March 2012 monthly report and spam

Let us know how we are doing -
Post Reply
User avatar
kingfisher
Volunteer
Posts: 2123
Joined: Tue Nov 20, 2007 10:53 am

March 2012 monthly report and spam

Post by kingfisher »

 Edit: Split from that post to clear the other topic. 
I've been thinking about spam because I NEVER see it on my distro's forum. I monitor that forum and this using a news reader so I would expect to see spam posts if they remained for even a short time on the other forum. I'll try to do some research on the subject because it seems that spam should not necessarily be the problem it seems to be here.
Apache OpenOffice 4.1.9 on Linux
User avatar
RoryOF
Moderator
Posts: 34570
Joined: Sat Jan 31, 2009 9:30 pm
Location: Ireland

Re: Forum statistics: monthly report

Post by RoryOF »

Does your distro use some form of anti-spam registration? On my first log on this morning, there were 17 messages, of which there were 1 and 4 spams to be moved to Quarantine and their two posters banned. As Hagar said, posting of spam has dramatically increased - usually for streaming sites. Villeroy linked the increase to the shutdown of Megadownload, and it certainly seemed to coincide with that.
Apache OpenOffice 4.1.15 on Xubuntu 22.04.4 LTS
/a3
Posts: 92
Joined: Sat Jul 02, 2011 4:05 am

Re: Forum statistics: monthly report

Post by /a3 »

kingfisher wrote:I've been thinking about spam because I NEVER see it on my distro's forum. I monitor that forum and this using a news reader so I would expect to see spam posts if they remained for even a short time on the other forum. I'll try to do some research on the subject because it seems that spam should not necessarily be the problem it seems to be here.
In the other topic I posted, people seemed to think that the spam was not automated but manual. Maybe it's just me, but I'm not so sure. I haven't used spamming programs (perhaps obvious) but I've seen theories where any form of CAPTCHA or challenge can be fed into a database. From there, people in poor countries type out CAPTCHAs and challenges that can't be solved. Or perhaps somehow the signature "challenge" has been automated so that values could automatically be entered in.

Anyway, most people at phpBB.com seem to think Q&A CAPTCHAs are the way to go, providing that the question/answer combination hasn't already been broken. Spamming software like Xrumer have already got databases with thousands of commonly used questions.

On the other hand, the CAPTCHA that is used here has been broken for a long time (since the phpBB2 days).

Anyway, my thought is this: get rid of the old CAPTCHA here and replace it with a question that isn't commonly used. Something like these might even be effective:
Question: answer="qwertyuiop". Please type the answer into the box without quotes and in CAPITALS.
Answer: QWERTYUIOP

Question: Spell "trugoy" backwards (without quotes).
Answer: yogurt

Question: 2 3 4 *5* 6 - type the number with stars (*) next to it.
Answers: 5, five
I don't know, maybe that won't work. But I don't think it will deter new users, and it might just be effective at stopping the spammers, even for a short amount of time.
LibreOffice 4.2
User avatar
RoryOF
Moderator
Posts: 34570
Joined: Sat Jan 31, 2009 9:30 pm
Location: Ireland

Re: Forum statistics: monthly report

Post by RoryOF »

I prefer` trick questions which show some intelligence on the part of the poster, such as
"How many blue beans make five?"
or
"Which is heavier, a pound of feathers or a pound of lead?"
Apache OpenOffice 4.1.15 on Xubuntu 22.04.4 LTS
User avatar
kingfisher
Volunteer
Posts: 2123
Joined: Tue Nov 20, 2007 10:53 am

Re: Forum statistics: monthly report

Post by kingfisher »

I'll test the registration process at the other forum. I agree with Rory about using simple questions rather than forcing people to try to decipher some heavily disguised characters. From a recent thread on the other forum, I gather that the administrators block IP addresses which present a spamming problem. In their case, they blocked a range of addresses based in China.
Apache OpenOffice 4.1.9 on Linux
User avatar
RoryOF
Moderator
Posts: 34570
Joined: Sat Jan 31, 2009 9:30 pm
Location: Ireland

Re: Forum statistics: monthly report

Post by RoryOF »

Before a guest can search, the ubuntu forum <http://ubuntuforums.org> asks simple questions such as
What is 1+4?
How many ears does the average human have?
What colour is an orange?

