Here you can see 2 day old post warning about the danger of not using email/captcha verification: https://lemmy.ml/post/1345031

And here are stats of lemmy platform where it shows that we gained 200 000 lemmy users in 2 days: https://lemmy.fediverse.observer/dailystats

Another tracking site with the same explosion in users: https://the-federation.info/platform/73

What do you think? Is it some sort of a bug or do people run bot farms?

Edit2: It’s been now 3 days and we went from 150 000 user accounts 3 days ago to 700 000 user accounts today making it 550 000+ bot accounts and counting. Almost 80% accounts on lemmy are now bots and it may end up being an very serious issue for lemmy platform once they become active.

Edit3: It’s now 4th day of the attack and the amount of accounts on lemmy has almost reached 1 200 000. Almost 90% of total userbase are now bots.

Edit 3.1: my numbers are outdated, there are currently 1 700 000 accounts which makes it even worse: https://fedidb.org/software/lemmy

  • weirdwallace75@kbin.social
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    2 years ago

    If you don’t want your info scraped, don’t put it online. Companies don’t even need accounts to scrape data, since Lemmy is fundamentally public.

    • Bloonface@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      2 years ago

      It’s been quite funny seeing people talking about how Meta is going to come onto fedi and scrape everyone’s Mastodon posts.

      1. Inasmuch as Meta gives a shit about scraping content, it is so that they can translate that into marketing reach. They don’t give a shit about your toots because they have no reasonable means of generating value for themselves from those posts, because they have no way of making you look at ads based upon them.
      2. Even if they could somehow generate value from your posts, they don’t need to start an ActivityPub-based social network to scrape everything you say. They can just open a no-name account on a reasonably-well federated server like Mastodon.social, grab an API key and suck down as much as they please. There’s no mechanism to prevent them from doing so.
      3. ActivityPub is not private and never has been. While obviously it’s morally dubious to scrape fedi, there’s nothing technologically preventing anyone from doing so, and frankly there are many worse actors that could do so than Meta.
      4. The normal operation of ActivityPub itself means that the moment your post gets federated to other servers, you lose final control over its viewership and destination.

      Basically I think if you don’t want other people you may not want seeing, downloading or storing what you have to say, don’t post it publicly and definitely don’t use ActivityPub.

      Sorry, bit of a tangent, but a lot of people are pretty oblivious to how obnoxiously unprivate fedi is.