
This is my understanding of how it works, and I’m not familiar with the actual code, but it seems to be close to reality.
No, you make an alt-account on a non-world instance and interact with world communities from there. The only issue is that you aren’t carrying over your subscriptions and blocks unless you use a special tool, about which I don’t know much.
I tried figuring out how to use the Lemmy API to subscribe to all my subscriptions from my kbin account a week or two ago
I remember getting stuck and giving up, so I think I’m going to do it semi-manually or something later on, unless some kind wizard blesses me with the name of such a tool
No. It’s basically like signing in at another e-mail provider. Instead of asdfasdfasdf@yahoo.com you now have asdfasdfasdf@hotmail.com and can from then on e-mail the same contacts. Just with posts, threads and comments instead of e-mail of course.
From the recent update shared, it seems like the ddos is coming from inside the hoose (ie the ddos attacker might be another lemmy instance). In other words the point of the ddos appear to be to cause people to move off of lemmy.world. so in a way it is working. A lot of people are telling people to move off lemmy.world.
People, if an instance is crumbling, sign up to another instance! When you are able to use lemmy.world again, use lemmy2opml/lemmy_migrate (or any other tool that works, there’s a list on the Awesome Lemmy Github page) to migrate your followed communities to the new instance.
I don’t think the problem is much on the identification side, but on the communities one
Like, I can’t access any community on .world while the instance is down
You actually can, you just append @lemmy.world to the community name when accessing from another instance that’s federated with lemmy.world and once lemmy.world comes back up your contributions will be there. Any instance that’s federated with the instance your posting from will be able to participate in the discussion with you for that matter. The only thing you can’t do with a community when the host instance is down is subscribe to it. It would still get added to your subscriptions though if you try, the hosting insurance just won’t know until it comes back up and eats through the outboxes of federated instances to “catch up”.
Edit When it does come back up it’ll also get any messages that are in federated outboxes as well so your posts will ultimately show up on the host instance, just posted by your alt account
wait so how does this work on a technical level?
say I am part of a community of /c/weirdstuff that’s on lemmy.world.
if lemmy world is down how do my comments get to lemmy.world? are they stored on whatever instance I am registered on and then synced to lemmy.world once it’s up?
I sure it’s Spez.
Who and why is attacking lemmy.world?
Pasting my comment from another thread.
From what I understand a user(Lmao/Angled) was “sub-lemmy camping” (took up thousands of popular sub names and wasn’t doing anything with them) so lemmy world banned him from that instance. He had a hissy fit and “vowed revenge” and has been attempting to do as much damage to .world as he/they could since. I can’t find the original post but https://old.lemmy.world/post/943832 and https://old.lemmy.world/post/1720870 has a bit of detail.
And that guy probably didn’t do anything with the communities and just hoarded them? What a donkey…
My guess is it was to weasel his way into having mod control over as many subs as he could in hopes some would take off. This happened in June around the time reddit was having their blackout protests.
Up to date post. https://old.lemmy.world/post/2923697
Doesn’t give much on who and why, more on what/how along with dispelling some myths.
Whoever is doing it is very quickly walking through a list of expensive queries to use in their DDoS attacks. Lemmy.world is playing whack-a-mole instead of proactively rate limiting/mitigating expensive queries. It may be that all their time is spent diagnosing and fixing with none left for proactive fixes.
The fact that the attacks are evolving and always hitting expensive queries implies that it’s a moderately skilled person/group familiar with the lemmy codebase.
You can speculate on motives as well as I can.
The net effect will be a more robust server and hopefully that code/knowledge is disseminated to other instances.