• 0 Posts
  • 4 Comments
Joined 1 year ago
cake
Cake day: June 13th, 2023

help-circle


  • It is not, but a write amplification of 36704:1 is one hell of an exploitable surface.

    With that same Raspberry Pi and a single 1gbit connection you could also do 333333 post requests of 3 KB in a single second made on fake accounts with preferably a fake follower on a lot of fediverse instances. That would result in those fediverse servers theoretically requesting 333333 * 114MB = ~38Gigabyte/s. At least for as long as you can keep posting new posts for a few minutes and the servers hosting still have bandwidth. DDosing with a ‘botnet’ of fediverse servers/accounts made easy!

    I’m actually surprised it hasn’t been tried yet now that I think about it…


  • The biggest red flag is probably that they claim to just be the WireMin protocol, but haven’t published any protocol specifications. In the spirit of open and unmoderated communication I would hope they would at least publish their protocol specifications, even if they won’t opensource their own client for it.