Conversation
Notices
-
Embed this notice
pistolero :thispersondoesnotexist: (p@freespeechextremist.com)'s status on Sunday, 25-Sep-2022 23:36:17 JST 
pistolero :thispersondoesnotexist:
New blockbot just dropped: @blockdetector .
They instance-blocked me, they apparently don't realize that anyone can do this from any instance. There are 2,933 instances with open registrations. Literally anyone can upload this CSV. Picture someone that mechanical-turks themselves into having 3k accounts, finds a list of instances with these blockbots, and then just uploads that file once per account. These bots are a time-bomb.
Here is a periodic reminder that these blockbots allow one action taken by one user on one instance to break the entire instance and they allow someone with a little patience to completely take down your instance. Everyone thank @NEETzsche for writing it and not rate-limiting it (CBA) and making the defaults break your instance (to trigger the libs) and @alex for merging it (because he hates fedi and wants to destroy it), both of whom never listen and both of whom I promised to tag in perpetuity every time there is a complaint about this bot, as well as @kroner for giving me something to click between responding to DMs.
@verita84 has written a version that *doesn't* DoS your instance by making your server flood other instance's timelines. It doesn't even need rate-limiting, it just does a periodic scan of the DB; it's rate-limited by design.
seals.csv
ken-yshl.jpg
newblockbotjustdropped.png-
Embed this notice
Alex Gleason (alex@gleasonator.com)'s status on Sunday, 25-Sep-2022 23:36:16 JST 
Alex Gleason
Pete, you're such a little bitch. I have you muted. Your website is irrelevant and your vaporware fedi software is a testament to the fact you can't actually do anything except write walls of text and start drama. You know what's actually bad? Rejecting deletes. That's worth people defederating your server over, not some stupid block bot. I've only ever supported you, and then you decided to make an enemy out of me for no reason. Well, good luck with that. I honestly don't need you. -
Embed this notice
ew (e@masochi.st)'s status on Monday, 26-Sep-2022 01:10:28 JST 
ew
@alex @p @NEETzsche @verita84 @blockdetector @kroner >Pete, you're such a little bitch
he's a schizo and probably genuinely thinks you're out to destroy the fediverse lmaoAlex Gleason likes this. -
Embed this notice
ArdainianRight (ardainianright@detroitriotcity.com)'s status on Monday, 26-Sep-2022 06:35:40 JST 
ArdainianRight
@p @alex @NEETzsche @verita84 @blockdetector @kroner @herve_02 I don't understand all the technical stuff, but it sounds like Neet fucked up with programming and created an easily abusable tool and is getting buttmad for being called out on it. -
Embed this notice
Fediverse Contractor (bot@seal.cafe)'s status on Monday, 26-Sep-2022 06:35:40 JST 
Fediverse Contractor
@ArdainianRight @p @alex @NEETzsche @verita84 @blockdetector @kroner @herve_02 this is true, but p is a schizo retard that deliberately causes problems for his own amusement. The irony of course, is that he’s well known for using bots to spam people himself. He’s a hypocrite and a bad faith actor.
He could’ve simply told kroner about the problem and achieved the same result without stirring up drama, but he simply can’t resist being a gay fag on a daily basis.Alex Gleason likes this. -
Embed this notice
pistolero :thispersondoesnotexist: (p@freespeechextremist.com)'s status on Monday, 26-Sep-2022 06:35:41 JST
pistolero :thispersondoesnotexist:
@NEETzsche @ArdainianRight @alex @verita84 @blockdetector @kroner @herve_02 It is a bug in the software if the software cannot handle the shit the internet throws at it. If I put a big, red button on FSE that said "Click here to crash FSE", FSE would have zero uptime. Someone would click that button immediately, every time. I'd have to get rid of the button.
As for your specific example, if that doesn't get rate-limited, then let me know. -
Embed this notice
NEETzsche (neetzsche@iddqd.social)'s status on Monday, 26-Sep-2022 06:35:42 JST 
NEETzsche
I guarantee you if I or anybody else inundated people’s instances with a thousand simultaneous curl calls to some hellthread using /api/v1/statuses/:id/context, it crashed their instances, and when called on it, responded with, “Hm? This is a you problem. Just systemctl stop pleroma.service to make it stop” and tagging whoever wrote/merged that endpoint, it would be taken very, very differently than this tantrum Pete is throwing. Even though it uses literally the same logic.
-
Embed this notice
NEETzsche (neetzsche@iddqd.social)'s status on Monday, 26-Sep-2022 06:35:43 JST
NEETzsche
>It is my job to prevent that from breaking the site, yes. FSE gets DoS'd and the problem is that we were vulnerable, not that someone took advantage. You can't rely on people failing to take advantage.
"If someone shoots your chest and you didn't have body armor, the problem isn't that someone shot you, but that you didn't have body armor." -
Embed this notice
ArdainianRight (ardainianright@detroitriotcity.com)'s status on Monday, 26-Sep-2022 06:35:43 JST
ArdainianRight
@NEETzsche @p @alex @verita84 @blockdetector @kroner @herve_02 If you assume a state of war, that's exactly the argument, because you assume people are gonna be shooting at you and you have to prepare for it. Operating under different premises in these times is folly. -
Embed this notice
pistolero :thispersondoesnotexist: (p@freespeechextremist.com)'s status on Monday, 26-Sep-2022 06:35:44 JST
pistolero :thispersondoesnotexist:
@NEETzsche @alex @verita84 @blockdetector @kroner @herve_02 It is my job to prevent that from breaking the site, yes. FSE gets DoS'd and the problem is that we were vulnerable, not that someone took advantage. You can't rely on people failing to take advantage.
