| Pages:
1
..
16
17
18
19
20
..
28 |
streety
Hazard to Others
Posts: 110
Registered: 14-5-2018
Member Is Offline
|
|
Wow, I know I've seen a lot today but had not realized it was that many. Thanks for all you and the other mod/admins do to keep the forum running and
clear of spam.
I haven't contacted Polverone. Should I, or would it make more sense for you or one of the other admins/mods to contact him? I think he will get an
email from github about the pull request.
The changes are fairly minimal so he should be able to evaluate their safety without difficulty. I can make changes if necessary.
I could potentially try to implement other anti-spam features if this proves to be insufficient. I think there are three broad categories of options
we might consider
1) Prevent spambots from registering
Hopefully this captcha question will limit the flood
2) When they do get in limit the damge they can do
One option that might be relatively easy to implement is limiting new accounts to a single thread in the first 24 hours
3) When there is spam make it easier to clean up
I'm not entirely sure what the process is when you deal with spam. If you can describe the current process and what your ideal process would be I can
try to implement something closer to your ideal.
|
|
|
j_sum1
Administrator
Posts: 6320
Registered: 4-10-2014
Location: At home
Member Is Offline
Mood: Most of the ducks are in a row
|
|
Right now, #1 would make a big difference. By all means contact Polverone. I have brought your efforts to the attention of the mods for discussion,
but any changes reay need Polverone on board. He seems to not wander by here much these days. (Reminds me of Gandalf's visits to the Shire. Infrequent
but of great import even if not much seems to change.)
|
|
|
Xenoid
National Hazard
Posts: 775
Registered: 14-6-2007
Location: Springs Junction, New Zealand
Member Is Offline
Mood: Comfortably Numb
|
|
Quote: Originally posted by Swinfi2  | I really like Reboots idea of a sign up quiz. say like 5 easy questions.
eg:
Balance this equation CH4 + _O2 -> _CO2 + _H2O
Give the formula product of H2SO4 + NaCl -> NaHSO4 + __
What is a Kelvin: A) A material. B) A name. C) Unit of temperature. _
Give the Element symbol for any element that's a liquid at room temperature: __
what is the SI unit for energy: _
just long enough that a human who has to look this stuff up might think ffs i'll post quicker somewhere else.
a bot should obviously fail unless its given the answers, i guess make them show up in random order. |
I made this suggestion way, way back in 2012 (on page 4) - so don't hold your breath!
Regards, Xenoid
|
|
|
Ubya
International Hazard
Posts: 1247
Registered: 23-11-2017
Location: Rome-Italy
Member Is Offline
Mood: I'm a maddo scientisto!!!
|
|
something must be done fast, we are flooded with spam
---------------------------------------------------------------------
feel free to correct my grammar, or any mistakes i make
---------------------------------------------------------------------
|
|
|
RogueRose
International Hazard
Posts: 1592
Registered: 16-6-2014
Member Is Offline
|
|
I say all members stop doing the job. we've been doing it for years, offered to pay to have something programmed, and an endless other array of
things. If they don't want to do something about it, there are other boards out there
|
|
|
WGTR
National Hazard
Posts: 971
Registered: 29-9-2013
Location: Online
Member Is Offline
Mood: Outline
|
|
Can a mod do a manual delete on this one?
https://www.sciencemadness.org/whisper/viewthread.php?tid=85...
This spammer managed to reply to his own post twice; I don't think the removal script will do the job this time.
I still gladly report spam when I'm here. I don't think it's time to throw in the towel on the forum...it's generally a great resource to have, and I
refer to it sometimes when trying to scratch my head through a problem at work.
|
|
|
j_sum1
Administrator
Posts: 6320
Registered: 4-10-2014
Location: At home
Member Is Offline
Mood: Most of the ducks are in a row
|
|
Aargh! Lost my post. Time top retype.
I have been deleting manually lately. Quite frankly the spam-cleaning script cannot keep up. By the time a spam has been reported sufficient times
to trigger deletion and autobanning, several others have taken its place. And checking and processing spam reports takes as much time as checking and
deleting individual spam.
