|
Post by GK Sierra on Mar 9, 2015 22:57:21 GMT
As many of you have undoubtedly seen, this forum has been targeted by some entity based in India seeking to find customers for... dating services? Romantic advice? It's not really clear. Whatever it is, it is highly annoying. The spammer creates an account and then makes tons of forum topics, sometimes pushing all the actual discussion about the comic off of the front page. A big thank you to everyone who has been reporting the posts, but in the future it would be better to only report one post when the spam begins to appear. I woke up this morning with 12 texts and for a moment I thought I had done something highly inappropriate the night before but it turns out it was just the Love Guru Pakti with more spam. Needless to say Tom is just trying to host a place for friendly and amiable discussion between fans of his comic, not a bazaar for oriental sex merchants. The current status quo is that this happens multiple times a month and sometimes multiple times a week. It's not a huge hassle to clean up, but it is a headache for everybody until I decide to get off my lazy butt and recharge my phone. We all have busy lives to get to, particularly Tom, and so it would be great if we could put our heads together and:
A) Find a method of using Proboards wordfilters/permission skins to stop the spammer or at least make their job harder -Time/Amount limit on the number of new topics, or limits for users below a certain post count -Wordfilters on certain phrases/ASCII characters that are unique to the spam posts -New user validation
or
B) Find the identity of the individual or individuals doing the spamming -Attempt to reason with them followed by -Stern lecture and possibly -Legal threats
There are a lot of smart, talented people floating around here, so if any of you has suggestions to block the spam or would like to take on an internet detective case pro-bono for a good cause, that would be double-plus-awesome.
Thanks, -Sierra
|
|
|
Post by The Anarch on Mar 9, 2015 23:03:02 GMT
Is there a Captcha or similar system required for signing up for the board? I don't recall. If there isn't, is there a way to set one up? B) Find the identity of the individual or individuals doing the spamming -Attempt to reason with them followed by -Stern lecture and possibly -Legal threats -Murder
|
|
|
Post by Jelly Jellybean on Mar 9, 2015 23:54:25 GMT
Is there a Captcha or similar system required for signing up for the board? I don't recall. If there isn't, is there a way to set one up? B) Find the identity of the individual or individuals doing the spamming -Attempt to reason with them followed by -Stern lecture and possibly -Legal threats -Murder - Black ICE
Seriously, real improvements would have to be implemented by ProBoards. Locking accounts that create a number of posts in a short amount of time (5 posts in less than 30 seconds)? RE-EDIT: We get what we pay for, maybe a modest Kickstarter or Patreon to raise money for a modestly priced, but better, pay service. But only if the posts here on this board could be migrated to a new board. And the new board would not be restricted to backers, just that Kickstarter/Patreon would collect donations to get started. RE-RE-EDIT: I would pay good money for a special avatar handle that says "I paid good money to be be abused by people on this forum!"
|
|
|
Post by Daedalus on Mar 10, 2015 0:03:38 GMT
RE-EDIT: We get what we pay for, maybe a modest Kickstarter or Patreon to raise money for a modestly priced, but better, pay service. But only if the posts here on this board could be migrated to a new board. And the new board would not be restricted to backers, just that Kickstarter/Patreon would collect donations to get started. Definitely an over-reaction, methinks. There are plenty of solutions, and while it's annoying currently, it is tolerable since we now have another admin. A) Find a method of using Proboards wordfilters/permission skins to stop the spammer or at least make their job harder -Time/Amount limit on the number of new topics, or limits for users below a certain post count -Wordfilters on certain phrases/ASCII characters that are unique to the spam posts -New user validation
Although obviously all of the posts from the spambots have been deleted, the following are words that I recall being used frequently: - black magic - intercaste - baba ji - astrologer - vashikaran - and just generally, many hindi characters As well as certain repeated sequences of numbers. Those are all easy phrases and words to filter for (not used by anyone but the spambot). Perhaps the creation of a new thread could be prevented if it has more than a critical density of them? I am not familiar with what powers admins have. We can also look for more buzzwords the next time they strike again. The idea for limits on how many posts can be made in a given amount of time could work, especially if tied to both the age of the account and the number of posts made (to avoid any other shenanigans about modifications of post count). A good coder (far better than I) could probably tie it to the IRCbot - if there are more than a certain number of "new post" notifications within a certain time from the same person, ban the user. I'm not sure how user validation would work, assuming it only applies when the new account is created. The human behind the account could do the validation, then let the spambot get to work once the account is established. Although I am certainly not qualified to say so, I doubt there is any basis for legal threats, nor is it enough of an annoyance to be worth the effort. EDIT: as to who our assailant is, this appears to be their website. There are many other similar sites, but this one seems to have an identical writing style to our mystery spammer, and the same categories they advertise. We could confirm if they post again by following the links. From a quick google search, they've done this before, striking here, here, here, and many more whose link has been deleted. Also, to avoid getting multiple reports, you could set up some kind of "Has the spam already been reported?" thread, or something along those lines.
