Real problem with CloudFlare: Why is there a fucking monopoly on this to the point where *professional* sites rely on it?

People choosing it (among others which should also exist) to protect their toaster-hosted website is annoying but at least you can kind of understand why.

@lanodan Honestly what's the likelihood your toaster-hosted website is gonna get DDoSed anyway? Like, they have no reason to attack us at all.

@IceWolf Understanding doesn't means they're right. :)

The likelyhood is near zero, DDoS are awfully rare, specially on small fry things where a simple DoS just does the job.

@bob @alcinnz Yet fediverse software isn't really spam resistant, most of the anti-spam done is very manual and I think Pleroma is still the only one which allows to have custom filtering modules, together with a pretty decent set of default ones.

I think it's just that spammers haven't really took it as worth it yet, which says a lot more about how small the fediverse is.

@lanodan looks like a culture problem.
Not having your own hardware and relying on multiple third party services is the normal way of doing things.

Using multiple amazon services adding a cdn, hosting your js on another cdn, using fonts hosted by google, embedding a viden from youtube adding tracker from facebook/google, relying on a db provided by azure and then you cry because service X change its ToS or increase its price once you are captive.
So you migrate your service X to provider Y with a blog post on your Medium explaining you've seen the light and that's way cheaper now.
Two years later provider Y…

That's the way many things work now.

@bob There is a lot of trash on the fediverse but it's usually done manually by people and it's mostly just trolls.

Spam to me is more like… well advertisements.

@lanodan @alcinnz i think i have p's ddos recipe somewhere...

@lanodan @alcinnz oh no i lost

@lanodan it's the nature of the beast
due to needing the biggest possible network throughput, whomstever has the most capacity gets a natural monopoly by virtue of that being by definition the best mitigation
if akamai got more capacity people would go back to them

DDoS isn't just network throughput.

It can also simply be just overflowing the connection pools where a basic limit of n connections per IP blocks wouldn't work anymore.
And similar other funny things you can do by just having a bunch of widely spreaded out IPs.

@lord @lanodan So fucking spot on!
This is why you should ALWAYS host all your resources locally, no exceptions.
Even web button images like "LOOK, THIS SITE IS USING 100% VALID HTML5!!" and JewTube videos should be hosted locally.
My simple rule of thumb here is, never trust 3rd parties at all.

@lanodan @bob @alcinnz Rather, Pleroma is entirely made with Vue.js, so spambots can't read it.
This is probably the only good thing about top-down Javascriptification of the internet.

@ryo @bob @alcinnz Only the default frontend is made in vue.js and that's just for stupid spam that goes at random on the web.

Horribly effective spam on the fediverse would be with a more or less spam server at ActivityPub level, at least that's what email still often has to deal with. (When it's not gmail/mailgun/… being abused) Do we speak of natural monopoly?

@mk61 Slightly but not entirely, I think a competitor could technically rise.
Typically something an existing ISP/Hoster could spin.