So yes, we are getting a bit swamped at present. I agree that something needs to be done as a matter of urgency. Yesterday was I think a record for
me -- not that I generally keep count, but I deleted 55 spam in one hit, 38 a cpouple of hours later and then another 7-10 on two or three occasions
after that. And just a moment ago I deleted another dozen. So, that is in the order of 120 in 24 hours on top of whatever was deleted by other mods
or removed via the spam script.
At this point, I think if we can get on top of the bot problem we will be making a great stride forward. And I think a captcha should achieve that.
The one that streety wrote looks like it would work just fine. It remains to get Polverone to ok it and put in in place.
The bots are not the only problem. We have had some quite clever human-generated spam in the past. Not much recently though. This tends to be in
established threads rather than in a new thread. If you see any of these then please U2U a mod or two. The message might get lost in the pile if you
simply report. We also have our recidivist troll, but only one as far as I can tell. He is more nuisance than anything and pretty easy to spot. The
problem he causes is insignificant compared with the magnitude of his delusions.
Thanks for your perseverance with this. Hopefully we will see an end to the unsolicited trash soon.
|
|
|
MJ101
Hazard to Self
Posts: 82
Registered: 14-6-2018
Member Is Offline
Mood: Always Sunny
|
|
| Quote: Originally posted by RogueRose | | I say all members stop doing the job. we've been doing it for years, offered to pay to have something programmed, and an endless other array of
things. If they don't want to do something about it, there are other boards out there |
@RogueRose: Spam is an unfortunate consequence of having a web forum. The only way it can be mitigated is if all of the members pitch in and report
it. That goes for trolls as well, with the difference being that you -never- respond to a troll.
They exist solely to aggravate members and to draw out arguments.
Who is the forum administrator? And when was the last time anyone spoke to him/her?
|
|
|
symboom
International Hazard
Posts: 1143
Registered: 11-11-2010
Location: Wrongplanet
Member Is Offline
Mood: Doing science while it is still legal since 2010
|
|
Its a pattern so its a bot that can ve outsmarted it used key words and is repeating the same message easy to stop
Needs to be programmed in the fourm software or we could work together and update the site i all a person needs is the source code i havnt studied
computers for a while
But the board does run on a linux server.
Maybe work on peice on the site addressing the problems
And make a poll
Who knows how to work on servers
|
|
|
streety
Hazard to Others
Posts: 110
Registered: 14-5-2018
Member Is Offline
|
|
j_sum1 has indicated that only Polverone would be able to update the forum software. Last visit a week ago and last post the backup linked below.
| Quote: Originally posted by symboom | Its a pattern so its a bot that can ve outsmarted it used key words and is repeating the same message easy to stop
Needs to be programmed in the fourm software or we could work together and update the site i all a person needs is the source code i havnt studied
computers for a while
But the board does run on a linux server.
Maybe work on peice on the site addressing the problems
And make a poll
Who knows how to work on servers |
The code used for the forum is available at https://github.com/mattbernst/xmbforum linked to from https://www.sciencemadness.org/whisper/viewthread.php?tid=80...
There is also a backup of the site with private information removed available. This is what I worked on for the captcha question code I posted above.
https://www.sciencemadness.org/whisper/viewthread.php?tid=12...
|
|
|
Vomaturge
Hazard to Others
Posts: 286
Registered: 21-1-2018
Member Is Offline
Mood: thermodynamic
|
|
Spamergency Measures
First off, I'd like to thank all the moderators for their time dealing with spammers, trolls,
and general forum maintenance. But I have a question on how to best help them clear
spam.
It is well known that there is a spam deletion code in the SM forums. If two trusted
members report a post using the word "spam," it will be deleted without any action from
the mods.
But the code does not always catch spam. If the account was registered previously, or the
thread has been replied to, or (I believe) the poster has made more than one spam post,
then the code won't recognize it as spam. Also, jsum_1 has explained that the code can't
keep up with very high rates of spamming, like the ones at present. In any of the above
cases, the threads must be removed by a real mod, and multiple people reporting will just
add extra reports which must be processed by hand.
