I created an account on mastodon.social a few days ago. A day after creation, my account was suspended. My appeal was denied and no reason was given. So I assumed mastodon.social was not accepting new accounts, so I moved over to mastodon.online and created an account there. Today that account was suspended as well, again without reason. I didn’t post anything from either account. My only actions were to follow a few people within tech.
Looking at previous posts here, people are laughing at complaints about difficulties of joining mastodon and pushing it away as a simple task. I have now attempted to join two of the highest suggested servers of mastodon and gotten suspended from both. I am uninterested in shotgunning servers until I find one which doesn’t suspend me without reason.
How is the onboarding process of mastodon supposed to work if the top suggested servers are suspending new accounts without warning or reason?
It just seems like the perspective is off. Implementing some script which reads images of the website which depicts the CAPTCHA, sending it to some AI-solution which can succeed some percentage of the time. Adding this to something which can interact with the website (not sure if you'll need to indirectly act through something like selenium or if you can make direct web-calls), while also ensuring that the CAPTCHA doesn't receive other suspicious data.
If you go through that trouble, I would be amazed if combining 2 or 3 words from a dictionary into a username would be the kryptonite of your bot farm.
Again, I don't know, and it might be a much more preventative solution than I can understand, but it feels like a strange security by obscurity.
You're not wrong, but it's also one of those things where you don't want to make things easier for the bad actor, especially since most people aren't going to be signing up with random strings.