|
Allow Tor access to TMO
I can't find the thread where this was discussed last time, but recently I've been seeing at least ten spam threads per day. Clearly the Tor ban is serving absolutely no purpose, so please get rid of the blacklist forever.
|
Re: Allow Tor access to TMO
You are right.
Let us disable every kind of protection since 10 of 10000 attempts are not correctly blocked. Then, while we are talking about this, have you already asked to your email provider to remove every spam filter from your email account since you still receive 4 spam emails a day? Please, be aware of what is happening on the web. If our filters are sometimes not enough, it doesn't mean that they are useless. |
Re: Allow Tor access to TMO
Funny you should say that, because I've never received a spam mail and there is no spam filter at all on my server.
If other forums can manage spam just fine without blocking Tor (not just registration or posting, but all access), why can't TMO? |
Re: Allow Tor access to TMO
I'm happy for you if you live in a peaceful world without spam and without the need for spam filters.
But, explain me why in that peaceful world do you need to hide yourself in the middle of millions users doing any kind of malicious activity? Why do you accept to appear exactly like the guy that with the same ip tried a defacement one second before? Do you know how the forum's anti spam filter plugins are working? |
Re: Allow Tor access to TMO
Just because I live in the same street as a registered sex offender does not mean that I am one.
I am all for security and anti-spam measures but I think that dumb measures are no better than no measures at all. Blocking by IP is about as dumb as it gets. If the forum infrastructure cannot do better then so be it but please be honest and say it how it is, do not pretend that IP filtering is the bees' knees. |
Re: Allow Tor access to TMO
@pichlo
tmo has (since years) a plugin matching ip+email/username to block unwanted spam comparing those records with spotted ones on common blacklists. It is not enough. Before apply the (dumb) ip blacklist we reached a level of spam that it was impossible to be managed by any number of human moderators. That's why we activated this block. How this could happen? - How many usernames or emails can use a single ip address to register new accounts? Why they are targeting us? Probably because our community is big enough to be interesting and enough complicated to (statistically talking) hide some flaw. The same offending ips often try any kind of approach to make damages. (code injection, common vulnerabilities...) Are there better solutions? Probably yes, but nothing immediately usable. Why our techstaff does not work every day, 24h a day on this issue to create a better solution satisfying tor users while blocking all spam? Because when you talk about techstaff you are talking about just a few guys with a real life very busy, that are facing everyday with the complexity of the servers of this community trying to do their best during their limited free time. This is the situation. To be clear - effective solution in a limited time to obtain the best protection. Suggestions and help are welcome. |
Re: Allow Tor access to TMO
Do you have ANY stats that proves the effectiveness of IP blocking ?
I use tor on occasion, professionally, when I do pen tests. IP blocking is ok for certain situations, like how secure DNS uses it to block malicious sites, yet, even there it is of limited effect. |
Re: Allow Tor access to TMO
Quote:
See for example: http://smarimccarthy.is/blog/2015/01...ation-warfare/ |
Re: Allow Tor access to TMO
And again, feel free to block registration for new users using Tor, but is logging in for already existing users or even just being able to see the website that much to ask for?
|
Re: Allow Tor access to TMO
Maybe turn this into a poll for TMO users vote
|
Re: Allow Tor access to TMO
@nieldk
i think there is no problem, i will try to produce some number about the blacklist effects. @nthn have you read anything from my posts or are you just polling tor, tor, i want tor.... |
Re: Allow Tor access to TMO
Quote:
|
Re: Allow Tor access to TMO
What happened for the initiave to allow Tor access to TMO as a hidden service?
That could be done so that either the access would be read-only or accepted-login only and it would be very easy to set up as there'd be only the one channel to block (meaning, Tor-internal access as hidden service) Additionally I guess it would cut just about all the random-access-malicious-users-using-Tor-just-to-try-it as not so many would even try to find out that we actually have a hidden gateway. |
Re: Allow Tor access to TMO
@juiceme
who proposed this thing has also an idea about how to realize it? If the point is ensure that Tor ip could have access, it means give to a bunch of potentially dangerous ip addresses a priority. If the point is use a blacklist ip based or not, it requires an alternative. Another example is wiki. The same blacklist protects also wiki and bugs since there is no other plugin that we can use to stop spam there. What do you suggest to apply there? |
Re: Allow Tor access to TMO
I propose this as a study item.