|
|
|
Post by goldenknots on Mar 10, 2015 1:59:01 GMT
Generally speaking, if the post has more than one or, at most, two "views", it's been reported and should be left to the cleanup crew. I look down the list and see five, ten, a dozen views on one of them and I'm thinking, "what did you think you'd see, that you didn't already know you weren't interested in?"
I think the density of keywords that aren't GKC related but appear frequently in the spam messages should be a useful criterion for filtration, if that can be implemented here.
|
|
|
Post by DesTyn on Mar 10, 2015 9:50:09 GMT
A) Find a method of using Proboards wordfilters/permission skins to stop the spammer or at least make their job harder -Time/Amount limit on the number of new topics, or limits for users below a certain post count -Wordfilters on certain phrases/ASCII characters that are unique to the spam posts -New user validation
About the new user validation thing I would have an idea. (Of course, only if the thing is practicable here.) One of the forums, I visit often - and in which I am a member quite some time - there was a period when (as here as well) spam tsunamis were quite common. But now, I do not want to tell a boring story so I'm going to tell the thing in short. In order to prevent further spam flood, the moderators introduced new lines in the rules regarding the new members. Quote (in Hungarian): And The quote In English: So this is the thing that i wanted to say to help about this "indianblackvoodoolovemagicabracadabrabullpisstsunami" spamproblem-thing. I wish you Good Luck In the progress to make this place into a good, enjoyable, and 100% spamfree forum, and community. Have a Good Day! DesTyn Out. (Ps: sorry for my english if its bad.)
|
|
|
Post by eightyfour on Mar 10, 2015 10:45:20 GMT
Is there a Captcha or similar system required for signing up for the board? I don't recall. If there isn't, is there a way to set one up? There doesn't appear to be one. This would've been my first idea, too, since it would probably be the easiest method to fix the problem. Restricting new accounts in some way until they are established to be "legit" can be discouraging to newcomers. Active moderation of new posts isn't really an option without a larger moderator staff. Some form of text based spam filter might work at least for a certain amount of time, but it is potentially labour-intensive to set up and maintain properly. Seriously, real improvements would have to be implemented by ProBoards. I don't know how much control admins/mods really have about the boards inner workings, but I guess Jelly is right. Have you escalated the issue to ProBoards support? If there is an influx of spammers on their boards, they probably want to know about it and if it gets really bad over all they will be forced to act on it.
|
|
Thoth
Junior Member
Posts: 92
|
Post by Thoth on Mar 10, 2015 10:57:07 GMT
The phone number +9649422772 seems common to many of the spam posts. I don't know if ProBoards provides any way to blacklist phrases, but you can block that if it does.
