this post was submitted on 23 Jun 2023
118 points (88.3% liked)
sh.itjust.works Main Community
7737 readers
1 users here now
Home of the sh.itjust.works instance.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Tell me about it.
I don't think many people realize how little effort it would take me, to go and create a bot that just creates accounts on their instance, and then posts pro-trump things on other instances.
Let that run for, oh. a day or two, and I imagine that would be the end of federation for everyone.
I heard there is the option to enable captcha in the new 0.18 version, so there should be some protection soon.
edit: I had it the wrong way around and the removed captcha in 0.18 to reimplement it in a future version
100% NOT a bot here...
All captchas are easy to crack because there are services that employ workers to solve captchas. You can buy packages of solves and they guarantee a specific accuracy rate and solve time. You submit via an API and get a result back in a few seconds. The result may be a string or it may include a mapping of how the user interacted with the app (which your client then emulates to fool the captcha app that it is receiving human input).
It's just another electronic service provided by workers in low wage countries.
Captchas mitigate the issue slightly but they're not a magic solution to bots. They can be the difference between the instance gaining 1,000 bot accounts in a day instead of 10,000,000 however.
There was captchas in 0.17 too.
The problem is, captchas are not effective against bots. Its trivial to solve captchas with a bot... much quicker then we can solve them as humans.