In simplest implementation would be to run a Tor node on one of our VM's to use it as the hidden site access gateway. Yes, I grant it it sounds dangerous but there are ways to isolate the traffic and keep the node contained. Access to TMO (and wiki I suppose) would only be allowed either read-only or authenticated from that node. It could even be set up as a request-only use; an user wanting to have Tor access to our sites would need to be pre-authenticated by staff to do that. |
Re: Allow Tor access to TMO
An example of the blacklist job:
On 20 October 2016 we stopped 35916 requests. Here are listed the 100 ip more present in the block log: https://public.etherpad-mozilla.org/p/XV1d8eHFTY Feel free to check these ip against http://www.stopforumspam.com/search and evaluate the statistical possibility to match username/email - ip and what those ip are doing during the last months. I hope this could explain why tor is only the smallest part of the problem. |
Re: Allow Tor access to TMO
Quote:
I appreciate your point of view, your idea and your try to find a solution to satisfy all....but sincerely talking, do you really want to try to secure a service creating an even bigger risk running a tor node? I think that evaluating the situation of the community (active members, number of people involved into techstaff and maintenance tasks..) choose a conservative approach is the only possibility we have to survive. For sure we can decide to upgrade some service,wiki, vbb..or others but create a situation of risk bigger than the actual imperfect status could make damages unfixable for all the servers of the community. |
Re: Allow Tor access to TMO
You guys are talking like we block TOR in general, we don't. The blacklists in use contain major exit-nodes most commonly used by bot-nets as they are fast. I do not like the idea of a limited node on our infra, but how about an onion route to tmo? Block registration from within tor? Then as soon as you log in to a site you authenticate your tor connection to be one of our members which is as stupid as it sounds... you can track single IDs within a browsing history even if the browsing was from different devices and with different cookie settings. For some IDs it is enough to determine the kind of searches they do on google as they can be reverse engineered to be lined up to your "put public accounts here"
How do we measure that the blacklist is actually working? How about that as soon as we activated we have 90% less registrations of sleeper accounts, they get active after exactly 31 days to circumvent a basic 30day grace period of most forum software - we even filter that to some extend but the plug-in we use is failing too. All those single-link-spam-posts are a mystery. There is no filter or any plug-in that detects them properly. If anything, we should think about if it is time to get a new forum and use something that is state of the art in any aspect, incl. using garage accountsDB, replacing the wiki software and midgard all at once. |
Re: Allow Tor access to TMO
My guess, recent spammers are using an open proxy server.
Do we block those ? |
Re: Allow Tor access to TMO
slightly OT because not tor related:
But how many legit registration of new users are there in a week or day? My guess is there are fewer legit new users than successful spam attempts, right? So if manuall work is necessary anyway, why not turn it around and only activate the legit ones on daily basis instead of being forced by the spammers to react more often? Is it fisable to restrict new accounts to only sent a pm to admins or post in a special thread and ask for activation before posting anywhere else? |
Re: Allow Tor access to TMO
Quote:
- We are using a blacklist composed using more sources. - Blacklists are composed by ip addresses that have been ALREADY spotted for malicious activity - There is no will and and no decision to block a specific proxy/ip/service So... we don't block all proxies, if a proxy has been already used for some attack - probably it is blocked. |
Re: Allow Tor access to TMO
Quote:
If the forum software allows for that kind of usage pattern I suggest we could take it into use. |
Re: Allow Tor access to TMO
This IP blocking sounds like shooting the messenger. Don't let anyone in who arrived by bus, because 8 months ago there was some drunk party arriving by bus and one of them threw up in the lobby.
Not only does it look childish, it is also against everything I always assumed anyone standing for freedom should stand for. Free software is just a tiny subset of the freedom movement. On top of that, it penalizes friendly visitors who just happen to arrive by the same route. You cannot always choose your IP, most of the time it is dynamically allocated to you by your ISP. Every public ISP has been subject to a spam attack at some point, including mine. Using the same logic as xes is advocating, I have been denied access to other services because of that. Not only do I find it infuriating, I also find it a sign of incompetence on the side of said service's sysops. I think it's time to step back and ask, what is it exactly that we are trying to protect against? Only once we have a solid answer to that should come the next question, what is the best way to protect us against that? Instead, we have a hammer and treat everything as if it were a nail. |
Re: Allow Tor access to TMO
Quote:
Really: Freedom is in danger, if IPs from known spambots are listed and blocked??? Your example is just childish! The general problem of ISPs, that do not care, will not get resolved, by unblocking their IP-ranges. |
Re: Allow Tor access to TMO
Quote:
|
Re: Allow Tor access to TMO
Quote:
Do you want to add something else? |
Re: Allow Tor access to TMO
I'd advice everyone to cool down a bit, no need to start getting personal.