So I'd like to ask the moderators, WHAT WOULD BE BETTER? ONE PERSON REPORTING AND
REPLYING "REPORTED SPAM", OR MANY PEOPLE REPORTING THE SAME THREAD
INDEPENDENTLY? The former will reduce the numbered of reports that must be examined;
the latter will lead to multiple reports per thread, and hopefully some of the threads being
deleted automatically.
As far as the chemistry question captcha goes, I like the idea. It will unfortunately make it
harder for beginning amateur chemists to register, but will greatly help in making people
UTFSE, and block spam almost 100%.
We know many of these accounts come from the same sources (same types of adds, same
IP's), and it seems like Bert had some luck finding and banning large bundles of spam
accounts using this fact. But I could be wrong as to how successful he really was.
|
|
|
symboom
International Hazard
Posts: 1143
Registered: 11-11-2010
Location: Wrongplanet
Member Is Offline
Mood: Doing science while it is still legal since 2010
|
|
Excellent anyone want to do a spam sweep by reporting the post and typing spam then report
One person does a sweep of the today's post each hour so lets say it's 6 and I report all of the spam I see then another member does the same thing 6
hours later. due to how the time zones work behind or forward in a hour this should work perfectly and it just needs 4 people
A perfect human solution
I volunteer myself just need a quick cut and paste
Of the word SPAM spell like that in capital letters
Wish I had a program to do the cut and paste
Control x and control v for paste
Although the reason there is a delay in case you acedently pressed report
Perfect computer solution
Program that can identify key repeative words
And other clues
Or we can use the catcha system the are you a robot test
Three options pick one
[Edited on 23-7-2018 by symboom]
|
|
|
j_sum1
Administrator
Posts: 6320
Registered: 4-10-2014
Location: At home
Member Is Offline
Mood: Most of the ducks are in a row
|
|
Bert did delete a bunch of spammer accounts but did not make any progress towards stemming the tide of new accounts. Then he got busy with fireworks
season I guess.
I really don't know the details of how the script works or why it is not working. But it appears that at least one bot has a workaround and is not
getting caught by the script. For example, I have noticed that while we have flood protection and cannot post more frequently than once a minute,
spam threads can appear from the same account at the rate of 1 every 20 seconds. This means that manual deletion is a reality. It does not take long
but it does require a certain presence and in the meantime the front page gets chocked up with garbage.
Reporting is fine. But realistically most spam reports will not get read. So, if you want to get our attention, send a regular U2U. Your proposal
of reporting within the thread and messaging a mod is ok but probably will not make a lot of practical difference. At least the other way some of the
spam will get processed automatically.
I am particularly interested in catching spam and trolling that appears within established threads. If you see this then send a message to a mod.
|
|
|
JJay
International Hazard
Posts: 3440
Registered: 15-10-2015
Member Is Offline
|
|
There are a lot of blacklists, but this is the best one I know of for spammers and trolls: http://efnetrbl.org/
Combined with IP-based blocking, it can only be defeated with some actual skills.
It's pretty easy to use... there are a few REST web services that will query it for you, or you can simply use DNS.
|
|
|
Corrosive Joeseph
National Hazard
Posts: 915
Registered: 17-5-2015
Location: The Other Place
Member Is Offline
Mood: Cyclic
|
|
As soon as one lot of spam is deleted, it just starts again, more or less, straight away.......... This is chronic
/CJ
Being well adjusted to a sick society is no measure of one's mental health
|
|
|
j_sum1
Administrator
Posts: 6320
Registered: 4-10-2014
Location: At home
Member Is Offline
Mood: Most of the ducks are in a row
|
|
Phd, your trolling is a nuisance but is easily shrugged off.
Spam, from you and others is likewise a nuissance. But people here are smart enough to ignore.
We just deal with it and move on. I, for one have no qualms about deleting your crap.
|
|
|
Abromination
Hazard to Others
Posts: 432
Registered: 10-7-2018
Location: Alaska
Member Is Offline
Mood: 1,4 tar
|
|
I still don't understand why this website is so targeted by people advertising pornography and such. I havent been here for long, but I love this
site and use it to my advantage very often.