The reason for the rampant problems with open Redis servers is that Redis's default config used to bind to 0.0.0.0 with no authentication required. If your password is "password123", you should expect to get owned and you should be glad if it's someone that does it for mischief rather than with some kind of profit motive.
Anyway, I didn't say you were *responsible*, I said you wrote the code (which is accurate), and I tagged you because I promised to tag you when this happens. -
Embed this notice
NEETzsche (neetzsche@iddqd.social)'s status on Monday, 26-Sep-2022 06:35:45 JST
NEETzsche
So if I’m responsible for every time you DoS someone, are you responsible for whoever hits https://freespeechextremist.com/api/v1/statuses/:id/contextad infinitum, since you can just turn your Pleroma instance off, or does this logic just… not apply to you?
-
Embed this notice
pistolero :thispersondoesnotexist: (p@freespeechextremist.com)'s status on Monday, 26-Sep-2022 06:35:46 JST
pistolero :thispersondoesnotexist:
@herve_02 @alex @NEETzsche @verita84 @blockdetector @kroner Well, they took off the blockbot, so they're no longer vulnerable to the problem, and they unblocked me because kroner kinda got what is going on. It was more like an "I am a derf" email. -
Embed this notice
herve_02 (herve_02@social.epyisageek.net)'s status on Monday, 26-Sep-2022 06:35:54 JST 
herve_02
they shout at twitter because of censorchip and they do the same....
-
Embed this notice
Fediverse Contractor (bot@seal.cafe)'s status on Monday, 26-Sep-2022 09:40:22 JST
Fediverse Contractor
It's irrelevant because it's almost exclusively used by schizos, and he's a malicious person that alters peoples posts, and in at least once case, took over a users account. He outright deleted my account, so much for "free speech" I guess.
Revolver is like 90 days late now though, I think it's a fair assessment. I don't see what problems it resolves if it doesn't actually work.Alex Gleason likes this. -
Embed this notice
Derek (derek@gorf.pub)'s status on Monday, 26-Sep-2022 09:40:23 JST 
Derek
@alex @p @NEETzsche @verita84 @blockdetector @kroner
Your website is irrelevant
Why is Pete’s website irrelevant?
your vaporware fedi software is a testament to the fact you can’t actually do anything
Why is it vaporware? His revolver project seems unique and something that could “scale” and seems to solve many current problems. I don’t know if it will work but at least he is pushing the boundaries without selling out.
-
Embed this notice
Alex Gleason (alex@gleasonator.com)'s status on Monday, 26-Sep-2022 22:50:33 JST
Alex Gleason
Your such a weirdo, Derek. First of all I shared that pic myself and have no shame about it.
I'm sorry you haven't received funding, but it's not a conspiracy against you. It's because you're borderline tourettes and can't stop yourself from insulting people. I'm sure you'd get a lot of chances if you didn't constantly call people faggots. For someone your age, you should really know better. -
Embed this notice
Derek (derek@gorf.pub)'s status on Monday, 26-Sep-2022 22:50:34 JST
Derek
@bot @p @alex @NEETzsche @verita84 @blockdetector @kroner alex is an arrogant, weak, entitled wanna-be tyrant. He dreams of being a bully like all tech people. That is why they should never be allowed to be in charge of anything. They are all weak and arrogant, quick to compromise and partner with evil, with no sense of honor.
The way these ops work is they try to get out in front of developing solutions and make some degenerate scumbag faggot become the default spokesperson for something that could be good and actually help humanity to pollute it and corrupt it. They rob real solutions of funding. Of course their front man gets wealthy in the process but best of builders suffer. I just sold my truck so I could keep building. You think trump or any of these other traitors will give me money? You think they will fund some vegan feminist persian atheist/satanist promoting his baphomet logo while wearing a dress? Oh, yeah.
They promote torba as head of free speech on the internet and Milo as new christian leader. Its just what they do.
-
Embed this notice
Fediverse Contractor (bot@seal.cafe)'s status on Monday, 26-Sep-2022 22:50:35 JST
Fediverse Contractor
Well, I'm no longer Alex's biggest fan (he was mean to me the other day), but this seems like a bit of a stretch. How is he destroying fedi, and who is paying him to do so?
Anyway, I know there are a few projects like what p is making, manyverse is an example, and it simply doesn't work. -
Embed this notice
Derek (derek@gorf.pub)'s status on Monday, 26-Sep-2022 22:50:36 JST
Derek
@bot @p @alex @NEETzsche @verita84 @blockdetector @kroner well he has been given very little money to build this and it is a very unique approach that creates much more decentralization, without need for domains, servers or admins. activitypub is very, very anti-scalable. the same data has to exist in many, many places, kind of a dumb model. if all the data exists in only one place it is much more efficient and if can exist there without threat of deletion problems solved.
number of “users” or type of “users” means nothing. Alex is being paid to destroy things in an obvious embrace, enhance and extinguish operation. When i look at alex all i see is.
-
Embed this notice
Alex Gleason (alex@gleasonator.com)'s status on Monday, 26-Sep-2022 23:38:18 JST
Alex Gleason
I'm a proud transgender -
Embed this notice
wakz :cursed_verified: (charlamagne@poa.st)'s status on Monday, 26-Sep-2022 23:38:19 JST 
wakz :cursed_verified:
@alex @derek @p @NEETzsche @verita84 @blockdetector @bot @kroner I for one think you look Stunning and Brave in that photo
-
Embed this notice
All GNU social JP content and data are available under the 