There is a real problem with spammers, and we do need to protect against that kind of attacking. Only the means are debatable. Now what I'd like to really know is the problem creating new accounts mainly, as this is what I think. Probably we can assume that existing accounts that have posted meaningful stuff in the past will not start spewing out spam just like that? If this indeed is the problem source, then some kind of quarantine mechanism would solve it without any kind of blocking activity; We'd just need a way to sort out potential "real maemo contributor" from a potential spamfester. So what are the statistics now, how many new accounts currently turn out to be spammers and how many not, in say about a month or so? |
Re: Allow Tor access to TMO
Hi. Just kind of curious. Are these spammers a person or a program? If it is a program couldn't there be an additional layer the new member needs to go through to submit a post. Like for the first 10 posts you have to enter some words you are given that are in a strange font that could not be easily read by a program. Isn't this commonly done? Anyways, just asking. I hope there is a good solution as it is quite annoying at times.
|
Re: Allow Tor access to TMO
Quote:
|
Re: Allow Tor access to TMO
Well, if that is the case why not charge 1 dollar to be a member of maemo.org that is allowed post privileges. The rest are read only. Anyone can apply to have the fee waived.
Probably could make it a penny. Just have to have a layer that discourages spamming. |
Re: Allow Tor access to TMO
Quote:
So I would not recommend this approach (as it would also create a layer for new members). But what is this discussion about? To show what could be done if we had a paid admin team serving 24/7??? PLEASE keep in mind that there are (way) less than a handful of members to support the maemo infra and keep it alive. So any proposal should reflect this. Or get in touch with techstaff and offer your help/know-how/time! |
Re: Allow Tor access to TMO
Not sure how to make fighting spam effective without some annoyances.
Blocking known spammers is not the most effective way. Not saying to use this, nor that its effective, but, could be considered http://www.stopforumspam.com Other small tricks, like "no follow" on links posted may assist. |
Re: Allow Tor access to TMO
Now THAT is a very good idea.
A spambot won't be able to pay a dollar. And a spammer will see it as an irritation not to bother with... knowing it is lost money the moment their spam is noticed and their account shut down. Brilliant idea mscion. |
Re: Allow Tor access to TMO
Are there legit newly created accounts nowadays?
I do not know about details of TOR: Could TOR be configured to use endpoints that are not blocked? Is the use of VPNs feasible, may be behind your TOR setup? |
Re: Allow Tor access to TMO
Quote:
Quote:
2.) I do not understand how would you do that, what's the purpose? Both Tor and VPN's can be used to do partially the same thing, meaning hide your actual location but I see no way to use them at the same time? |
Re: Allow Tor access to TMO
Quote:
If young peeps can't wire the funding in they could snail mail it. I'd be happy to volunteer my address to mail the dollar (or penny) to! But on a serious note, I do, greatly appreciate those that maintain the site and have often benefited from help given here. Again appreciated! |
Re: Allow Tor access to TMO
Quote:
|
Re: Allow Tor access to TMO
Quote:
Quote:
|
Re: Allow Tor access to TMO
1 Attachment(s)
Quote:
Well, it would be for just the first few posts. I think they only post once. |
Re: Allow Tor access to TMO
Beware!
Applying captchas to tmo will make you share the same little space in hell with all operators of captive portal hotspots :D Anyway, the problem is we are propably dealing with human spam monkeys that can pass captchas. A social attempt could be more effective. Newly created accounts should be read-only and delete themselfes one week after creation if not activated. To activate the account, the new member has to write a two sentence "Hello i am using device X... and am here to..." selfpresentation PM to Councel or Admin. It will be relatively easy to identify a spammer that goes the length of attempting to get an activation by lying on his motives. My guess is they do not even know what tmo is all about and will gobble something like "Helo Friend, I legit, please activate!" ;) Maybe a invite system could also work where trusted members can sent invite tokens for auto activated new accounts. Granted i have no idea how complex this would be to implement into the current system. Just my humble idea to stop spammers for good. |
| All times are GMT. The time now is 14:58. |
vBulletin® Version 3.8.8