|
||||
|
Title: 10,000th Member Post by ThudanBlunder on Sep 19th, 2007, 4:39pm The number of members has just passed 10000. In fact, the number of members has increased by 300 in the last couple of days! This ought to be a cause for celebration, yet something fishy is going on. There are almost 1000 members with names of the form newxxx@gmail.com, where x represents a digit and there are more that 500 members with names of the form nowxxx@gmail.com. In fact, now510@gmail.com was the 10000th member. What is more, none of these members ever post anything. And all of these 1500+ members seem to have joined in the last two weeks! Is a robot at work here? |
||||
|
Title: Re: 10,000th Member Post by Sameer on Sep 19th, 2007, 5:28pm Yea, I bet this is a bot!! We probably should include a authentic signature for signing up on the forum.. This would probably require immediate attention from William. |
||||
|
Title: Re: 10,000th Member Post by ThudanBlunder on Sep 19th, 2007, 5:34pm on 09/19/07 at 17:28:58, Sameer wrote:
Yeah, these pseudo-members are probably wasting William's precious server resources. Five new 'members' have joined in the last hour. But what is the point in it? |
||||
|
Title: Re: 10,000th Member Post by JiNbOtAk on Sep 19th, 2007, 5:52pm Adding authentic signature is a good move, but what do we do with these xxx-bots ? |
||||
|
Title: Re: 10,000th Member Post by srn347 on Sep 19th, 2007, 6:08pm Why do anything? They aren't causing any harm. Other than the server limit. But users cannot be deleted, so we must find the source any get it to stop. |
||||
|
Title: Re: 10,000th Member Post by srn347 on Sep 19th, 2007, 10:08pm Really? Before doing so, someone should interogate him. I will. |
||||
|
Title: Re: 10,000th Member Post by Sameer on Sep 19th, 2007, 10:28pm on 09/19/07 at 22:08:45, srn347 wrote:
bots like these are not easily dealt with except for making the server side code more robust!! Unless of course the person is dumb enough to run from the same machine!! |
||||
|
Title: Re: 10,000th Member Post by srn347 on Sep 19th, 2007, 10:35pm Who would do this and why? |
||||
|
Title: Re: 10,000th Member Post by Sir Col on Sep 20th, 2007, 12:13am The reason they do this is to obtain publicity for their product/website. What these bots are programmed to do is to register and add a signature with a link to the owner's website. As this forum is very popular it is regularly indexed by the major search engines and they trawl all of the links from the main page, including the members page. One security measure easily implemented is to not allow signatures to be added until the member has made, say, ten posts, and ensure it is removed from the registration form. A script could be easily crafted so that if the registrant submits a signature then it must be a bot trying to register and the registration process can be terminated. However, these annoying bots are also programmed to make posts which contain links. This is much more difficult to guard against. Hence the most effective method is getting a human response during registration. This is sometimes achieved by getting the user to perform some random calculation, answer some trivia question, but often done by getting the user to enter the code embeddd in an image, called CAPTCHA. Unfortunately most of the bot engines - and, yes, creating these is big business - at the moment have work arounds for the standard CAPTCHA systems. A customised system is the best way forward here. |
||||
|
Title: Re: 10,000th Member Post by towr on Sep 20th, 2007, 1:00am None of these accounts seem to link to a website though. If they have a link in their signature, it doesn't show up anywhere without them posting. The only thing they're doing is taking up a little bit of server space, but even that shouldn't be much. |
||||
|
Title: Re: 10,000th Member Post by srn347 on Sep 20th, 2007, 7:10am Someone should delete them though. |
||||
|
