More Stuff

All off topic conversation held here. Have fun and play nice. =)

Moderators: Bookworm, starkruzr, MrFireDragon, PrettyPrincess, Wapsi

User avatar
GlytchMeister
Posts: 3733
Joined: Wed Oct 16, 2013 2:52 pm
Location: Central Illinois
Contact:

Re: More Stuff

Post by GlytchMeister »

Thanks for reassuring me about the password location, and thanks for looking into this. This is one of my favorite places on the internet, and it’s a little distressing to see it being attacked.
He's mister GlytchMeister, he's mister code
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
User avatar
Atomic
Posts: 2948
Joined: Tue Jul 31, 2012 12:39 am
Location: Central PA
Contact:

Re: More Stuff

Post by Atomic »

TazManiac wrote:We are definitely Under Siege. I just got two separate private massages to encourage me to 'download music'.

Air-quotes indeed.
Same here. Have a large grain of salt somewhere near your computer!
Don't let other peoples limitations become your constraints!

My Deviant Art scribbles
The Atomic Guide to Basic GIMP Stuff
User avatar
Dave
Posts: 7584
Joined: Tue Jul 31, 2012 5:58 pm
Location: Mountain View, CA, USA

Re: More Stuff

Post by Dave »

Bookworm wrote: The stuff on here is standard login spammers. I'm trying to figure out the best (not fastest) way to fix the issues with the login users, short of requiring all new users to be approved by me. I'm not sure how they're getting past the CAPTCHA, unless that's somehow disabled itself.
I've heard that there are some interesting "indirect" approaches. Some bad guys pay people (not much) to solve captchas. A few cents per solution adds up, for impoverished web surfers in a third world country.

Others do it by trickery... they set up "free porn" or "warez" sites that require entering the solution to a captcha... but they actually link to or copy the captcha from a site they are trying to exploit. When somebody solves the captcha to get their free porn download, the bad guy gives them access and then immediately uses the scammed solution to (e.g.) complete a user registration in your Forum.
User avatar
jwhouk
Posts: 6053
Joined: Wed Aug 01, 2012 7:58 am
Location: The Valley of the Sun, Arizona
Contact:

Re: More Stuff

Post by jwhouk »

Still getting them, some spammer again.

One suggestion might be not allowing users with less than X number of posts to use URL's in their posts.
"Character is what you are in the dark." - D.L. Moody
"You should never run from the voices in your head. That's how you give them power." - Jin
User avatar
lake_wrangler
Posts: 4300
Joined: Sun Aug 05, 2012 8:16 am
Location: Laval, Québec, Canada

Re: More Stuff

Post by lake_wrangler »

Atomic wrote:
TazManiac wrote:We are definitely Under Siege. I just got two separate private massages to encourage me to 'download music'.

Air-quotes indeed.
Same here. Have a large grain of salt somewhere near your computer!
I got the same message...

And there's another spam thread around... Another Russian pharmacy, from the looks of it (no, I didn't click on the links to check, this time... That's the thing about me: I try to never make the same mistake twice... I try to make sure that all my mistakes are original... :P )
User avatar
GlytchMeister
Posts: 3733
Joined: Wed Oct 16, 2013 2:52 pm
Location: Central Illinois
Contact:

Re: More Stuff

Post by GlytchMeister »

Another thing is to not reply to their threads. Keep all comments here or maybe make a spam thread comment section. Also don’t reply to their PM’s.
He's mister GlytchMeister, he's mister code
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
User avatar
lake_wrangler
Posts: 4300
Joined: Sun Aug 05, 2012 8:16 am
Location: Laval, Québec, Canada

Re: More Stuff

Post by lake_wrangler »

GlytchMeister wrote:Another thing is to not reply to their threads. Keep all comments here or maybe make a spam thread comment section. Also don’t reply to their PM’s.
Check, and check. Well, at least not since the first or second spam thread a few of us commented on, anyway...
User avatar
Bookworm
Posts: 615
Joined: Sun Jul 29, 2012 11:59 pm
Location: Houston, TX
Contact:

Re: More Stuff

Post by Bookworm »

I switched CAPTCHA from the Q&A that was in there to a more standardized ones, just to see if it helps at all.

