Page 246 of 314

Re: More Stuff

Posted: Sun Sep 16, 2018 5:38 pm
by GlytchMeister
Thanks for reassuring me about the password location, and thanks for looking into this. This is one of my favorite places on the internet, and it’s a little distressing to see it being attacked.

Re: More Stuff

Posted: Sun Sep 16, 2018 7:16 pm
by Atomic
TazManiac wrote:We are definitely Under Siege. I just got two separate private massages to encourage me to 'download music'.

Air-quotes indeed.
Same here. Have a large grain of salt somewhere near your computer!

Re: More Stuff

Posted: Sun Sep 16, 2018 8:28 pm
by Dave
Bookworm wrote: The stuff on here is standard login spammers. I'm trying to figure out the best (not fastest) way to fix the issues with the login users, short of requiring all new users to be approved by me. I'm not sure how they're getting past the CAPTCHA, unless that's somehow disabled itself.
I've heard that there are some interesting "indirect" approaches. Some bad guys pay people (not much) to solve captchas. A few cents per solution adds up, for impoverished web surfers in a third world country.

Others do it by trickery... they set up "free porn" or "warez" sites that require entering the solution to a captcha... but they actually link to or copy the captcha from a site they are trying to exploit. When somebody solves the captcha to get their free porn download, the bad guy gives them access and then immediately uses the scammed solution to (e.g.) complete a user registration in your Forum.

Re: More Stuff

Posted: Sun Sep 16, 2018 8:50 pm
by jwhouk
Still getting them, some spammer again.

One suggestion might be not allowing users with less than X number of posts to use URL's in their posts.

Re: More Stuff

Posted: Sun Sep 16, 2018 9:27 pm
by lake_wrangler
Atomic wrote:
TazManiac wrote:We are definitely Under Siege. I just got two separate private massages to encourage me to 'download music'.

Air-quotes indeed.
Same here. Have a large grain of salt somewhere near your computer!
I got the same message...

And there's another spam thread around... Another Russian pharmacy, from the looks of it (no, I didn't click on the links to check, this time... That's the thing about me: I try to never make the same mistake twice... I try to make sure that all my mistakes are original... :P )

Re: More Stuff

Posted: Sun Sep 16, 2018 10:01 pm
by GlytchMeister
Another thing is to not reply to their threads. Keep all comments here or maybe make a spam thread comment section. Also don’t reply to their PM’s.

Re: More Stuff

Posted: Sun Sep 16, 2018 10:11 pm
by lake_wrangler
GlytchMeister wrote:Another thing is to not reply to their threads. Keep all comments here or maybe make a spam thread comment section. Also don’t reply to their PM’s.
Check, and check. Well, at least not since the first or second spam thread a few of us commented on, anyway...

Re: More Stuff

Posted: Sun Sep 16, 2018 10:36 pm
by Bookworm
I switched CAPTCHA from the Q&A that was in there to a more standardized ones, just to see if it helps at all.

I keep looking for additional options for filtering, or turning off PM's for people that haven't been registered long, or even disable posting for people that have been here less than a day - but I'm not finding it. I don't want to try to put more add-ons into place until I've upgraded the PHPBB. That'll be a few hours of work on its own - so don't panic if you find that you can't see the board for a bit.

Just as an idea - it might be time to start up a 'More Stuff II' thread. This one is almost 250 pages long.

Re: More Stuff

Posted: Mon Sep 17, 2018 1:40 am
by TazManiac
But, but, but- We like the supery-dupery long-ass'd-threads!

Re: More Stuff

Posted: Mon Sep 17, 2018 4:58 am
by AnotherFairportfan
TazManiac wrote: Mon Sep 17, 2018 1:40 am But, but, but- We like the supery-dupery long-ass'd-threads!
Yeah.

It makes stuff easier to find if it's all in one place.

=========

{exit left pursued by a bear}

Re: More Stuff

Posted: Mon Sep 17, 2018 5:16 am
by Atomic
From back in the day I remember a story of someone clever who set up two honeypot forum websites, and scripted it to click URLs. The trick was the one forum clicked the other forum's URLs, and vice versa. In very short order, both were being blitzed with bot posts enticing the other to order what the first was shilling.

I think it was a Computer Science project about AI spoofing systems or such. Still a hoot of an idea, just not very effective in wasting bot master time because electrons are so cheap. Back-tracking the bot nets, on the other hand....

Re: More Stuff

Posted: Tue Sep 18, 2018 10:24 am
by Alkarii
Woo! I called DPMS, and they'll take care of my rifle. They don't even care I have aftermarket parts, but I do have to put the original parts back on it so they don't get lost or whatever whenever they test everything.

