新しいものを表示

今ってオイルショックじゃないの?

:x_twitter: も黒、 :misskeyio2021: も黒、
:threads: も黒、日本も黒、世界も黒、未来も黒

各PCでdockerからインスタンスを立ち上げてトゥートできて連合も見れれば分散型の極みになりそう

貴様にレクチャーしてやる
これが敬語だなんてたまげたなぁ

t1048 :mixi: さんがブースト

Vivaldi鯖の一部アカウントで発生した「ログインしなおせと言われてログインしたら中身真っ白なんですけど」事件の顛末・・・

すごく面白い・・・まだ原因が分かったところまでしか読めてないけど😅 。

「マストドン見~ようっと」みたいな感じで開こうとしたら、真っ白・・・で、シスアドの同僚さんに「ねえ、マストドン何かした?」と聞いたら、「んにゃ・・・って、僕のもだ@@!」となり・・・

そして慌ててチェックしたら、何かユーザー消えて行くんですけど~ってなことになり・・・

マストドンの開発者さんやらにも協力してもらいながら原因を突き止めて行く様子は、大変格好良かった!

休日返上での対応、本当にお疲れ様だったのです・・・Vivaldi鯖いいね!

これ、技術的に詳しい人が読んだら、もっと面白いと思う。

しかし・・・コレ、Vivaldiさんとこだから対応できたけど、もし🐙が運営していて・・・とかなら、完全に「詰み」になるでしょうねえ・・・「分からないけど、どーともならないので閉鎖します」とかなりそう :blobcatdead:

thomasp.vivaldi.net/2023/07/28 [参照]

t1048 :mixi: さんがブースト

What happened to Vivaldi Social?

https://thomasp.vivaldi.net/?p=918

On Saturday 8 July 2023, user accounts started disappearing from the Vivaldi Social Mastodon instance. What was going on, how did this happen, and what were the consequences?

This is a very long blog post, but to be fair, this was also to be a very long weekend.

Something’s not right

It was around 17:25 Oslo time (CEST) on the Saturday that I first noticed something was wrong. I’d just got home from a bike ride, and when I happened to check my Vivaldi Social tab, it suddenly asked me to log in again. “Unusual”, I thought, but I wasn’t immediately alarmed by it. But then when I did log in, I saw that my home timeline was now completely empty. I quickly reached out to my colleagues.

doing anything with mastodon? my home timeline is suddenly empty

Me, to my fellow sysadmins – Saturday 8 July 17:26 CEST

My fellow sysadmin very quickly got back to me. No work was ongoing, and his account was showing the same symptoms as mine. He offered to start heading to a computer so he could help me, an offer which I gratefully accepted.

By 17:32, another colleague outside of the sysadmin team had also noticed the same issue. I started to look into the database to see what was going on.

Something bad has happened

Looking at the database I could see that the affected accounts had apparently been deleted, and then recreated as a completely new account when the user logged back in.

Immediately, I started looking to see what database backups were available. As expected, we had a nightly backup from 23:00 UTC on Friday night. I started copying the file to somewhere I could make use of it.

While I was waiting for the backup file to copy, I started checking the database for other users that might be affected. and another one that I checked had also been deleted, but had not yet been recreated, likely because those users had not tried to log back into their accounts yet.

By this time, Hlini had arrived at a computer and started looking into things with me.

I started checking the web server logs for account deletion requests, but nothing matching the account deletions showed up; and then I realized something else was odd about these deletions.

Normally when an account is deleted in Mastodon, the username is permanently reserved as unusable. If you were to try to create a new account with the same name as a deleted account, it would not allow it (since, due to the nature of the Fediverse, having a new account with the same address as an old one would not be a good thing).

But in the case of these deletions, we were getting reassigned the exact same usernames, so these could not be not normal deletions.

By 18:39, Hlini had figured out the pattern: all accounts with an ID lower than 142 (ie. the oldest accounts) were missing from the database.