I can more understand the targeting of this site by people like PHD but despise it just as much, if not more. To prevent the bots and other fake
accounts made for adult traffic advertising, a simple captia should be required and maybe even a serious of basic chemistry questions like a simple
equation to balence, the scientific name for oil of vitriol (obviously sulfuric acid) or as suggested by another user (don't remember who) who
suggested to fill in the blank for a common chemistry saying (do as you otta, add acid to
_____)
I doubt that this would stop trolls like PHD, but perhaps a good IP ban would do it.
List of materials made by ScienceMadness.org users:
https://docs.google.com/spreadsheets/d/1nmJ8uq-h4IkXPxD5svnT...
--------------------------------
Elements Collected: H, Li, B, C, N, O, Mg, Al, Si, P, S, Fe, Ni, Cu, Zn, Ag, I, Au, Pb, Bi, Am
Last Acquired: B
Next: Na
-------------- |
|
|
j_sum1
Administrator
Posts: 6320
Registered: 4-10-2014
Location: At home
Member Is Offline
Mood: Most of the ducks are in a row
|
|
Spam has been around for a while. And it has changed in flavour from time to time. (We don't seem to be getting Chinese text, UK kitchens or Nike much
these days.) At the moment we are targets of a particular set of bots. The aim of these bots is not that the spam will ever get read, but rather to
raise the profile of the sites on search engines. That is what XRumer was designed for.
I agree that something should be done. One problem is that the forum software is limited, which restricts options.
I am not sure how much a captcha would change things: there is evidence that the bots circumvent some sevurity measures (eg, flood protection
measures) and it is unknown what else they might get around. There is also suggestion of some human intervention at times (sad sad little life). If it
seems like we are being targeted, that is probably accurate.
Best thing to do at this stage is to continually be diligent at reporting spam. Just one thread per username, so try to target threads that have
already been reported (check post count). Also fix the signal to noise ratio by posting some chemistry. Spam hatred is not the reason for our
existence.
|
|
|
symboom
International Hazard
Posts: 1143
Registered: 11-11-2010
Location: Wrongplanet
Member Is Offline
Mood: Doing science while it is still legal since 2010
|
|
Xevil is another program used along side xrumer
Im tired of seeing the this is a test with xrumer username
https://xevil(dot)net/en/
Removed hyperlink
This is the programs website
The program discription
XEvil — easy, fast and flexible tool for automatic recognition of most type of CAPTCHA's (included so hard captchas like Google ReCaptcha v.1 and
v.2, Solve Media, Facebook-captcha, etc.).
The application replaces such services as AntiGate (Anti-Captcha), RuCaptcha, DeCaptcher, etc., and at the same time it provides for higher
recognition velocity (in 10 times) and is completely free of charge.
Video says new OCR reconition.
TO WEB MASTERS
Anti-bot protection in the form of graphic captchas is going for good. It has been several years already, the captchas are recognized by various
services and various application (free/non-free).
The captchas on the site can be customized continuously but this is dead end road. The captchas can push off the visitor of the site (who can be your
potential customer). This type of anti-bot protection is outdated, and will go for good in 2-3 year with introduction of more modern user
authentication systems.
The state of art are provided with secure protection against Spam-bots with use of the following techniques:
CloudFlare
StopForumSpam
Akismet
Encrypted with JS-protection
etc.
It takes not more than 20-30 minutes (one day for the non-expert) to ensure site protection against robots without using such repulsive for users
technologies as captchas
white hat hackers use the tools that the scammers use see how it works and counteract the program from screwing up the threads
This is a suggestion for the moderators to try as they are responsible for keeping the site is good working order
All that needs to be now is defeating these two programs
Maybe make an automated script to counteract the programs
And the spam problems will be gone for good. 
So they sell the problem and the solution
To the problem they created sounds like
The anti tobacco ads paid for by the tobacco companies
Ironic selling the problem and solution.
[Edited on 4-8-2018 by symboom]
|
|
|
Sulaiman
International Hazard
Posts: 3692
Registered: 8-2-2015
Location: 3rd rock from the sun
Member Is Offline
|
|
IF SM charged for example USD1.00 registration fee,
non-returnable if banned,
the problem would cease.
The fee should go to the website owner who can optionally disperse a portion of it to whichever mod. handled the registration as a compensation for
time and effort.
The website owner can choose the policy whether to keep or erase registration data from the secure server separate to the SM server.
