Hi, I’m owls of the godless internets. I make software for a major university in the US midwest. In my free time, I run an expansive criminal syndicate that fronts as a heavy industrial conglomerate.

I like some games (GW2, DF, PoE, TTRPGs), PHP & Laravel, and fine dining.

You can find me on mastodon at @owls, which is probably a better way to get in touch with me. So if you need some time-sensitive mod/admin stuff, @ me there!

  • 5 Posts
  • 9 Comments
Joined 1 year ago
cake
Cake day: June 16th, 2023

help-circle
  • not the OP, but

    i was going to point to the did:plc thing they made up and went with. but since the last time i looked, it looks like they support (and prefer) did:web, so that’s sorted out.

    the “wtf” i have is more to do with actually running a community with atproto. you need a central crawler service that knows about all the PDSes you want to be friends with (this is presumably why you need to sign up in their discord right now, they gotta tell their crawler to look at your PDS)

    but i think the crawler has to grab the entire PDS for everyone it knows about? if you want a large community, it seems pretty resource-intensive since the ceiling is “infinity posts”. bsky’s open source code suggests they have chosen not to deal with this problem.

    with most AP services (e.g. mastodon), you can prune the data and the only consequence is “you don’t get full text search for super old posts received from other services that we pruned”, so there are ways to limit the cost other than “limit the number of users in our community”.

    but this may just be an implementation detail and not an issue with atproto, e.g. git shallow clones are a thing, and the PDS is also storing a big merkel tree. i am not sure if the indexer relies on having the complete history or not (since you do need it for certain operations). bsky’s own code just shrugging suggests maybe limiting it is challenging, i dunno.






  • If I’m running a tiny little single-user instance on a potato and my post goes to the mastodon.social federated feed, it would be impolite for them to direct 20,000 requests at my potato all at once. Instead, their servers grabs one copy and serves it to their users. If they’re set up for 20k eyeballs online at once, they’ve got capacity to serve them all the photo.

    Mastodon has a configurable clean-up period for cached media so you don’t use infinite disk. That gives a bad actor an easy way to robustly host images for a couple days: post it, let it federate out, and then take your server down. Everyone else is now doing crimes for you, and cleaning it up is a reactive process by dozens of server admins.







  • Email does rely on IP reputation as a major component in deciding if something is spam. The system has matured to a point where it works fairly well and transparently … but the consequence has been you can’t reliably send from an IP block unless somebody is very actively handling abuse and working with the reputation services to keep their IP space in the internet’s good graces.

    But: I wouldn’t want to allowlist based just on one reputation service. I’ve got some ideas on how to handle spam for my instances involving a few different datapoints. This could be useful as one, if it ends up with enough data.