Reply
Thread Tools
Posts: 435 | Thanked: 1,599 times | Joined on Dec 2010
#71
Just reminded me of this
Attached Images
 
 

The Following 2 Users Say Thank You to tommo For This Useful Post:
chemist's Avatar
Administrator | Posts: 1,036 | Thanked: 2,019 times | Joined on Sep 2009 @ Germany
#72
Originally Posted by number41 View Post
Yeah, you're all right, I'm going overboard. I'm sure I'm entirely wrong and the Maemo is right all of the time, even though the explanations part might sound off, I'm sure I'm all paranoid and all that.

Thanks for clearing that up. Hey uhh, if I bet a Neo900 that no TOR will be here until 2018, will the staff buy me one when it's finally in production if I win? In case I'm wrong I'll buy one for you guys as soon as it's bought as a ready device.

= )
You are neither paranoid nor missing to explain yourself.

The problem with Tor is that it is getting abused by botnets and spambots, so the IPs are getting blacklisted. We are not deliberately blocking Tor, it is just a few exit-nodes.

So we have a silly problem at hand, people want us to reduce spamposts and ddos like registrations sprees but at the same time not have captcha active and no blacklist in place. Captcha is only active for registration and first 5 posts, akismet filtering is only there for the first 2 posts. The IP filtering is permanent and while we lift any blacklisting of home IPs on request we would be stupid to do that for high-bandwidth Tor exit-nodes (it is only a few nodes that are blacklisted actually).

So finding a solution that fits everyone is actually not that easy, leave alone the ddos attacks we could ignore the spam and registration problem at hand, have a team of 100 active spam-moderators (we have 11 where only 5 are active) that do a good job in housekeeping all day - now we got our public port shutdown by our provider once and you do not want that to happen ever, so how do we block attacks that can have an impact on our provider? With a firewall, a decent blacklist and a sane configuration of those two.

If you want me to disable captcha and akismet (the google services), I can do that for a couple of days, we can also disable the blacklist. What you do not see, is what happens behind the curtains. Without these automatic filter solutions, it becomes a dayjob to maintain. While I am currently looking for new opportunities (I'd take 45k€ annually), this is voluntary work we do. And it is not easy to keep this level of spam without some downside.
 

The Following 12 Users Say Thank You to chemist For This Useful Post:
Posts: 173 | Thanked: 219 times | Joined on Nov 2010
#73
I'm not sure about the current problems the site faces, but I could volunteer for a "spam cleanup crew" of volunteers. I do have some free-time these days.

I do demand to make all my cleanup actions public through a public log, though. I think it's better to let everyone know what I'm doing and to provide materials through which they can conclude themselves if I'm doing things right or not.
 

The Following 6 Users Say Thank You to number41 For This Useful Post:
chemist's Avatar
Administrator | Posts: 1,036 | Thanked: 2,019 times | Joined on Sep 2009 @ Germany
#74
There is a special group assigned to your account, you can hit a username and see a one-touch-ban&clean button, that should only work on new accounts though (better do not test that!) - no need to log it.
 

The Following 3 Users Say Thank You to chemist For This Useful Post:
chemist's Avatar
Administrator | Posts: 1,036 | Thanked: 2,019 times | Joined on Sep 2009 @ Germany
#75
For statistics, on avg we have 75/d direct attempts of registration where of 5/d actually walk through (even with captcha or question tests) and 3/d do actually post spam. In peaks we have 50/h attempts with about the same ratio. All this is behind the firewall and behind the IP blacklist, without those two we had peaks of 5k/h page request with the same ratio of created accounts and spamposts every couple of months and almost annualy around Sep 30th a very peak (that peak is with delay of 3-5 days hitting TJC in the same manner).
 

The Following 16 Users Say Thank You to chemist For This Useful Post:
Guest | Posts: n/a | Thanked: 0 times | Joined on
#76
Well, not sure about whatever has been implemented; however it still does not work.

Just cleared two spam comments 1 minute ago from posting this.
 

The Following 5 Users Say Thank You to For This Useful Post:
Posts: 51 | Thanked: 260 times | Joined on Sep 2010
#77
Originally Posted by gerbick View Post
Well, not sure about whatever has been implemented; however it still does not work.

Just cleared two spam comments 1 minute ago from posting this.
it appears you have a mis-understanding on how spam filtering works,
it is not an exact science, what this means is that the filters are not perfect, they never will be as as long as we have people making spam filters there will be spammers working out how to get around them

so getting spam != failure of filters
it means some spammers have worked out how to get around our current filters, but _MANY_ more attempts were blocked by them
 

The Following 4 Users Say Thank You to chainsawbike For This Useful Post:
Guest | Posts: n/a | Thanked: 0 times | Joined on
#78
Originally Posted by chainsawbike View Post
it appears you have a mis-understanding on how spam filtering works,
it is not an exact science, what this means is that the filters are not perfect, they never will be as as long as we have people making spam filters there will be spammers working out how to get around them
Perhaps I do have a skewed view of spam filtering. But the pattern is easily seen. Random named person signs up. Random named person makes a post with randomly generated title. Random generated title post is filled with a sentence to avoid the 10 character limit. Post is saved then posted. Then post is edited with the crap URL.

Spam filtering should be able to find a fault point in the many aforesaid steps and stop it. Not that it's disallowing signups; we should disallow something else because filtering is working only in percentages. Process can find a way to get the rest.

so getting spam != failure of filters
it means some spammers have worked out how to get around our current filters, but _MANY_ more attempts were blocked by them
I don't doubt it. But I'm still tired of cleaning them up. It just looks wrong on a forum I actually like. So I delete them as I run across them.

Two today so far...
 

The Following 9 Users Say Thank You to For This Useful Post:
Posts: 2,076 | Thanked: 3,268 times | Joined on Feb 2011
#79
Lets do it, current spam filter is poop, I have an itching feeling a maemoer will drop the mother lode of leaks, win98SE source code, we can port it to maemo
 

The Following User Says Thank You to szopin For This Useful Post:
Community Council | Posts: 4,920 | Thanked: 12,867 times | Joined on May 2012 @ Southerrn Finland
#80
Originally Posted by szopin View Post
...mother lode of leaks, win98SE source code, we can port it to maemo
Why would you think something like windoze source is useful to anybody? Such unnecessary PoC...
 

The Following 3 Users Say Thank You to juiceme For This Useful Post:
Reply

Tags
literally, modsellingusoff, qwerty21, timetoforkoff?

Thread Tools

 
Forum Jump


All times are GMT. The time now is 12:49.