@PhD ... start saving.......
|
|
|
streety
Hazard to Others
Posts: 110
Registered: 14-5-2018
Member Is Offline
|
|
| Quote: Originally posted by j_sum1 | | I am not sure how much a captcha would change things: there is evidence that the bots circumvent some sevurity measures (eg, flood protection
measures) and it is unknown what else they might get around. There is also suggestion of some human intervention at times (sad sad little life). If it
seems like we are being targeted, that is probably accurate. |
The different software options posted by symboom do suggest that the image based captchas are not going to be helpful. Adding in a question requiring
some chemistry knowledge will hopefully be more useful. Even if humans are involved I would assume their education is limited.
We are not limited to just these options though.
| Quote: Originally posted by streety | I could potentially try to implement other anti-spam features if this proves to be insufficient. I think there are three broad categories of options
we might consider
1) Prevent spambots from registering
Hopefully this captcha question will limit the flood
2) When they do get in limit the damge they can do
One option that might be relatively easy to implement is limiting new accounts to a single thread in the first 24 hours
3) When there is spam make it easier to clean up
I'm not entirely sure what the process is when you deal with spam. If you can describe the current process and what your ideal process would be I can
try to implement something closer to your ideal. |
I posted the above two weeks ago on the assumption that the registration question would help but might not be enough. At the moment the limitation is
not writing the code needed to implement our spam mitigation ideas but getting them deployed on the server. I can certainly add to the simple question
already implemented and Loptr, JJay, and Melgar have all indicated they have the skills needed to help.
I don't think there is much we can do for preventing registration or limiting the damage without modifying the software on the server. The final
option, making clean up easier, is definitely possible without modifying the software on the server:
| Quote: Originally posted by streety | I did wonder about that automated script myself. The admin interface in the virtual machine backup doesn't suggest there is any automated deletion
system and a quick look through the code didn't reveal anything either. It's possible the virtual machine doesn't include that functionality.
Implementing/replacing an automated spam deletion script could potentially be done without needing to modify the code on the site. If the admins/mods
would be willing to set up a server somewhere[0] we could create a script that every 5 minutes logged in with their credentials, or the credentials of
a newly created account, and swept out any new spam.
[0] This would cost ~$2/month. I'm sure many users, including myself, could host this for free but that's a bad idea from a security perspective.
[Edited on 26-7-2018 by streety] |
Having thought about this some more since making that post I remain confident it can be implemented.
|
|
|
j_sum1
Administrator
Posts: 6320
Registered: 4-10-2014
Location: At home
Member Is Offline
Mood: Most of the ducks are in a row
|
|
I like your thoughts, streety. TBH I am not sure what the delay is. It just needs the ok from the board owner and then to put it in place.
Some of the discussion in money...
This has come up before. Two things, it is probably more trouble than it is worth. Secondly, financial motive is just not the way this board wo3rdks
and it is the better for it.
|
|
|
CharlieA
National Hazard
Posts: 646
Registered: 11-8-2015
Location: Missouri, USA
Member Is Offline
Mood: No Mood
|
|
OK, I guess I'm ready to find more spam-free BB than this one. Any Suggestions?
|
|
|
j_sum1
Administrator
Posts: 6320
Registered: 4-10-2014
Location: At home
Member Is Offline
Mood: Most of the ducks are in a row
|
|
Yep. Send Polverone a U2U and tell him it is getting urgent.
|
|
|
CharlieA
National Hazard
Posts: 646
Registered: 11-8-2015
Location: Missouri, USA
Member Is Offline
Mood: No Mood
|
|
j_sum1:
I did: I really have been enjoying this BB as I try to refresh my chemistry knowledge (BS, 1962), but I'm tired of reporting 10-15 spam messages every
day. I appreciate all you have done with this BB, but I am ready to look for one that is (more) spam-free. Can you recommend any? Thanks. Regards,
CharlieA
Thanks for the idea. Being computer-challenged, I don't understand why one or more of the many suggestions to combat spam that are in this thread
haven't been implemented.
|
|
|
| Pages:
1
..
16
17
18
19
20
..
28 |
![[*]](images/xpblue/default_icon.gif){kind=icon}