I keep looking for additional options for filtering, or turning off PM's for people that haven't been registered long, or even disable posting for people that have been here less than a day - but I'm not finding it. I don't want to try to put more add-ons into place until I've upgraded the PHPBB. That'll be a few hours of work on its own - so don't panic if you find that you can't see the board for a bit.

Just as an idea - it might be time to start up a 'More Stuff II' thread. This one is almost 250 pages long.
I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.
User avatar
TazManiac
Posts: 3701
Joined: Fri Nov 29, 2013 6:53 pm

Re: More Stuff

Post by TazManiac »

But, but, but- We like the supery-dupery long-ass'd-threads!
User avatar
AnotherFairportfan
Posts: 6402
Joined: Thu May 01, 2014 2:53 pm

Re: More Stuff

Post by AnotherFairportfan »

TazManiac wrote: Mon Sep 17, 2018 1:40 am But, but, but- We like the supery-dupery long-ass'd-threads!
Yeah.

It makes stuff easier to find if it's all in one place.

=========

{exit left pursued by a bear}
Proof Positive the world is not flat: If it were, cats would have pushed everything off the edge by now.
User avatar
Atomic
Posts: 2948
Joined: Tue Jul 31, 2012 12:39 am
Location: Central PA
Contact:

Re: More Stuff

Post by Atomic »

From back in the day I remember a story of someone clever who set up two honeypot forum websites, and scripted it to click URLs. The trick was the one forum clicked the other forum's URLs, and vice versa. In very short order, both were being blitzed with bot posts enticing the other to order what the first was shilling.

I think it was a Computer Science project about AI spoofing systems or such. Still a hoot of an idea, just not very effective in wasting bot master time because electrons are so cheap. Back-tracking the bot nets, on the other hand....
Don't let other peoples limitations become your constraints!

My Deviant Art scribbles
The Atomic Guide to Basic GIMP Stuff
Alkarii
Posts: 1854
Joined: Sun Nov 09, 2014 3:02 pm

Re: More Stuff

Post by Alkarii »

Woo! I called DPMS, and they'll take care of my rifle. They don't even care I have aftermarket parts, but I do have to put the original parts back on it so they don't get lost or whatever whenever they test everything.
There is no such thing as a science experiment gone wrong.
User avatar
Dave
Posts: 7584
Joined: Tue Jul 31, 2012 5:58 pm
Location: Mountain View, CA, USA

Re: More Stuff

Post by Dave »

Alkarii wrote: Tue Sep 18, 2018 10:24 am Woo! I called DPMS, and they'll take care of my rifle. They don't even care I have aftermarket parts, but I do have to put the original parts back on it so they don't get lost or whatever whenever they test everything.
Excellent!

A lot of what makes a company a winner, I think, is the whole subject of after-sale support. If your first attitude towards a customer's problems is "Let's solve it!" you'll keep customers. If your first attitude is "That's not our problem", you'll lose customers.

I've been very impressed with Leatherman, over the years. Every time I've had a problem with one of their multitools, they've come through. Even in cases where I called, and said "I messed up, I damaged the blade by abusing it, I'd like to buy a replacement blade" their response was "Send it back and we'll fix or replace it. No charge."
User avatar
GlytchMeister
Posts: 3733
Joined: Wed Oct 16, 2013 2:52 pm
Location: Central Illinois
Contact:

Re: More Stuff

Post by GlytchMeister »

Really?

Well I guess I know where I’m getting my next multitool.

I’ve been looking at their OHT... alas, earwax. My paychecks aren’t robust enough for frivolities right now.
He's mister GlytchMeister, he's mister code
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
User avatar
GlytchMeister
Posts: 3733
Joined: Wed Oct 16, 2013 2:52 pm
Location: Central Illinois
Contact:

Re: More Stuff

Post by GlytchMeister »

Re: Spam:

What I’m wondering is where is all this bot traffic coming from? I’ve been here a while and before these last couple months (or maybe just this month) I only saw one or perhaps two.