Re: More Stuff

Posted: Tue Sep 18, 2018 12:52 pm
by Dave
Alkarii wrote: Tue Sep 18, 2018 10:24 am Woo! I called DPMS, and they'll take care of my rifle. They don't even care I have aftermarket parts, but I do have to put the original parts back on it so they don't get lost or whatever whenever they test everything.
Excellent!

A lot of what makes a company a winner, I think, is the whole subject of after-sale support. If your first attitude towards a customer's problems is "Let's solve it!" you'll keep customers. If your first attitude is "That's not our problem", you'll lose customers.

I've been very impressed with Leatherman, over the years. Every time I've had a problem with one of their multitools, they've come through. Even in cases where I called, and said "I messed up, I damaged the blade by abusing it, I'd like to buy a replacement blade" their response was "Send it back and we'll fix or replace it. No charge."

Re: More Stuff

Posted: Tue Sep 18, 2018 2:23 pm
by GlytchMeister
Really?

Well I guess I know where I’m getting my next multitool.

I’ve been looking at their OHT... alas, earwax. My paychecks aren’t robust enough for frivolities right now.

Re: More Stuff

Posted: Tue Sep 18, 2018 3:21 pm
by GlytchMeister
Re: Spam:

What I’m wondering is where is all this bot traffic coming from? I’ve been here a while and before these last couple months (or maybe just this month) I only saw one or perhaps two.

Is it because Paul put his archive on Webtoons or something?

Re: More Stuff

Posted: Tue Sep 18, 2018 8:03 pm
by Bookworm
I don't believe so. I think it's just a surge. What's really annoying is that they went through the Q&A registration requirement like it wasn't there, and yet to answer the questions properly, you have to know the comic.

I don't know if there was a glitch in the phpBB 3.0.12 code that someone figured out how to work around, or that one person figured it out then spread the answers, or what. I've never tried to locate one of the DarkWeb search engines to check for anything like that.

Even with the reCaptcha, upgrade, and everything else cranked up, there've still been three attempted spammers in the last 24 hours. The '5 moderated posts' requirement is catching them.

Re: More Stuff

Posted: Tue Sep 18, 2018 8:25 pm
by jwhouk
You're doing great, Bookworm. Let's just hope that the greater HOU area gets a reprieve from hurricane season this year.

Re: More Stuff

Posted: Tue Sep 18, 2018 8:45 pm
by Bookworm
jwhouk wrote: Tue Sep 18, 2018 8:25 pm You're doing great, Bookworm. Let's just hope that the greater HOU area gets a reprieve from hurricane season this year.
It's apparently the Carolinas' turn. The only saving grace for them is that 1) it moved through reasonably fast, and 2) The land there slopes a lot more. What killed Houston was that, frankly, it's flat, on reclaimed swamp. 60 feet above sea level to sea level in 60 miles isn't enough slope to let water flow quickly.

Re: More Stuff

Posted: Tue Sep 18, 2018 9:06 pm
by Dave
Bookworm wrote: Tue Sep 18, 2018 8:03 pm I don't believe so. I think it's just a surge. What's really annoying is that they went through the Q&A registration requirement like it wasn't there, and yet to answer the questions properly, you have to know the comic.

I don't know if there was a glitch in the phpBB 3.0.12 code that someone figured out how to work around, or that one person figured it out then spread the answers, or what. I've never tried to locate one of the DarkWeb search engines to check for anything like that.
I work for a large tech company that places great emphasis on doing technical interviews of candidates being considered for a job.

You would not believe the number of technical questions and design problems that are "banned" because someone who faced the problem in an interview, turned around and published it on the Web. It becomes almost as much of a challenge for the interviewers to come up with good (new) questions, as it is for the candidates to answer them.

I rather suspect that there's a "Wapsi cheat script" in the hands of at least one "web spam for hire, subject no object" gang out there. Likely there are scriptable packages for creating phpBB user registrations... plug in the URL, add a set of questions and answers, and push the button as many times as you want.

Re: More Stuff

Posted: Tue Sep 18, 2018 10:14 pm
by Bookworm
Well, a large chunk are coming from Belarus. I was tempted to just ban all of their IP blocks, but right now I've put in a stopforumspam extension.

I haven't tried to create another account to test it, but if anyone wants to try, feel free. Just let me know afterwards, and I'll delete the new account.

----
As for the technical questions, I don't see the problem, really. Questions have lots of different ways to be answered, and the key is not the 'answer', but rather the process of answering itself.