I worked a bit on a bot that would be able to automatically delete the spam messages several weeks ago, but ProBoards doesn't make developing such a bot easy. It doesn't provide an API, so essentially you need to reverse engineer the requests that the website uses, and occasionally ProBoards will think something is suspicious and will block the bot.
|
|
Thoth
Junior Member
Posts: 92
|
Post by Thoth on Mar 10, 2015 10:59:20 GMT
Incidentally, the wall that I ran into while working on that bot was that I couldn't figure out what request(s) to make to delete a specific post. I'd been able to get it to log in and search for a list of blacklisted posts.
|
|
Omnium
Junior Member
Posts: 58
|
Post by Omnium on Mar 10, 2015 22:26:53 GMT
In terms of suggestions, in the Admin CP Tom can turn on restrict membership, which allows him (or a mod/admin with Global powers) to manually review all accounts created, preventing them from posting until he allows access. The 'members waiting for approval' list shows the IP address, which you can look at to see where they're being registered from. If it looks like it's our love guru that's signing up you can ban them from there or just reject them. It's not an IP ban, but you can copy and paste that without much difficulty, I guess. I created a free test forum to have a play around with the Admin CP so... Although obviously all of the posts from the spambots have been deleted, the following are words that I recall being used frequently: - black magic - intercaste - baba ji - astrologer - vashikaran - and just generally, many hindi characters As well as certain repeated sequences of numbers. Those are all easy phrases and words to filter for (not used by anyone but the spambot). Perhaps the creation of a new thread could be prevented if it has more than a critical density of them? I am not familiar with what powers admins have. We can also look for more buzzwords the next time they strike again. Sadly, proboards doesn't allow for that as far as I'm aware. You can set it to change baba ji to I'm a spambot, but you can't set the forum to automatically do that. There doesn't seem to be a plugin I can find for it on the proboards library to do that either. If someone could create one, sure that might work (though people are pretty good at realising what's happening and changing words in ways that get around word filters. Hell using bbcode can do it. Put [b/b] tags around a letter in the word and the censor won't pick it up. There's not an option to set a 'cooldown' for posts or thread creation in the admin CP that I know of. Would make things easier if there was, a limit of something like 1 thread an hour per account (since noone creates threads that often here) and a limit of 1 post every 5-10 minutes (because again, rapid discussion doesn't happen that often) but c'est la vie. It's pretty simple. New accounts have to be given the OK by a staff member with global powers. Not an option on proboards afaik. Also, it could easily be people reporting different posts.[/b]
|
|
|
Post by Daedalus on Mar 11, 2015 0:01:13 GMT
It's pretty simple. New accounts have to be given the OK by a staff member with global powers. The obvious flaw here is the fact that neither of our moderators are here often, and people want to make accounts to post on the discussion page for a given day. If we had more administrators, we wouldn't have this problem in the first place, since the spam threads would be seen faster and thus deleted without delay.
|
|
Omnium
Junior Member
Posts: 58
|
Post by Omnium on Mar 11, 2015 0:26:51 GMT
1) Even big forums with active mods get spambots tat aren't dealt with instantly. It's simply not feasible for there to be a moderator logged in 24/7
2) You don't know how often Tom is on here, nor GKSierra. They don't post often, but that is not the same thing as not visiting.
3) We get maybe one person signing up every other week (14 people signed up in January). This is hardly something that requires monitoring on an hourly, or even daily basis so the fact that they aren't here all the time is not a strong argument against putting account restrictions in place.
|
|
|
Post by matoyak on Mar 11, 2015 4:39:38 GMT
Having a captcha during account creation would be the simplest way that won't discourage people from signing up. The other ways would depend on what proboards gives admins the ability to do. If limiting the number of threads one is allowed to create in a row (or within a certain post count / account age) isn't possible, or blacklisting based on phrases and characters used isn't possible, then I think the captcha might be one of the only non-manual ways to handle it without some backing from Proboards themselves.
|
|
|
Post by Chancellor on Mar 11, 2015 6:49:04 GMT
It's simple, we find a baba ji of our own to curse the Love Guru with black magic.
