⚠️ Do not move your account to mastodon.cloud.
-
@FediTips with all the security issues, maybe someone could hack into the server and tell all users that they should leave.
-
@FediTips I don't know, but generally when something web based gets pwned hard enough, sysadmins typically start to raise stink about it. If I spot port scanners or obvious stuff being run against the systems I maintain, I might fire an e-mail to their ISP's abuse address, depending on where they from. With China, Russia etc. I don't bother, US and Europe likely, the Nordics, very likely.
Just report them to Amazon, does that work?
https://www.whois.com/whois/pawoo.net
Name Servers: ns-115.awsdns-14.com ns-1162.awsdns-17.org ns-1584.awsdns-06.co.uk ns-862.awsdns-43.netEDIT; oh, and Cloudflare, for mastodon.cloud, actually: https://www.whois.com/whois/mastodon.cloud
Name Servers: cruz.ns.cloudflare.com jake.ns.cloudflare.com -
Just report them to Amazon, does that work?
https://www.whois.com/whois/pawoo.net
Name Servers: ns-115.awsdns-14.com ns-1162.awsdns-17.org ns-1584.awsdns-06.co.uk ns-862.awsdns-43.netEDIT; oh, and Cloudflare, for mastodon.cloud, actually: https://www.whois.com/whois/mastodon.cloud
Name Servers: cruz.ns.cloudflare.com jake.ns.cloudflare.com@plutarch @FediTips Amazon doesn't give a fuck. I reported a huge botnet, got a reply that they could not verify the claim. I went through an internal contact I had to to escalate it. I heard that they basically had laughed at it on their internal chat, with the mentality being that I was some home hosting n00b who got scared when someone scanned them and that I shouldn't expose services unless I wanted them knocked all the time.
Just to bring some context, I set up my first public net connected services when these guys weren't not born yet and only reported it as a courtesy and only because it was relatively big botnet.
-
@plutarch @FediTips Amazon doesn't give a fuck. I reported a huge botnet, got a reply that they could not verify the claim. I went through an internal contact I had to to escalate it. I heard that they basically had laughed at it on their internal chat, with the mentality being that I was some home hosting n00b who got scared when someone scanned them and that I shouldn't expose services unless I wanted them knocked all the time.
Just to bring some context, I set up my first public net connected services when these guys weren't not born yet and only reported it as a courtesy and only because it was relatively big botnet.
-
@Alison They found themselves on my personal "oops, I don't have the time to report their gaping security issue" list.
-
@plutarch @FediTips Amazon doesn't give a fuck. I reported a huge botnet, got a reply that they could not verify the claim. I went through an internal contact I had to to escalate it. I heard that they basically had laughed at it on their internal chat, with the mentality being that I was some home hosting n00b who got scared when someone scanned them and that I shouldn't expose services unless I wanted them knocked all the time.
Just to bring some context, I set up my first public net connected services when these guys weren't not born yet and only reported it as a courtesy and only because it was relatively big botnet.
-
@wendinoakland I think it was Confucius himself, whose wise words of "Big IT companies only care if the problem hits their profits" still stay relevant.
-
Yup, good idea. Just edited the hashtag in.
-
They had suggested adding the fediblock hashtag, so I did. Then they deleted their own post because it was no longer needed.
-
️ Do not move your account to mastodon.cloud. If you know someone already on mastodon.cloud you might want to suggest they move to a different server.-Mastodon.cloud's admin hasn't posted since Feb 2023
-There doesn't seem to be any moderation, really awful bigotry is still there months after being reported
-The server software is very outdated and full of unpatched security holes
-Because of all the above, many other servers have defederated mastodon.cloud@FediTips Non-surprisingly, they're currently a source of the latest "Mastodon Support" scam wave.
-
Yeah, it can be tricky to know where to sign up
For what it's worth, I'd recommend using a human-curated server list where someone has checked the servers before listing them. I run one at https://fedi.garden and there's also one run by the Mastodon developers at https://joinmastodon.org/servers
Just out of interest, do you remember how you found out about .cloud?