I don't know what they ask before posting (Hagar, you have posted there, can you tell us?).
Apache OpenOffice 4.1.15 on Xubuntu 22.04.4 LTS
/a3
Posts: 92
Joined: Sat Jul 02, 2011 4:05 am

Re: Forum statistics: monthly report

Post by /a3 »

RoryOF wrote:Before a guest can search, the ubuntu forum <http://ubuntuforums.org> asks simple questions such as
What is 1+4?
How many ears does the average human have?
What colour is an orange?
Only problem is those kinds of questions have been answered before. With regards to the first, apparently Xrumer can perform math operations. Ubuntu Forums is pretty big so I imagine spammers would probably "mine" their questions from there and other large forums.

The questions you posted originally seemed better though. I wouldn't object to those at all.
RoryOF wrote:I don't know what they ask before posting (Hagar, you have posted there, can you tell us?).
I've posted there before, but I can't specifically remember any questions before posting. But then again, I may be wrong.
kingfisher wrote:From a recent thread on the other forum, I gather that the administrators block IP addresses which present a spamming problem. In their case, they blocked a range of addresses based in China.
The only problem with that is that legitimate users are blocked, so maybe not the best way of going about it. I've had my own (static) IP blocked on a few forums that I hadn't ever visited before, although those times were probably a whole range of addresses, not mine specifically.
LibreOffice 4.2
User avatar
Hagar Delest
Moderator
Posts: 32594
Joined: Sun Oct 07, 2007 9:07 pm
Location: France

Re: Forum statistics: monthly report

Post by Hagar Delest »

/a3 wrote:
RoryOF wrote:I don't know what they ask before posting (Hagar, you have posted there, can you tell us?).
I've posted there before, but I can't specifically remember any questions before posting. But then again, I may be wrong.
+1. As far as I remember in 2006, it was a mere captcha, that's all.
/a3 wrote:
kingfisher wrote:From a recent thread on the other forum, I gather that the administrators block IP addresses which present a spamming problem. In their case, they blocked a range of addresses based in China.
The only problem with that is that legitimate users are blocked, so maybe not the best way of going about it. I've had my own (static) IP blocked on a few forums that I hadn't ever visited before, although those times were probably a whole range of addresses, not mine specifically.
+1.

I think I've seen 1 or 2 spams in the ubuntu forums but there is so many people online that they don't stay very long.

Note that a lot of them are real humans because they log in (hence give the correct signature) and then change the signature to add the commercial links. I don't think a bot can do that.

My call on the ooo-private list for someone to continue Terry's work was also for this kind of improvement we will have to do. Counting the colors in a picture seems the most robust IMHO. I think that calculations can be cracked rather easily.
LibreOffice 7.6.2.1 on Xubuntu 23.10 and 7.6.4.1 portable on Windows 10
User avatar
RoryOF
Moderator
Posts: 34570
Joined: Sat Jan 31, 2009 9:30 pm
Location: Ireland

Re: Forum statistics: monthly report

Post by RoryOF »

I'm not disagreeing with the need for spam prevention methods, just trying to contribute to the discussion!

Counting colours is perhaps not the best approach. You may not be aware of it, but about 5-10% of males suffer some form of colour blindness; the percentage is much less in females. I became aware of this when teaching printing of colour photographs; we had to ensure that those affected were not paired together. The test charts are called after their originator Dr. Ishihara - samples at
http://www.toledo-bend.com/colorblind/Ishihara.asp
But something along those lines would be acceptable - perhaps a monochrome version alongside?
 Edit: As an afterthought: do not use the above link as a definitive assessment of a colour perception problem, as it will be influenced by the brightness and contrast settings of your monitor. If you have suspicions that you may have a colour perception problem, you should consult a qualified professional such as your doctor or an occulist. 
Apache OpenOffice 4.1.15 on Xubuntu 22.04.4 LTS
Post Reply