Instances, of course, have some bot-mitigation tools which they can use to prevent signups, etc.
However, what’s stopping bots from pretending to be their own brand new instance, and publishing their votes/spam to other instances?
Couldn’t I just spin up a python script to barrage this post, for example, with upvotes?
EDIT: Thanks to @[email protected] ‘s answer, I am convinced that federation is NOT inherently susceptible, and effective mitigations can exist. Whether or not they’re implemented is a separate question, but I’m satisfied that it’s achievable. See my comment here: https://programming.dev/comment/313716
Yes. There have been a number of ways people have exploited the inherent flaws/trust in a federated system dating back before Lemmy was even a thing. There is currently a lack of tooling to find misbehaving servers, which is an increasingly big problem. There is kinda inherently more administration and moderation required in a federated system unless you want it to be just islands of (probably large) instances that have similar philosophies and mutual trust.