That's not really an answer. Repeating the mistakes of the past, especially with something as personal as social media, is a HUGE oversight that needs to be corrected post-haste.
How would you solve this? I think that GNU Social's goals are to decentralize social networks. How would you "fix" this without some kind of centralized identity verifying registry? If someone hosted a GNU social where impersonators were not purged, I think other GNU socials would exclude them from their circle of trusts in addition to purging bad users from their own systems. The centralization will most likely be rejected by the privacy and small government advocates in the community.
I believe that rather than saying your issue is not solved, the issue has been replaced with a new one: how would does GNU social's network of trust work? When a spammer starts or occupies a GNU social, what is required to prevent my host GNU social from suffering? How would a new user from a centralized social network know which GNU social is the right one to start with?
I have not read enough about how GNU social works and hope to find out how/if this issue can be resolved.