Title: Re: 10,000th Member Post by rmsgrey on Sep 20th, 2007, 7:29am on 09/20/07 at 01:00:35, towr wrote:
member profiles? |
||||
|
Title: Re: 10,000th Member Post by towr on Sep 20th, 2007, 7:53am on 09/20/07 at 07:29:45, rmsgrey wrote:
|
||||
|
Title: Re: 10,000th Member Post by srn347 on Sep 20th, 2007, 4:23pm By authentic signature, do you mean one of those image things where they can't copy and paste it? By the way, if you can't see their sig, how do you know that it's a link? |
||||
|
Title: Re: 10,000th Member Post by JiNbOtAk on Sep 20th, 2007, 5:45pm on 09/20/07 at 00:13:42, Sir Col wrote:
Really ? Didn't notice. :P Actually, how many members could William's account support ? |
||||
|
Title: Re: 10,000th Member Post by Roy on Sep 20th, 2007, 7:10pm Well, i suppose only William would know that, but, how long has it been since anyone has seen him onlline, let alone post? |
||||
|
Title: Re: 10,000th Member Post by ThudanBlunder on Sep 20th, 2007, 7:29pm 120 new members a day, one every 12 minutes! Is srn347 making contingency plans? |
||||
|
Title: Re: 10,000th Member Post by srn347 on Sep 20th, 2007, 8:01pm Contingency? Anyway, they'll always stick out like a sore thumb by not posting, and having a name that seems like a robot's creation. |
||||
|
Title: Re: 10,000th Member Post by Robots Creation 10110101 on Sep 20th, 2007, 9:16pm on 09/20/07 at 20:01:09, srn347 wrote:
HEY, THAT'S OFFENSIVE!!! :P |
||||
|
Title: Re: 10,000th Member Post by srn347 on Sep 20th, 2007, 10:36pm Sorry, perhaps I should of had the word a, or something. You don't need to YELL though. Did you just morph your name from robot's creation 101011010100110100 to mikedagr 8? |
||||
|
Title: Re: 10,000th Member Post by mikedagr8 on Oct 4th, 2007, 3:56am Just a thought... Our member count is now below 10K. What happened? |
||||
|
Title: Re: 10,000th Member Post by SMQ on Oct 4th, 2007, 4:05am William has been cleaning up the massive numbers of [fake-address]@gmail.com accounts. --SMQ |
||||
|
Title: Re: 10,000th Member Post by Ghost Sniper on Oct 9th, 2007, 10:16am on 10/04/07 at 04:05:07, SMQ wrote:
I believe that he should add something to help protect the site from auto-registration. What I'm thinking is using what a lot of other sites do for registration, and that is having a picture with letters and numbers in it, and then having the person registering type in the characters. It won't hinder people who want to register, but it would stop spambots from registering. |
||||
|
Title: Re: 10,000th Member Post by SMQ on Oct 9th, 2007, 10:25am It's called a CAPTCHA (http://en.wikipedia.org/wiki/Captcha), and I guess there are software issues preventing one from being implemented here in the near future. Longer term I'm sure some similar system will be instituted. --SMQ |
||||
|
Title: Re: 10,000th Member Post by towr on Oct 9th, 2007, 11:29am Before the last update the forum did, for a while, have that. But it wasn't compatible with that upgrade. Also, spam-software can now crack many of those CAPTCHA's, so they don't help all that much anymore. |
||||
|
Title: Re: 10,000th Member Post by Aryabhatta on Oct 9th, 2007, 12:03pm In the spirit of this site, perhaps we can just ask a simple puzzle before registration is allowed. (Edit: I see that CAPTCHA covers asking puzzles etc. Sorry, I thought it was only about images) |
||||
|
Title: Re: 10,000th Member Post by ThudanBlunder on Oct 10th, 2007, 10:18am William claims that guest access has been denied. Why then are there now 22 guests online? |
||||
|
Title: Re: 10,000th Member Post by towr on Oct 10th, 2007, 10:50am on 10/10/07 at 10:18:49, ThudanBlunder wrote:
Two) I don't think guest access is denied any more. |
||||
|
Title: Re: 10,000th Member Post by DC1E2L on Oct 15th, 2007, 1:26am on 10/10/07 at 10:50:17, towr wrote:
How do you access a guest pass? What does it comprise of? Is it only when looking at the forums and you are not logged in, does it apply you as a guest? I just saw, and there are still about 400 nowXXX@gmail.com accounts. Scary. |