We hadn’t seen any discussion from other Mastodon server admins about anything like this, and we wondered if this could be something unique to our setup – after all, Vivaldi Social uses vivaldi.net accounts for logins (thanks to Mastodon’s OAuth support) instead of the normal signup and login system of Mastodon. We started considering asking the Mastodon developers for help, and we also started discussing strategies for restoring the lost data from the backup.

But then…

Something bad is happening right now

At 19:10, I checked the database again, and I saw that all accounts with an ID lower than 217 were now missing from the database, and that number was increasing. This meant that accounts were still being actively deleted from the database.

By this point we both agreed that we needed more help, so at 19:18 we contacted the Mastodon developers. We immediately got a reply from Renaud, and he pinged Claire and Eugen to enlist their help.

Stemming the flood

At 19:20, Hlini restarted all of the docker instances in our Mastodon setup. The deletions seemed to stop the moment he did this. The lowest ID in the database was now 236.

Fortunately it turned out that it would stay that way.

The investigation begins

198 accounts in total had been deleted during the course of this incident, and over the next few hours, together with the Mastodon devs, we started looking into what could be going on. On Eugen’s suggestion, we looked into the possibility of it being the UserCleanupScheduler deleting accounts that were “unconfirmed”, but this was eventually ruled out, as the deleted users could never have matched the query that it operated on.

Since we had upgraded to Mastodon 4.1.3 just 48 hours before the incident occurred, the Mastodon devs looked into all the code changes between v4.1.2 and v4.1.3 to see if anything there could be related. They even (and I cannot credit them enough for this) went the extra mile and looked through our published changes to see if any of the changes we had made could possibly lead to this. The conclusion though was that none of the changes could have triggered anything like this.

At the suggestion of Renaud and Eugen, we checked the filesystem to see if the deletions were being done directly in the database, or if they were being triggered by Mastodon itself. We could see that the avatar and header images for the deleted accounts had themselves also been deleted. This meant that the deletions had to be coming from the Mastodon application itself.

An attack?

We also started looking for signs of system intrusion, since it was certainly a possibility that this was some kind of deliberate attack. I spent some time checking the various logs that we had available to us, but I didn’t find anything (though in these cases, the absence of evidence can never rule out the possibility).

Because Mastodon v4.1.3 included a security fix, the devs also looked into the possibility of a related exploit, for which we combed through the logs, and examined the filesystem for evidence of such an attack. Again though, nothing was found.

We debated whether we should take Vivaldi Social offline altogether while we continued the investigation. The Mastodon devs gave arguments in both directions:

  • In favour of taking it offline: if we have to roll back the database to the backup, then more content will be lost the longer we keep it up.
  • In favour of keeping it running: if it is an attack, and it resumes, it might give us more opportunity to investigate how it’s being done.

We ultimately decided to keep it running. In truth what swung the decision that way was probably not the balance between the above arguments, but just a simple fact of us being sysadmins… [参照]

実を言うと :twitter: はもうだめです。突然こんなこと言ってごめんね。
でも本当です。2、3日後にものすごく黒い :x_twitter: があります。
それが終わりの合図です。程なく大きめのアップデートが来るので気をつけて。

それがやんだら、少しだけ間をおいて終わりがきます。

半導体足りないなら導体使えばええやん

しょうがないから店主の手足もいでスケルトンベッドに縛りつけておくか…

逆刃刀でも突き刺せば変わらんでござるよ^ ^

t1048 :mixi: さんがブースト

:x_twitter: が強制ダークモードになってしまったらブラウザの機能拡張でどうにかするしかないのかなぁ。
ライトモード派なので由々しき事態ですわよ。

隻狼「逆刃刀だから人は傷つけないでござる」

これから夏本番なんて全滅するぞ

t1048 :mixi: さんがブースト

#GIGAZINE #RSSfeed
新型コロナの後遺症の影響は「計り知れないほど大きい」と研究者が語る
gigazine.net/news/20230727-bur

パワプロ君だったらグキッってなってる

中央集権型の良いところ(悪いところ)出たな

t1048 :mixi: さんがブースト
古いものを表示
Fedibird

様々な目的に使える、日本の汎用マストドンサーバーです。安定した利用環境と、多数の独自機能を提供しています。