Based on recent news I'm guessing this might be the result of a DDoS attack from the far-right
this post was submitted on 13 Feb 2025
152 points (99.4% liked)
Programming
18304 readers
207 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities [email protected]
founded 2 years ago
MODERATORS
Before the ddos they were also spamming a certain n-word. Why are far-right groups targeting codeberg anyway?
Codeberg published a blog post yesterday. They suspect (or know?) that it's a broadened attack because Codeberg hosts liberal and human projects.
In the past days, several projects advocating tolerance and equal rights on Codeberg have been subject to hate attacks, such as massive spam of abusive messages in their issue trackers. We have been monitoring the situation closely and have tried to clean up the content as quickly as possible.
Often, content remained available only for a few and up to 30 minutes. Due to constrained personal capacities, some rare cases have remained online for longer. We appreciate all your reports to [email protected] that help us identify abuse quickly.
On 12 February 2025, an abuser has escalated the attacks to a next level. Instead of targetting individual projects, they have started to create abusive content and mentioned Codeberg users in chunks of 100 each.
(emphasis mine)
~~The real reason is that I have no idea~~, regardless they're attacking a free and open source software project/developers that benefits everyone. Attacking them makes no sense.
Far-right extremists tend to act based on tribal emotions rather than with empathy and logic.
Give them anything as an 'enemy' and they're likely to see red and charge.
Edit:
I remembered the reason:
In the past days, several projects advocating tolerance and equal rights on Codeberg have been subject to hate attacks, such as massive spam of abusive messages in their issue trackers.
Could be, although codeberg goes down more than anything else I use so this could be normal.
They've posted on Mastodon, that it is a (D)DoS: https://linuxrocks.online/@[email protected]/113995906036180301
Could be, although codeberg goes down more than anything else I use so this just could just be normal.
I also wouldn't rule that possibility out.
I'm guessing an attack from the far-right as their unruly behavior has been flaring up globally and Codeberg literally yesterday was fending off attacks from the far-right so to me the timing seems supicious.
although codeberg goes down more than anything else I use so this could be normal
They often go down because of ddos attacks, although not exclusively.
@recursive_recursion @paequ2
I still don't understand where the "far-right" part of Codeberg's post comes from, is this a long-standing problem?
Codeberg is up again! And I got spammed too, does that mean I'm a good FOSS developer? 😳
Yay, I didn't get spammed! ...so the stuff I have on Codeberg is officially stuff nobody but me cares about. (Sadness, or an opportunity?)
if you are on codeberg you are a good FOSS developer
Ok. "I am a good FOSS developer"
who's a good FOSS developer? you are!
All we need now is a CodeTitanic, to make the story complete.
Reminds me: long ago, one comedy website made a bunch of awards that you could put on your own website with if you didn't get awards from anyone else. (Having a bunch of random awards was the style of the time.) One of these was the coveted Titanic Navigation Award. I don't think it can be awarded to anyone any more, as the developers of React have been the most deserving one to receive it in recent years, for their unending efforts in making navigation more confusing for everyone.
Hehe!
This is a good argument for self-hosting Forgejo (which is quite simple compared to gitlab from what I hear).
But good to see they are standing up to this shit.
Self hosting git repos can be super minimal. If you don’t have a lot of users or repos, just use ssh. Hell you can host a repo on a local SMB network share eben.
True, although it's nice to have a web UI. And I haven't tried it myself but there's Forgejo actions which seems useful if you need it.
Reason I went or self-hosting Forgejo is to know it when federation comes along for real.
I'd love being able to federate my self-hosted Forgejo with my friends self-hosted Forgejo servers.
https://forgejo.org/2025-01-monthly-update/#federation
I wish I could upvote this a hundred times.
If you’re not stuck on git, give fossil a try. It’s a distributed source code version control with an integrated bug tracker, wiki, forum, and more. All that in in one 3 MB sized binary.
It can even mirror to GitHub and export/import git repositories.
It’s very easy to host yourself.
Yes it's trivial to host a repo, and then you have achieved approximately 2% of a forge.
So much simpler than gitlab. An executable and a single config file. That's all there is if you use sqlite as the database.
Gitlab was a farmyard of different things to worry about.
Traditional server-based self-hosting will have lower average uptime, will be easier to attack, and will have a much higher chance of disappearing out of nowhere (bus factor event, or for any other reason).
A decentralized or distributed solution would make more sense as a suggestion here. Radicale (this one) is such an effort I'm aware of, although I never tried it myself or take a look at its architecture.
Traditional server-based self-hosting will have lower average uptime, will be easier to attack, and will have a much higher chance of disappearing out of nowhere (bus factor event, or for any other reason).
It's not a single point of failure at least but if your particular project is targeted then yeah. I was thinking more about using it for private repos, where it isn't public at all but that's a separate case.
It looks like someone is spmming the issue tracker of Codeberg/org with mass mentions
Hm. Got tagged on a spam post that just says "hi".
https://codeberg.org/austedan/thisisatest1/issues/45
Ah, I didn't know you could @moderation in the conversation.
I got tagged in one called "N***er balls".
Imagine waking up and seeting that email notification.
PS: Picture just to confirm:
NOTE: I have also seen since yesterday that my crowdsec instance has been blocking way more ip's for bots trying to crawl and shit like that so I think that this all might be a more general uptake in bots and that sites that never really had great protections against it are now taking the fall.
Just from yesterday to today I got over 100k more blocks.
That's the same one I got.
Got the same message, but from a different issue
Uptime status may not be representative though.
When I open the dashboard right now it loads the HTML but then only shows a loading icon.
Codeberg keeps calling the group the far right. Is there any political motivation or something else here? To me, it just looks like troll behavior. Is there more details about the attacks that I missed?
Its right-wing because of the content and target of the trolling. They've said this started as a target harrasent of certain projects.
If you'll examine the last 20 years of history, you'll find that generally, unfocused and unclear trolling with racist elements is usually sourced from the far right.