Does the fediverse have defense against watering hole attacks? (en.wikipedia.org)

submitted 2 months ago by dislocate_expansion@reddthat.com to c/asklemmy@lemmy.ml

11 comments fedilink hide all child comments

With so many variations of Lemmy and fediverse instances, are there any defenses against a malicious server running altered code? Is there a way to prove what code is supposed to be running on each instance?

all 12 comments

sorted by: hot top controversial new old

[-] taladar@sh.itjust.works 19 points 2 months ago

There isn't. However, Lemmy or other Fediverse applications are no different from any other website in that respect. The main difference is that the bit

One of the most significant dangers of watering hole attacks is that they are executed via legitimate websites that are unable to be easily blacklisted

is not really true in the Fediverse. You could easily block a single infected instance once it is detected that your employees are attacked via malware on that instance.

[-] dislocate_expansion@reddthat.com 1 points 2 months ago

The quick defederarion option is a nice defense. Could be some damage in the meantime though

[-] taladar@sh.itjust.works 1 points 2 months ago

I am not talking about defederation, just straight blocking of that website in a corporate or similar network if it is used to target your employees which is what watering hole attacks are all about.

[-] dislocate_expansion@reddthat.com 1 points 2 months ago

Yeah, but the average internet users doesn't understand these concepts. And with the use of "random-lemmy.random" it seems like it might be an easy attack to fall for

[-] Tabitha@hexbear.net 2 points 2 months ago

I don't think anything particularly interesting will happen except an admin will notice and the slam the unfederate button.

[-] xilliah@beehaw.org 1 points 2 months ago

You mean for users of that instance or for other instances?

[-] dislocate_expansion@reddthat.com 2 points 2 months ago

Either or. Would be more nefarious to have users sign up for a malicious instance unknowingly and then federate with non malicious instances

[-] xilliah@beehaw.org 1 points 2 months ago

Something to consider would be to compare this to the walled gardens, say Facebook. Is that a malicious 'instance'?

And then what is the chance to register on a malicious one in the fediverse?

[-] dislocate_expansion@reddthat.com 1 points 2 months ago

I think the chances are high since the domains are supposed to be novel, compared to Facebook which is a worldwide known domain and chances of impersonating it are slim or would require a client side hack

this post was submitted on 19 Apr 2024

15 points (77.8% liked)

Asklemmy

42496 readers

1913 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
!lemmy411@lemmy.ca: a community for finding communities

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago

MODERATORS

ada@lemmy.blahaj.zone

AdaShovelace@lemmy.ml