Here’s how it goes:
- A chat member was fucking around with mini-apps, and uploaded the file sharer one (it’s supposed to chunk files and send them over)
- Another member used it to try and send a ~160Mb zip file
- It didn’t seem to work, so everyone went on with their day
- A couple hours later, everyone is getting notifications about their relay storage filling up. It would continue without limit, I think the file chunks were getting duplicated?
- We correctly identified the cause after a bit, but there was no way to prevent fillup on the receiver’s end, only undo it by deleting mails. Which is only doable from a third party client
- It took the file sender deleting their copy of the webxdc to stop the spam
It was kind of funny but raised some questions:
- Why does the client not auto-clean old mails when the relay is running out of storage, and prefers to let the storage fill up?
- Why is there no clear way to see what’s using relay storage?
- Why is there no clear way to clean the server-side storage from the client, other than to disable multi-device mode for a while?
The accidental DOS attack was invisible to the recipient (even someone who deleted the webxdc for themselves would still receive chunks). It also took out the entire account (unless it had secondary relays configured), not just that account in a particular group chat, which seems like a pretty nasty hole to have.
Summoning @Coca as my witness here