Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://shitposter.club/objects/e3a3f116-3c70-41ab-9952-299b8ebb27d1">p (p@shitposter.club)'s status on Monday, 04-Mar-2024 13:09:34 JST</a><a href="https://shitposter.club/users/p" title="p@shitposter.club"><img src="https://gnusocial.jp/avatar/71734-48-20221213174101.webp" width="48" height="48" alt="p" style="position: absolute; left: 0; top: 0;">p</a><div><a href="https://poa.st/objects/ca98504a-48ec-4eb9-b53b-dc8df035749e" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/143897" title="drand@techhub.social">Dave Rand</a></li><li><a href="https://gnusocial.jp/user/229345" title="gnarley_boot@norwoodzero.net">Gnarley Boot</a></li></ul></div></section><article><a href="https://poa.st/users/Herman_Hetherington">@Herman_Hetherington</a> <a href="https://norwoodzero.net/users/gnarley_boot">@gnarley_boot</a> <br><br>&gt; There was a company pulling every post off TWKN feed of FSE for quite a while specifically for the feds.<br><br>That was <a href="http://Boardreader.com">Boardreader.com</a>, which is owned by SocialGist.  They were monitoring for threats against "Blackrock Executives".<br><br>Very recently some dickhead professor from the Sloane Business School at MIT was scraping a large number of fedi instances.  He turns out to have been on fedi ( <a href="https://techhub.social/@Drand">@Drand</a> ) and he says he's really sorry and swears that it was an accident that he deliberately changed his scraper's user-agent to pretend to be a browser and then hammered the shit out of fedi.  Some time later, he turns out to have shown up in the pitch deck for a grant from the NSF, he's on a team that wanted to help social media companies avoid the PR blowback when they get caught censoring "misinformation".  ( <a href="https://screamshitter.club/rvl/full/835374c1bfa10895663d4d1c94500049823ea928fb7e9c47b01a6b7f8f07c091">https://screamshitter.club/rvl/full/835374c1bfa10895663d4d1c94500049823ea928fb7e9c47b01a6b7f8f07c091</a> ).  There's a thread about it:  <a href="https://nya.social/notes/818c3d1bdb3e20788eb08e25">https://nya.social/notes/818c3d1bdb3e20788eb08e25</a><br><br>Tangentially related, NATO SC was scraping <a href="http://nitter.poast.org">nitter.poast.org</a>, but they were only scraping their own account UA belonged to an electronic sign or something, probably they were just trying to get their Twitter posts onto a sign in the lobby without having to go through the Twitter API.<br><br>There have been other IP addresses that belong to government buildings sniffing around, a lot of them are just browsing.  There are a handful of scrapers that remain mysterious.  Probably more are coming, which is retarded because you don't even need to scrape fedi to get all of the posts.</article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2781921#notice-5525091">In conversation</a><time datetime="2024-03-04T13:09:34+09:00" title="Monday, 04-Mar-2024 13:09:34 JST">Monday, 04-Mar-2024 13:09:34 JST</time> <span>from <span><a href="https://shitposter.club/objects/e3a3f116-3c70-41ab-9952-299b8ebb27d1" rel="external" title="Sent from shitposter.club via ActivityPub">shitposter.club</a></span></span><a href="https://shitposter.club/objects/e3a3f116-3c70-41ab-9952-299b8ebb27d1">permalink</a><h4>Attachments</h4><ol><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://nitter.poast.org/">https://twitter.com/</a></h5><div></div></header><div></div><footer></footer></article></li><li><article><header><img height="36" width="36" src="https://gnusocial.jp/thumbnail/808938?w=36&amp;h=36"><h5><a href="https://boardreader.com/">Boardreader - Forum Search Engine</a></h5><div></div></header><div></div><footer></footer></article></li><li><article><header><div>Domain not in remote thumbnail source whitelist: nya.social</div><h5><a href="https://nya.social/notes/818c3d1bdb3e20788eb08e25">anatil e\x9f\xf0\xbc\xa5n lu\x00l (@natalie)</a></h5><div></div></header><div>there is currently a bot inside MIT IP space, address `18[.]4[.]38[.]176`, scanning fedi at large. i have confirmed this with 5+ unrelated instance admins, large and small instances, across mastodon/misskey/pleroma/akkoma.the bot is poorly behaved. i have observed it making repeated requests, multiple times per second, for the exact same paths (the paths being, generally: user profiles, specific posts, and sometimes following links in posts). returning 403s does not stop this activity. one of my domains received hundreds of additional requests despite replying with 403 to all of them. i have also seen it make requests for paths containing html tags - seems like a badly written parser. the purpose of these requests and what data is being gathered is unclear.PTR on the ip returns `sts-drand03.mit.edu`. a quick web search for "mit drand" brings back https://mitsloan.mit.edu/faculty/directory/david-g-rand and his personal website: https://davidrand-cooperation.com/ (note: other IPs in the /24 also have names in the PTR which match up with names of MIT faculty, but only the .176 IP appears to be involved in this activity).
seems he's doing research into "misinformation" and "fake news" on social media. he also appears to be on fedi! so @Drand@techhub.social, given this activity is sourced from an IP with your name on it, could you share the purpose of this traffic? what data is being collected and how is it being used? do you plan to respect robots.txt or identify yourself in your useragent? is there a process for instance admins to opt out of this activity other than blocking the source IP?</div><footer></footer></article></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/2332030">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
p (p@shitposter.club)'s status on Monday, 04-Mar-2024 13:09:34 JSTp
in reply to
@Herman_Hetherington @gnarley_boot

