Interesting story from @tedium about an extortion scheme targeting prominent personalities on Bluesky who don't own their own domain.
-
Interesting story from @tedium about an extortion scheme targeting prominent personalities on Bluesky who don't own their own domain.
"Cybersquatting is not a new issue, of course, but Bluesky’s decision to tie verification to domains as social proof shows the limitations of the strategy."
So, Bluesky Has An Extortion Problem
An apparent extortion scheme lit up Bluesky the other night. It raises some important questions about whether Bluesky is up to the task of moderation.
Tedium: The Dull Side of the Internet. (tedium.co)
I wonder how this would play out in the fediverse.
-
T [email protected] shared this topic
-
O [email protected] shared this topic
-
DJM (freelance for hire)replied to Stefan Bohacek last edited by
@stefan Seems BS T&S is abysmally bad. There have been many more problems since last week (Singal, etc.).
The composable moderation works with smart people. Bad players will profit if the T&S team is not up to the task.
Oh and never forget that everything's public on BS, even your block list...
-
M [email protected] shared this topic
-
Adam Katz :donor:replied to Stefan Bohacek last edited by
@stefan @tedium if Mastodon were larger, it would have this same problem but worse (since there is no centralized moderation); there's nothing stopping somebody from setting up @[email protected] or @[email protected]. It's a cost of federation.
-
Stefan Bohacekreplied to Adam Katz :donor: last edited by
@adamhotep Well the real problem comes from the fact that some fediverse platforms, including Mastodon (https://docs.joinmastodon.org/user/profile/#verification) and Friendica (https://wiki.friendi.ca/docs/verify_homepage) let you verify links you put on your profile.
I see that you have a verified GitHub link on yours, with a green checkmark.
I could easily create https://github.com/therealadamhotep, and verify that on another account, making it look more authentic than just a matching username.
-
@adamhotep I still think this is overall a great way to manage verification, I suppose, as someone else said in my replies, it just has to fall on server admins to handle cases of impersonation. I think this works better in a truly decentralized system, as impersonators can't as easily get traction.
-
Stefan Bohacekreplied to DJM (freelance for hire) last edited by
@cybeardjm Yeah, after hearing how much better the safety and privacy features are on Bluesky, I was a bit surprised by reports of all these issues they've been having.