Is it because Paul put his archive on Webtoons or something?
He's mister GlytchMeister, he's mister code
He's mister exploiter, he's mister ones and zeros
They call me GlytchMeister, whatever I touch
Starts to glitch in my clutch!
I'm too much!
User avatar
Bookworm
Posts: 615
Joined: Sun Jul 29, 2012 11:59 pm
Location: Houston, TX
Contact:

Re: More Stuff

Post by Bookworm »

I don't believe so. I think it's just a surge. What's really annoying is that they went through the Q&A registration requirement like it wasn't there, and yet to answer the questions properly, you have to know the comic.

I don't know if there was a glitch in the phpBB 3.0.12 code that someone figured out how to work around, or that one person figured it out then spread the answers, or what. I've never tried to locate one of the DarkWeb search engines to check for anything like that.

Even with the reCaptcha, upgrade, and everything else cranked up, there've still been three attempted spammers in the last 24 hours. The '5 moderated posts' requirement is catching them.
I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.
User avatar
jwhouk
Posts: 6053
Joined: Wed Aug 01, 2012 7:58 am
Location: The Valley of the Sun, Arizona
Contact:

Re: More Stuff

Post by jwhouk »

You're doing great, Bookworm. Let's just hope that the greater HOU area gets a reprieve from hurricane season this year.
"Character is what you are in the dark." - D.L. Moody
"You should never run from the voices in your head. That's how you give them power." - Jin
User avatar
Bookworm
Posts: 615
Joined: Sun Jul 29, 2012 11:59 pm
Location: Houston, TX
Contact:

Re: More Stuff

Post by Bookworm »

jwhouk wrote: Tue Sep 18, 2018 8:25 pm You're doing great, Bookworm. Let's just hope that the greater HOU area gets a reprieve from hurricane season this year.
It's apparently the Carolinas' turn. The only saving grace for them is that 1) it moved through reasonably fast, and 2) The land there slopes a lot more. What killed Houston was that, frankly, it's flat, on reclaimed swamp. 60 feet above sea level to sea level in 60 miles isn't enough slope to let water flow quickly.
I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.
User avatar
Dave
Posts: 7584
Joined: Tue Jul 31, 2012 5:58 pm
Location: Mountain View, CA, USA

Re: More Stuff

Post by Dave »

Bookworm wrote: Tue Sep 18, 2018 8:03 pm I don't believe so. I think it's just a surge. What's really annoying is that they went through the Q&A registration requirement like it wasn't there, and yet to answer the questions properly, you have to know the comic.

I don't know if there was a glitch in the phpBB 3.0.12 code that someone figured out how to work around, or that one person figured it out then spread the answers, or what. I've never tried to locate one of the DarkWeb search engines to check for anything like that.
I work for a large tech company that places great emphasis on doing technical interviews of candidates being considered for a job.

You would not believe the number of technical questions and design problems that are "banned" because someone who faced the problem in an interview, turned around and published it on the Web. It becomes almost as much of a challenge for the interviewers to come up with good (new) questions, as it is for the candidates to answer them.

I rather suspect that there's a "Wapsi cheat script" in the hands of at least one "web spam for hire, subject no object" gang out there. Likely there are scriptable packages for creating phpBB user registrations... plug in the URL, add a set of questions and answers, and push the button as many times as you want.
User avatar
Bookworm
Posts: 615
Joined: Sun Jul 29, 2012 11:59 pm
Location: Houston, TX
Contact:

Re: More Stuff

Post by Bookworm »

Well, a large chunk are coming from Belarus. I was tempted to just ban all of their IP blocks, but right now I've put in a stopforumspam extension.

I haven't tried to create another account to test it, but if anyone wants to try, feel free. Just let me know afterwards, and I'll delete the new account.

----
As for the technical questions, I don't see the problem, really. Questions have lots of different ways to be answered, and the key is not the 'answer', but rather the process of answering itself.
I'll get a life when it's proven and substantiated to be better than what I'm currently experiencing.
Post Reply