Spammers Ho

Bella · January 16, 2012, 08:52:04 PM

http://ostan-collections.net/forum/index.php?action=profile;u=5162

At least the spammers aren't posting aggressively (or at all), ne? ^^;

Chocofreak13 · January 16, 2012, 10:03:34 PM

i have to say, the spambots are quite off in their assumptions of what we'd like. >>;

but then again, maybe they're not targeting us. :\

Nichi · January 16, 2012, 11:38:10 PM

This one seems a bit fishy as well

Chocofreak13 · January 17, 2012, 12:06:20 AM

they're advertising opera mobile.....for russia. not a purchasable item, but an ad nonetheless. :\

Nichi · January 17, 2012, 08:51:56 AM

Another one, which seems to be advertizing health products.

I have to wonder what's going on here; why are they signing up, but not posting?

Pitkin · January 17, 2012, 10:11:12 AM

It can be that the bots are able to bypass the registration anti-spam systems, but not yet the posting ones. Another option is that they're supposed to post only later and not instantly after registering. Third option that I could imagine is simply registering with the spam inside their profile and never posting, so that it remains fairly unnoticed by users but can be accessed by search engines. :/

Chocofreak13 · January 17, 2012, 11:07:51 AM

either way, they need to be cleaned out, like the scum stains they are. :\

Pitkin · January 17, 2012, 11:31:55 AM

"Scum stains" was very close to the definition I was thinking of as well, yes. xD

Chocofreak13 · January 17, 2012, 01:36:00 PM

i wish we could do something in terms of preventative measures, but they're doing so little it doesn't look like there's anything we can do. it's kind of pathetic. :\

Tsubashi · January 17, 2012, 03:03:49 PM

Well, what would our options be? Stronger captcha's, more complex sign-up requirements, etc. if we got really creative, I am sure we could write heuristic algorithms to detect improper screen names / posts based on post frequency, content, ip address, etc, but the real issue lies in what you said. They are so minuscule a problem, is it really something that we want to take the time to "solve" or are we okay just posting here and letting the noble Pitkin-sama do the occasional cleanup?

I am interested to know, though, Pitkin-sama, are they from a clustered IP range, or no?

Pitkin · January 18, 2012, 08:53:35 AM

I went for increasing the captcha difficulty for now, but that one's a bit double-edged sword, as I'm traditionally extremely poor at reading the captchas myself. Hoping it won't stop any real user from registering and that it'd maybe limit the bots a bit. ._.

On your question, Tsubashi-san (don't call me -sama), I'm afraid I don't really understand what you mean. ^.^; Do you mean if all the bots seem to be coming from similar IP addresses? I think at least that there's not been any pattern so far, but I can be mistaken. I will try to pay more attention to it from now. ^.^

As for the algorithms, we'd need a person like you to implement such as I'm incapable of making them myself. However, before such heavier measures we could try simply updating the forum engine to see if the problem is solved in the most recent version.

Tsubashi · January 18, 2012, 09:09:12 AM

The algorithms were more of a joke on what we would do if we went over-the-top to try and stop them. While it would be lots of fun, it would be an involved process requiring time, which is a commodity I always seem to be in lack of. ^^'

As for the IP addresses, yes that is what I mean. I just remember during my time as admin there was a period of about two months where there was an unusual influx of spambots, all of which came from the same Class B network. During that time I just used a script that would alert me whenever someone from that subnet registered an account, and it was typically very easy to tell which we're real (~10-15%) and which were not.

I am not trying to imply that that is the case here, but I was curious to see.

Pitkin · January 18, 2012, 09:30:09 AM

I notice there are several bots from addresses in Ukraine, Russia and the UK, but the majority still seems to be coming from elsewhere without any concentrated origin...

Meanwhile, would you (or anyone else) have any idea for a bot-proof but human-suitable security question and a fitting answer? x)

Tsubashi · January 18, 2012, 10:20:59 AM

Well, we could rewrite our captcha's style. Instead of just generating an image with a word to type, it could take a screenshot of a portion of the front page and then ask for something specific from that image (eg. Newest user, latest topic in forum x, number of redirects to the wiki, etc). That way, it would not matter how good the bot was at reading the words, it would have to know which ones to give. An even better approach would be to use image magic to dynamically replace the actual value with a randomized string.

This approach has two advantages. A) it is quasi-unique, and thus would effectively stop any mass-produced bots and B) it relies on a human understanding of relative instructions (ie since we do not tell them where in the picture they have to figure it out, something computers are notoriously bad at.)

Naturally, this would take a bit of time to write, and require some modifications to the source, but is significantly less involved than writing heuristics. ^.^

EDIT: There is one more advantage I just thought of. Since this style of captcha relies on the human's ability to tell which word to type, not what, we would not need to obfuscate the words, or make them unusual. They could be plaintext, intelligible usernames or just plain numbers, making it easier for the human who are registering.

Chocofreak13 · January 18, 2012, 11:21:24 AM

if we set the question (who just posted, what topic it was, etc) to change every time, that adds a third layer of security. i like this idea. wish i could help, but i can't code to save my own ass. ^^;;

maybe i can contribute questions? :3