Someone is scraping public #Matrix rooms for user data using a bot
@server_stats:nordgedanken.dev
https://stats.serverstats.nordgedanken.dev/app_direct/server_stats/
https://matrix.to/#/#server_stats:nordgedanken.dev
I really don't think this is GDPR compatible somehow?
My advice, yeet the bot. Is there a way to de-federate from that domain? I haven't actually seen that in the docs.
@kawaiipunk oh and afaik just like voyager.t2bot.io if you kick/ban the bot after joining it won't try to rejoin your room, and remove it from the stats
@kawaiipunk yeah it would be so simple for it to send an opt-in message at join and only continue when an admin responds positively..
@f0x it's a sham Matrix doesn't have better moderation tools tbh.
@f0x I meant *shame LOL
@f0x meant what I said 😂
@f0x @kawaiipunk Hi :) while I totally get where you are coming from I actually from people I talked to beforehand that this would actually be more annoying as that would result in spam. I am planning on implementing https://github.com/matrix-org/matrix-doc/pull/2291 which hopefully should improve the situation.
I can assure you however that bans will keep the room unlisted. ACL bans however may not work as my bot never sees them. This may be a bug though I am not sure if I can even see that as an appservice. I will 1/2
@f0x @kawaiipunk 2/2 however investigate on ACL bans :)
@f0x yep That seems to be the case. I'm not against the project as a whole. Shame it's not opt-in though.