The news website It’s FOSS shares the experience of using decentralized social network Mastodon, highlighting the potential architectural vulnerability that could unintentionally lead to DDoS attacks.
According to It’s FOSS, after creating a Mastodon account with around 15,000 followers, they encountered frequent website crashes with a 504 Gateway Timeout error. Upon investigation, they discovered that the issue occurred when people shared links from It’s FOSS on the Mastodon network.
The problem stems from Mastodon’s link preview feature, which preloads messages and images when clicking links for preview in social feeds. Unlike centralized platforms like Twitter, where links are cached once, Mastodon’s decentralized nature requires all users following an account to preload links each time, potentially leading to unintended DDoS attacks.
It’s FOSS found that they were not the only ones facing this issue, with ongoing debates and discussions about Fediverse DDoS problems dating back to 2017 on Mastodon’s GitHub. The latest development includes a Mastodon developer acknowledging the issue and planning to address it in the upcoming 4.4.0 version, although the release date remains uncertain.
TLDR: It’s FOSS shares challenges with Mastodon’s decentralized architecture leading to potential DDoS vulnerabilities, with a developer hinting at a fix in the upcoming 4.4.0 version.
Leave a Comment