Follow

this weekend i made a library for working with activitypub servers :blobcatsurprised:

it expands on work i did to try and answer the question "how many dead servers am i connected to?"

once i'm done with the docs (currently in the testing phase) i'll publish it someplace

somebody tell me about the activitypub threat model for when a server's domain name expires and years later is bought by a malicious party in order to assume the role or rights of a specific actor

@garbados aren't there keys for that sort of thing? Like part of the reason it's difficult to relaunch an instance from scratch is everyone has old keys cached for the old server?

@sungo rainbow tables 🤷‍♀️ a sufficiently motivated attacker finds a way, but i suspect such an attacker would find itself an easier way, too.

@garbados I think they're real encryption keys so a bit more difficult to crack than throwing some rainbow tables at it. But sure, eventually crackable probably. I was more saying I don't think you can just load a new blank instance and start getting the old one's traffic.

@sungo sorry, by "rainbow tables" i actually meant just "having put enough time into it." my bad, sorry.

@garbados @sungo do rainbow tables work for recovering a private RSA key?

@raven no, i misspoke. @sungo and others have shown me it's probably something nobody will have to worry about, pending a sufficiently motivated attacker 🤷‍♀️

@garbados I was thinking about this very same thing today as I was cleaning up my follows of dead instances

They should expire after a week or two of no contact.

@garbados Practically, same as with basically any kind of federated system: The identity is the address (user@host for email/XMPP/webfinger, URL for ActivityPub) and the protocol tends to leak the social graph/contact list over time.
And well email is very slow&inefficient at it (but OpenPGP leaks it securly :D), XMPP is almost instant at it and you can recover it fully, and I think current ActivityPub is basically fast email.
I think we could make it better but making it good would require crypto and you need to be really careful with it.

@garbados dead fedi servers make up so much garbage in sidekiq

@adasauce i was astounded to learn there's no garbage collection process for dealing with them

@adasauce someone's gonna buy an obscure domain name that happened to belong to a masto instance years ago and find themselves bombarded by the federated timeline's collective traffic, a force tantamount to a distributed attack.

@garbados i started issuing domain blocks for a while as a stopgap, but it was a huge pain and started adding a bunch of load going through and deleting local content and media.

gave up after a while

Sign in to participate in the conversation
Toot.Cat

A Mastodon instance for cats, the people who love them, and kindness in general. We strive to be a radically inclusive safe space. By creating an account, you agree to follow our CoC.