I guess in theory, malicious actors have some options trying to target and overload all of the Fediverse, but I don’t think any are really feasible. At the point, where you could take out the (vast majority of) nodes with something like a DDOS, you already had enough resources to spare, to take out just significant parts of the overall internet altogether.

0-day exploits could of course be problematic, as they are for anything, but even then, using one on all (or then majority of) nodes simultaneously, and/or distributing a payload to all/the majority of nodes is also just so much effort. Also, chances are quite low you will get an exploit for all platform software, and if it targets something in ActivityPub, then all you can do at best is stifling federation, I guess, still allowing for local content to remain up.

Not only censorship resilient and with dynamic interlocking communities, also pretty damn resilient when it comes to overall uptime security.

The biggest limitation left is for users of that instance. The workaround is to make accounts on one or more different instances, even often with the same handle just different addresses. Then you most likely can get back to consumption until your main account is working again. The caveat is there isn’t a way (yet*) to share a lot of the info between those accounts to make it feel less like a temp account. Still far better than refreshing a singular website status page over and over.

• yet or even if it’s practical. I know some played with a few importing ideas early on for themes and I think subscriptions, but I doubt anything more. History and such would open a lot of security issues.

I love admins being fully transparent like this.