|
|
|
Post by Daedalus on Mar 11, 2015 6:58:51 GMT
1) Even big forums with active mods get spambots tat aren't dealt with instantly. It's simply not feasible for there to be a moderator logged in 24/7 2) You don't know how often Tom is on here, nor GKSierra. They don't post often, but that is not the same thing as not visiting. 3) We get maybe one person signing up every other week (14 people signed up in January). This is hardly something that requires monitoring on an hourly, or even daily basis so the fact that they aren't here all the time is not a strong argument against putting account restrictions in place. With all due respect, this doesn't all make sense. For problem 1, it would deal with the problem faster than out current solution. For 2, we know they don't visit often in two ways: there's a "last online" column in the member list, and second, we know they would remove the spam when they saw it, but it remains for a long time - implying it takes a while for them to log on and see it. At the very least, it's usually eight or more hours, and that's when we've actively summoned GK with the email/SMS thing! For 3, since when does 14 people/month equal one every other week? And regardless of how many people join, I know I would have been discouraged as a member if I had not been able to comment for many hours after signing up - I joined wanting to discuss a single point about a page. And adding a 4, there's no way an admin could know a new account isn't Babaji again. With your schema, a new account would be created, approved by Tom/GK, then suddenly begin spewing spam once it's been accepted. We certainly need a method of solving this, but a delayed acceptance of members as you describe won't help. Captcha, post limits, or word filters, might be the best idea if proboards can implement them.
|
|
|
Post by eightyfour on Mar 11, 2015 8:37:36 GMT
Just had a closer look: It turns out there already is a captcha in place for registering new accounts (too bad the official ProBoards help video doesn't mention it. Could've saved us a lot of discussion). Well, captchas aren't perfectly secure any more these days. I guess that means the only measure that can be taken immediately is indeed manual verification for new accounts (which apparently also has been enabled).
It's unfortunate, but I guess that's all that can be done right now. :/
|
|
Omnium
Junior Member
Posts: 58
|
Post by Omnium on Mar 11, 2015 8:41:36 GMT
Having a captcha during account creation would be the simplest way that won't discourage people from signing up. The other ways would depend on what proboards gives admins the ability to do. If limiting the number of threads one is allowed to create in a row (or within a certain post count / account age) isn't possible, or blacklisting based on phrases and characters used isn't possible, then I think the captcha might be one of the only non-manual ways to handle it without some backing from Proboards themselves. No it isn't. Partly because you can't modify the sign up screens in that way on proboards AFAIK. Secondly because Capcha is worthless, because you can simply pay someone in a country like India or Bangladesh (where there's a lot of poverty) peanuts to create accounts then allow the spambot to take over, or just instruct them to C+P the spam themselves. With all due respect, this doesn't all make sense. For problem 1, it would deal with the problem faster than out current solution. Yes, but it's also completely unnecessary most of the time and wouldn't solve the problem. You could have a dozen mods and there'd still be times where none are online. Having a lot of mods for a pretty quiet forum is seldom a sensible plan. Tom apparently hasn't been online since 2013. He has made at least two posts and made GKS a mod since then. The 'online' collumn is not reliable unless you can see invisible members. Yeah you're right, that's 1 am maths for you. It's more like 1 every couple of days. And the account activation thing is actually not that uncommon. Actually, they can. Bots are generally pretty obvious. Looking at the member list, from the last couple of weeks there's an onlinebaba, astroguru, and jijibaba all of which are clearly bots. Then there's the glsastri099s which have a facemash name with numbers afterwards, another common indicator of a bot. When you consider that a lot of bots tend are signing up at the same time (or very close to one another), when there's an unuaually high amount of accounts pending approval that would be another tipoff. It's really not that hard to identify bots if you know what you're looking for, which is why it would reduce the incidence of bots fairly substantially. It certainly would, but whether Tom thinks manual activation of accounts is a good trade off is another thing. Worthless, especially because the bots had to go through a Captcha to create the Proboards ID Unimplimentable Can change Smeghead to Boxbot but not Sme ghead and can't be setup to autodelete posts. They're not and can't be.
|
|
|
Post by sapientcoffee on Mar 11, 2015 9:48:42 GMT
I've been on boards where you can sign up just fine, but something like your first five posts have to be approved by a mod. Even easier to spot the bots then.
