Either we need to require members to use SDF emails to sign up or manage their Lemmy account login from the Maint console. Either way we need to limit it to Members of SDF who validated their accounts or shit like what’s been happening will continue to happen.
I know that it would make this place less open for people but I think this would go a long way towards making the community more secure against these kinds of attacks.
One possible compromise would be that if we wanted a more open Lemmy instance, to create another one without Member restrictions on a different SDF domain i.e. freeshell.org. Though personally I’m not a fan of that idea at all since unmanned instances tend to gather spam or become derelict. It’s much better to just have member-only instances and to encourage people to become SDF members with the $1 or €5 charge for validation.
I’m fine with requiring mail sign-in with the usual “what am I fighting for” essay, yeah, but… “We” need l.s.o. to be SDF Members only? Who is this “we” you speak about? I’m certainly not in it. Limiting the number of users who can be in l.s.o. in that way could very well lead to instance upkeep, which has already shown to be a problem, to be just Not Worth It.
Not a member myself, but I agree that this makes alot of sense, where proof of membership is a requirement to join this instance.
On a seperate note, how does one become a member of SDF?
It’s very easy, you just register on the website and login to the TTY using your preferred SSH shell. Can be Termux, can be Putty, can be a Web SSH, doesn’t really matter. It does require Shell access though.
To be Validated you need to Send at least $1 or €5 to SDF with your shell username written on the envelope or included in the transaction in some way. So yeah there is a membership fee but it’s very cheap.
I honestly would like to see more of this for like cons and such. Orgs that already exist using federated instances so that they can interact not only with each other but also the greater community. I could see cons giving access with badges and not sunsetting them so basically if someone ever goes to one they could get a login. maker spaces and such to.
