The Raid

I woke up a few days ago to the thing I was expecting would happen sooner or later. During the night a malicious worker joined the Stable Horde and instead of generating and sending stable diffusion images, they were simply sending a racist image macro on top of spawning multiple workers with racist and obscene names. This person went to considerable effort to understand how the bridge works and edit its code to send garbage in an effort to ruin it.

Unfortunately due to the openness of the horde architecture, nobody else online could do anything about it until I woke up. I was expecting this would happen since I started the horde, but I was hoping I wouldn't have to deal with it not even a month into operation!

I don't know if it was luck or boredom, but they had stopped when I woke up, that gave me a bit of time to investigate and start working on a solution. Unfortunately while I was talking about it with the regulars, they started again, with the name an obvious reference to the fact that they were lurking in my discord server. So the horde had to go into maintenance until I dealt with it.

I already had some plans on how to deal with this but I hadn't had time to implement them yet due to the massive refactoring I had to do first. Nevertheless it had now become abundantly clear that I had to drop all my other priorities and do this first, which is a pity because I has already started working in img2img.

First thing I did was implement a worker invite-only mode. This prevented any new worker from joining the horde without a specific flag set on their user. Those  server already in would be grandfathered to avoid kicking everyone out, but I also needed to make sure that the malicious users would not also stay in. So I had to quickly implement a filter with the common words they used for their worker names and kick them out.

That "stopped the bleeding" to to speak but that meant more overhead for myself when new people joined the horde in the short term, so I needed a way to onboard others to help me moderating the horde. Enter the moderator role.

I asked around and two people spoke up about being willing to help out with this, in different timezones, so I quickly made them horde moderators which at the start merely gave them access to (un)invite accounts to be workers and turn on/off invite-only mode.

With all these done, I could finally relax a bit as not everything fell on my head. these changes would allow to me continue development at a more normal pace, but a ton more had to be done before I could consider reopening the horde to every worker without an invite. 

The details of this will be in the next post.