> There was a company pulling every post off TWKN feed of FSE for quite a while specifically for the feds.

That was Boardreader.com, which is owned by SocialGist. They were monitoring for threats against "Blackrock Executives".

Very recently some dickhead professor from the Sloane Business School at MIT was scraping a large number of fedi instances. He turns out to have been on fedi ( @Drand ) and he says he's really sorry and swears that it was an accident that he deliberately changed his scraper's user-agent to pretend to be a browser and then hammered the shit out of fedi. Some time later, he turns out to have shown up in the pitch deck for a grant from the NSF, he's on a team that wanted to help social media companies avoid the PR blowback when they get caught censoring "misinformation". ( https://screamshitter.club/rvl/full/835374c1bfa10895663d4d1c94500049823ea928fb7e9c47b01a6b7f8f07c091 ). There's a thread about it: https://nya.social/notes/818c3d1bdb3e20788eb08e25

Tangentially related, NATO SC was scraping nitter.poast.org, but they were only scraping their own account UA belonged to an electronic sign or something, probably they were just trying to get their Twitter posts onto a sign in the lobby without having to go through the Twitter API.

There have been other IP addresses that belong to government buildings sniffing around, a lot of them are just browsing. There are a handful of scrapers that remain mysterious. Probably more are coming, which is retarded because you don't even need to scrape fedi to get all of the posts.
In conversationMonday, 04-Mar-2024 13:09:34 JST from shitposter.clubpermalink
Attachments
1. No result found on File_thumbnail lookup.
  https://twitter.com/
2. Boardreader - Forum Search Engine
3. Domain not in remote thumbnail source whitelist: nya.social
  anatil e\x9f\xf0\xbc\xa5n lu\x00l (@natalie)
  there is currently a bot inside MIT IP space, address `18[.]4[.]38[.]176`, scanning fedi at large. i have confirmed this with 5+ unrelated instance admins, large and small instances, across mastodon/misskey/pleroma/akkoma. the bot is poorly behaved. i have observed it making repeated requests, multiple times per second, for the exact same paths (the paths being, generally: user profiles, specific posts, and sometimes following links in posts). returning 403s does not stop this activity. one of my domains received hundreds of additional requests despite replying with 403 to all of them. i have also seen it make requests for paths containing html tags - seems like a badly written parser. the purpose of these requests and what data is being gathered is unclear. PTR on the ip returns `sts-drand03.mit.edu`. a quick web search for "mit drand" brings back https://mitsloan.mit.edu/faculty/directory/david-g-rand and his personal website: https://davidrand-cooperation.com/ (note: other IPs in the /24 also have names in the PTR which match up with names of MIT faculty, but only the .176 IP appears to be involved in this activity). seems he's doing research into "misinformation" and "fake news" on social media. he also appears to be on fedi! so @Drand@techhub.social, given this activity is sourced from an IP with your name on it, could you share the purpose of this traffic? what data is being collected and how is it being used? do you plan to respect robots.txt or identify yourself in your useragent? is there a process for instance admins to opt out of this activity other than blocking the source IP?
4. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice