this post was submitted on 20 Jun 2023
4 points (100.0% liked)

Asklemmy

43835 readers
759 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

Just a random thought experiment. Let's say I have my account on a lemmy instance: userA@mylemmy.com. One day I decide to stop paying for the domain and move to userA@mynewlemmy.com, and someone else gains it and also starts up a lemmy instance.

If they make their own userA@mylemmy.com, how do federated instances distinguish who's who?

Have I misunderstood the role of domain names in this?

you are viewing a single comment's thread
view the rest of the comments
[–] Vlyn@lemmy.ml -1 points 1 year ago (1 children)

Since when is stealing a domain name easy? If it would be then google.com would redirect to another scam site every five minutes.

The only way you're going to steal a domain is if the owner stops paying for it.

If you steal gmail.com you could impersonate anyone with a gmail email address. How is that an argument?

[–] Dirk@lemmy.ml 1 points 1 year ago (1 children)

Since when is stealing a domain name easy?

You either social engineer the needed data or hack the domain owner and change the Admin-C or Tech-C and then either directly or by request change the IP for that domain. You could also bribe some one working there or someone who works for the registrar or somehow gain access to the mail account of Admin-C or Tech-C.

https://www.hackingloops.com/domain-hijacking-how-to-hijack-domain-names/

You could also try to poison the instance’s DNS cache so the domain in question is resolved to an IP where the server is under your control.

https://en.wikipedia.org/wiki/DNS_hijacking

You could also register domain names that are either unpaid for whatever reason and thus marked as in transit and if the transit period is over you just claim the address.

https://en.wikipedia.org/wiki/Domain_drop_catching

And since you mentioned google.com:

https://money.cnn.com/2016/01/29/technology/google-domain-purchase/index.html

To recite @fubo@lemmy.world: Depending on DNS for security is generally a bad idea.

[–] Vlyn@lemmy.ml -1 points 1 year ago

Sure, but if you lose your domain you already lost. That's it, game over.

I do agree it would make sense to issue every Lemmy instance and every user an asymmetric key pair they can sign against, just for extra security. But that might also break things because instances per domain are no longer unique. You can have lemmy.ml@publickey1 and then lemmy.ml@publickey2 and then lemmy.ml@publickey3 and so on. It would be an absolute mess.

This doesn't even have to be an attack. A new instance owner might decide to re-setup their instance and nuke everything or they simply lost the data. Or on a faulty Lemmy update things break and the private key gets regenerated or jumbled up. Especially right now in the early stages of this platform where things are bound to go wrong you don't want to accidentally nuke an entire instance.

What do you do then if a legitimate owner sets up the instance under the same domain again?

Besides that, if an instance really gets removed (which basically happens if someone takes over the domain, they don't have access to the instance data itself) other instances can simply defederate in an emergency. Though the only damage would be moderator accounts on other instances. The content is dead the moment the instance dies anyway (there just isn't a mechanism yet to clean it up if there is no delete events being sent, but that will probably come).