Closed trankten closed 1 week ago
trankten
commented
3 months ago It's been 2 weeks. Daily SPAM bots there. No answer from their admins. Sadly the instance is still recommended at joinmastodon.org to create new accounts there for new joiners with an outdated and vulnerable server version.
trankten
commented
2 weeks ago Hello @andypiper.
I see you have assigned this task to yourself. I want to point that, after three months, this server is still listed at JoinMastodon with outdated software with critical security risks, missing features and plenty of spam bots on their public timeline. Please check it out.
Thanks for your time, have a nice day.
AverageDood
commented
2 weeks ago To be actively recommending an instance stuck in 4.0.2 as a good place to sign up at is absolutely unacceptable. The instance is running on a year and half old software, with several security issues that have been patched since, and shouldn't be listed on JoinMastodon at all. How IRSoluciones is still on JoinMastodon is beyond comprehension
andypiper
commented
2 weeks ago Thanks for these comments, I am travelling right now but will try to take a look shortly.
andypiper
commented
1 week ago Thank you for your help in identifying this and apologies for the extended time it took to resolve, this instance is no longer listed.
trankten
commented
1 week ago Thank you for your help in identifying this and apologies for the extended time it took to resolve, this instance is no longer listed.
I'm the one thanking you for making the Fediverse a better place. Thank you so much :)
I've published this through Mastodon but I think it's worth bringing it here because it raises some considerations that need to be addressed.
Please consider removing servers using outdated software from joinmastodon.org as they might be a security risk for new users and the Mastodon experience will not be the best nor the latest.
Some servers at JoinMastodon.org such as IRSoluciones.social (Public local timeline here: https://irsoluciones.social/public/local) have a public timeline filled of spam bots, see image below:
JoinMastodon.org encourages new users to join there which is unattended, unmoderated, the software is outdated and might present a bad experience and a security risk for the new users. The server has open registrations and also an outdated version of Mastodon which has known security issues, but new comers who join through JoinMastodon.org don't know this and they just see a "Create account" button, inviting them to join Mastodon there.
Please consider adding a check in JoinMastodon.org to remove or hide servers whose server software version is below a threshold or has known security bugs, and when possible, keep an eye to remove servers to the Mastodon Server Covenant when they are not getting updated to avoid new users have a bad experience when joining Mastodon using a decentralized server!
The server I'm pointing here is just one of many more that were created back in 2022 when people thought making a Mastodon server would bring them fame and wealth.
Have a great day!