Of spambots and delayed posts
Posted: 12 Jun 2015, 13:40
Hi all!
This thread is going to be very simple at its core: I simply want to offer an apology to everyone that has had their initial post delayed in this forums. And as I've had to approve the posts of every single person in this board, this means everyone of you.
I'm aware of how annoying it can be, but here are some examples on why such amount control is strictly necessary.
Exhibit #1:
The first iteration of this forum had a massive breach. I used the phpBB inbuilt captcha, which just wasn't enough. In short, the forum got filled with weird links and meaningless dribble before we even managed to announce its existence on the TROSfans. As the forum had only a couple of users (me and Agamemnon) and the breach was so bad... I just reinstalled it from scratch.
Exhibit #2:
So I went with Google captcha. Google knows what they are doing, right? Well, a spammer managed to get past that one as well, but I had the approval-countermeasures on by then. The damage was under control, but clearly the Google captcha wasn't doing its job. So, this is why you guys have to arrange up the image as you first register, as it's not a widespread countermeasure and not something most bots can handle on their own.
Exhibit #3:
In truth, that previous breach actually involved two breaches. Two users registered at the same time, one went full-on spamming immediately and the other account lay dormant for over a month before attempting to spew the same crap that the previous, now banned user. So, despite having their IP banned, the same people still managed to harass us twice. Luckily, the approval-countermeasures saved our bacon once more.
Exhibit #4:
Next breach happened on our old wordpress-based main website. The spambots are getting so smart than they can actually post generic, but legit-looking posts to get the first approval, presumably to land a full scale assault after the initial post is approved.
After that kind of subtlety, I started wondering at what point will the bots be taking the context into account? Well, I can just say that we no longer need to wonder, as it became a reality today:
Exhibit #5:
In short, not only did the spammer manage to get past the non-standard captcha (not a surprise, really, as there are captcha-solving sweatshops out there), but this time... there wasn't any obvious spam or generic texts. This time, the spambot chose to copy another post from our forums... and re-post it.
So, yeah... I just hope the spambot realized the irony in what kind of post it chose to replicate before I booted it from our boards and banned its IP forever.
Here's to hoping they won't teach it to pick out a more subtle post the next time around.
This thread is going to be very simple at its core: I simply want to offer an apology to everyone that has had their initial post delayed in this forums. And as I've had to approve the posts of every single person in this board, this means everyone of you.
I'm aware of how annoying it can be, but here are some examples on why such amount control is strictly necessary.
Exhibit #1:
The first iteration of this forum had a massive breach. I used the phpBB inbuilt captcha, which just wasn't enough. In short, the forum got filled with weird links and meaningless dribble before we even managed to announce its existence on the TROSfans. As the forum had only a couple of users (me and Agamemnon) and the breach was so bad... I just reinstalled it from scratch.
Exhibit #2:
So I went with Google captcha. Google knows what they are doing, right? Well, a spammer managed to get past that one as well, but I had the approval-countermeasures on by then. The damage was under control, but clearly the Google captcha wasn't doing its job. So, this is why you guys have to arrange up the image as you first register, as it's not a widespread countermeasure and not something most bots can handle on their own.
Exhibit #3:
In truth, that previous breach actually involved two breaches. Two users registered at the same time, one went full-on spamming immediately and the other account lay dormant for over a month before attempting to spew the same crap that the previous, now banned user. So, despite having their IP banned, the same people still managed to harass us twice. Luckily, the approval-countermeasures saved our bacon once more.
Exhibit #4:
Next breach happened on our old wordpress-based main website. The spambots are getting so smart than they can actually post generic, but legit-looking posts to get the first approval, presumably to land a full scale assault after the initial post is approved.
I almost fell for that one! The grammar was there, it showed an interest... yet the name gave it away. I was about to approve the comment as I realized how generic it was. It's applicable to literally almost any blog-style website out there. So, yeah, a spammer it was. And they're just not parroting that single paragraph -- bots can make modifications and mix it up!where to buy a metronome wrote:Howdy! I could have sworn I've visited your blog before but after looking at a few of the posts I realized it's new to me. Anyhow, I'm certainly happy I came across it and I'll be book-marking it and checking back regularly!
After that kind of subtlety, I started wondering at what point will the bots be taking the context into account? Well, I can just say that we no longer need to wonder, as it became a reality today:
Exhibit #5:
In short, not only did the spammer manage to get past the non-standard captcha (not a surprise, really, as there are captcha-solving sweatshops out there), but this time... there wasn't any obvious spam or generic texts. This time, the spambot chose to copy another post from our forums... and re-post it.
So, yeah... I just hope the spambot realized the irony in what kind of post it chose to replicate before I booted it from our boards and banned its IP forever.
Here's to hoping they won't teach it to pick out a more subtle post the next time around.