Honestly, the way it is now doesn't bother me at all, unless GK Sierra is mostly coming here just to mod. In that case I'd suggest a mod who is a more regular visitor.
|
|
|
Post by Tom Siddell on Mar 11, 2015 13:20:26 GMT
I've implemented account activation and I'm going to have to reject basically any new account that has an IP address that originates in India. Every single one of the bots has had an Indian IP address. I check the forum several times a day, every day, even if my status is not updated, so people shouldn't have to wait too long for their account to be activated.
|
|
|
Post by Xan on Mar 11, 2015 13:30:03 GMT
I've implemented account activation and I'm going to have to reject basically any new account that has an IP address that originates in India. Every single one of the bots has had an Indian IP address. I check the forum several times a day, every day, even if my status is not updated, so people shouldn't have to wait too long for their account to be activated. There may be false positives though, as in, actual fans from India. Minority? Maybe. Still, it would be nice if you put some kind of way to appeal the decision with proof that your intentions are good and you do belong here.
|
|
|
Post by Tom Siddell on Mar 11, 2015 13:37:26 GMT
It's fairly easy to spot a junk email address and username created by a bot, but I will be keeping an eye out, of course.
|
|
|
Post by Daedalus on Mar 11, 2015 15:37:56 GMT
Every single one of the bots has had an Indian IP address. Hopefully BabaJi isn't tenacious enough to change that.
|
|
|
Post by rosencrantz on Mar 11, 2015 15:50:12 GMT
I've seen exactly this type of spam on the Paizo boards as well. Surely it must be a bot.
|
|
|
Post by stef1987 on Mar 11, 2015 22:28:57 GMT
Oh, we have a moderator now! Great!
|
|
|
Post by SilverbackRon on Mar 12, 2015 6:40:10 GMT
Wow, I didn't know we had a moderator other than Tom. When did this happen? Well, congrats @gksierra! I have been a moderator on boards before and my stated goal was just a janitorial Mod, sweeping up the spam. It can get tiresome, so I want to say I appreciate your efforts.
Nice to hear from Tom about the account activation plan. Sorry you have to deal with this kind of stuff.
|
|
|
Post by calpal on Mar 13, 2015 0:31:19 GMT
It's obvious, Tom. We kill the Bab(aJi)man.
|
|
|
Post by chrisjenl on Mar 13, 2015 8:02:54 GMT
If it is a bot it is possible easyer to ask a easy question when you get a new acount like 3+5= or who is Annie best friend and change the question when he show op again.
If you don't like to check all new acounts
|
|
|
Post by Gotolei on Nov 2, 2015 2:29:28 GMT
The fan project forum is filled with spam at the moment. The bot responsible did a test post about a week ago, it wasn't dealt with despite multiple reports being made, so now it's going to town.
An actually-active moderator would be fantastic.
And if that moderator would be so kind as to set their profile so we could tell if they're even around anymore would be better still.
|
|
|
Post by Daedalus on Nov 2, 2015 8:33:07 GMT
The fan project forum is filled with spam at the moment. The bot responsible did a test post about a week ago, it wasn't dealt with despite multiple reports being made, so now it's going to town. An actually-active moderator would be fantastic. And if that moderator would be so kind as to set their profile so we could tell if they're even around anymore would be better still. In retrospect, although GK was great in handling the earlier Babaji invasion*, and has navigated many inter-member conflicts with ease, it may have been a mistake to nominate for the job one of the less active senior members of the forum. Oh well. Having that side of the board cleaned would be really nice, though, kthx. *Do we all think this is the same person? I'm undecided.
|
|
|
Post by philman on Nov 2, 2015 8:43:58 GMT
Idon't like the idea of having to have a moderator verify accounts before making posts, especially on a forum like this where most people make an account specifically to make a point about that days page. we may have 14 people joining per month, but I am willing to bet the majority of those signed up n the same day as a particularly major comic page or something.
|
|