||||
|
Title: Re: 10,000th Member Post by towr on Oct 15th, 2007, 2:24am on 10/15/07 at 01:26:19, DC1E2L wrote:
|
||||
|
Title: Re: 10,000th Member Post by Sameer on Oct 15th, 2007, 2:24pm Uh oh.. look what the bot is doing at other forums: http://www.forkinhand.com/forum/viewforum.php?f=4 |
||||
|
Title: Re: 10,000th Member Post by DC1E2L on Oct 15th, 2007, 2:26pm So they are spam bots, yet they are not posting here... |
||||
|
Title: Re: 10,000th Member Post by Sameer on Oct 15th, 2007, 2:32pm on 10/15/07 at 14:26:51, DC1E2L wrote:
The person who is running it probably has intention of hacking this. You still seem to be undergoing identity crisis, I see. |
||||
|
Title: Re: 10,000th Member Post by DC1E2L on Oct 15th, 2007, 2:38pm on 10/15/07 at 14:32:35, Sameer wrote:
Ahah, gotchas... You are incorrect here. Refer to here (reply #122) (http://www.ocf.berkeley.edu/~wwu/cgi-bin/yabb/YaBB.cgi?board=riddles_general;action=display;num=1033780880;start=100#100) ;) |
||||
|
Title: Re: 10,000th Member Post by towr on Oct 16th, 2007, 12:14am on 10/15/07 at 14:26:51, DC1E2L wrote:
on 10/15/07 at 14:32:35, Sameer wrote:
|
||||
|
Title: Re: 10,000th Member Post by Ghost Sniper on Oct 17th, 2007, 11:21am Hey cool. The newest member (at least last time I checked) was not a "nowXXX@gmail.com" account. :P I say that we IP-ban the computer that's coughing up all the "nowXXX@gmail.com" accounts. |
||||
|
Title: Re: 10,000th Member Post by mikedagr8 on Oct 29th, 2007, 10:50pm on 10/17/07 at 11:21:08, Ghost Sniper wrote:
Just an observation, but the bots seem to be back... :o I think IP ban would be appropriate here, if it is possible. :-/ |
||||
|
Title: Re: 10,000th Member Post by towr on Oct 30th, 2007, 2:15am I doubt it's coming from one computer. And even if it were, there's a good chance the owner of the computer it's coming from doesn't know his computer is used for this. |
||||
|
Title: Re: 10,000th Member Post by temporary on Jan 25th, 2008, 7:04am Image verification would stop them dead in their tracks. |
||||
|
Title: Re: 10,000th Member Post by mikedagr8 on Jan 25th, 2008, 1:43pm on 01/25/08 at 07:04:11, temporary wrote:
If you are talking about CAPTCHA, then read the previous page. |
||||
|
Title: Re: 10,000th Member Post by temporary on Jan 25th, 2008, 8:34pm Then why have we not done that yet? |
||||
|
Title: Re: 10,000th Member Post by Icarus on Jan 25th, 2008, 8:41pm Because "We" actually means "Wu", and William has his own limitations on time and resources. |
||||
|
Title: Re: 10,000th Member Post by william wu on Nov 5th, 2008, 8:33pm Sorry for being so lazy :-[ I wrote a script and 6,636 users which I think are probably fake were killed today. Attached is the deathlist. Lately the bots have been getting really bad, so I will look into implementing some kind of CAPTCHA. |
||||
|
Title: Re: 10,000th Member Post by towr on Nov 6th, 2008, 12:23am You could also consider using the lists and APIs from http://www.projecthoneypot.org/ or http://www.stopforumspam.com/ to identify likely bots and comment spammers. We don't seem to get a lot of spam though, so it's not too bad in that sense. Maybe to weed out more fake registrations, you could send an activation-email to accounts with 0 posts and high-entropy names, then delete them after a week. |
||||
|
Title: Re: 10,000th Member Post by iono on Nov 6th, 2008, 4:58pm don't we have verification e-mails? |
||||
|
Title: Re: 10,000th Member Post by towr on Nov 7th, 2008, 12:29am on 11/06/08 at 16:58:32, iono wrote:
If, however, you were to repeat it a month later, spam accounts are unlikely to respond (nor have they any motivation to, since they rarely use an account to spam for prolonged periods; they'd sooner register over and over). So you could use it to weed them out. |
||||
|
Powered by YaBB 1 Gold - SP 1.4! Forum software copyright © 2000-2004 Yet another Bulletin Board |