Update: Pushing back against the wave of bot accounts on Lemmy

cross-posted from: sh.itjust.works/post/1823812

This is an update to my previous post about suspicious inactive accounts on a handful of instances: (https://sh.itjust.works/post/998307).

I ended up messaging the admins at the 16 instances show in the attached image. I pointed out their wild user numbers, and referenced the lemmy.ninja post detailing how that instance scrubbed suspicious accounts from their user database.

6 admins responded. They had all noticed the odd accounts and either thought the numbers were wrong, or weren’t sure how to purge the suspicious accounts without nuking their databases. In the end they managed to delete a combined total of about 338k dormant accounts from their instances. (One of the instances seems to have gone down since then.)

I never received a reply from the other 10 instance admins, though 8 of those 10 instances appear to be down (as of 27 July 2023). 2 instances are still up and unchanged.

Between the actively removed accounts and the downed instances, this represents a loss of 930,004 inactive Lemmy accounts!

You can see the drop in the graphs on The Federation. The total number of Lemmy accounts has been cut in half over the past 3 weeks, from a peak of 2.18M to today’s 1.09M. The change is mostly from these 16 instances.

I have to admit, I did not expect such a large change when I started this! Hopefully this bodes well for Lemmy’s future as a place where actual humans interact, rather than a cesspool of automated comments and upvote/downvote brigading.

That’s all I have for now. Keep your stick on the ice; we’re all in this together.

BarterClub,

Looks like two severs need to be blacklisted.

A2PKXG,
@A2PKXG@feddit.de avatar

Can Lemmy even protect itself against spam while being open?

WarmSoda,

What are qualifications for being an active account? I didn’t see any details in the other thread about it either, just the graphs. Is it just post/comment creation? Is it page views? Log ins? Does voting up or down register an account as Active?

If it’s only post/comments then you’re possibly deleting a bunch of lurkers too.

SmoothSurfer,

May I politely ask how did you realize those inactive accounts

SmoothSurfer,

Dude wtf, there are relatively many fucking servers which have well over thousands of inactive users. I checked some and it seems the mods of them are just posting under 5 posts on some other servers and than creating some communities in their own server and then leave quietly. Thats too sus… It may be too much paranoiac to think that there is more going about those servers but I just cant stop thinking it is too absurd

nutomic,
@nutomic@lemmy.ml avatar

Some of them are probably lurkers. Might be good for Lemmy to store the last login time, so admins can consider that when purging accounts.

SmoothSurfer,

This is a possibility, but I think a lurker wouldn’t sign up to those servers, they are literally randomly named empty servers. They would prefer more known servers, or they may just look up which server to choose and eventually end up on registering to known server.

arc,

When an account is signed up, is there information such as client ip address that could also be used to spot more inauthentic activity? And more generally, sign up should probably be made resistant to automated bots by randomizing HTML layout & ids and using captchas so it’s not so easy to drive sign up through scripts.

FeelzGoodMan420,

Unfortunately no website is safe from the cancer of AI/bots. The Internet is truly in trouble.

FlashMobOfOne,
@FlashMobOfOne@lemmy.world avatar

I don’t think I’ve ever upvoted something more enthusiastically in my life.

Cheers and thank you.

ulu_mulu,
@ulu_mulu@lemmy.world avatar

Good job!

unodostres,

Thanks dude

Historical_General,
@Historical_General@lemmy.world avatar

Good work guys.

Blackmist,

Does Lemmy have a way to link to a post that anyone can use?

I can click the links up there, but it takes me to sh.itjust.works and that’s not where I am in the Fediverse, so when I get there I’m no longer logged in.

And if so, can we have it so “wrong” links are corrected into the right format?

NicoCharrua,
@NicoCharrua@lemmy.ca avatar

No way to do this I don’t think, but you can paste the link into the search bar and that shows you the post on your instance so you can interact with it.

It’s a bit janky but it works.

Blackmist,

That didn’t work for me. Possibly not “on” my instance, if that’s how any of this works…

It does look like others have noticed it as well though.

github.com/LemmyNet/lemmy/issues/2987

soupspoon,

Did you copy the link text and not link address, and put that in the search bar of your instance?

Blackmist,

Yeah, it got two results and one was a link to this post. I must have clicked on the same one twice, because the other is the actual link I was after. 🤷‍♂️

Kodemystic,
@Kodemystic@lemmy.kodemystic.dev avatar

How did those accounts get created in the 1st place? Arent there captchas? Or are there ways around that? Strong captcha system should he implemented in lemmy by default

szczuroarturo,

Capthas are ineffective since a ver very long time

greybeard,

Captchas are a low bar to modern standards. All the advancements in AI are a problem for captchas. Machine vision tools have become abundant and simple. Unfortunately, I’m not sure what more you can do except require human review of access.

kersploosh,
@kersploosh@sh.itjust.works avatar

I’m not sure about all of them, but at least some of these instances did not have captcha or email verification enabled when they were first set up. They were easy targets for scripted account creation

Squeezer,

Now I understand why youtuber AvE says “keep your dick in a vice” thank you so much.

cpo,

Who needs fraudulent/abuse accounts anyway. I have moved to lemmy and am here to stay!

Thanks for the work!

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • uselessserver093
  • Food
  • aaaaaaacccccccce
  • [email protected]
  • test
  • CafeMeta
  • testmag
  • MUD
  • RhythmGameZone
  • RSS
  • dabs
  • Socialism
  • KbinCafe
  • TheResearchGuardian
  • oklahoma
  • feritale
  • SuperSentai
  • KamenRider
  • All magazines
    •