Spam Issues

Voice your opinions, concerns and suggestions on how to make the Transport Tycoon Forums better.
User avatar
skippern
Traffic Manager
Traffic Manager
Posts: 199
Joined: 30 Oct 2013 13:57

Re: Spam Issues

Post by skippern » 25 Oct 2017 08:52

Auge wrote:Hello
skippern wrote:blocking "http" I think is good, all shared URLs should be "https"
Really? Many websites still using unsecured HTTP, even with declining tendency. On the other hand your proposal will not work with spam links using HTTPS. So your proposal doesn't work.

Tschö, Auge
My response was to reduce a suggestion in a previous post suggesting “http”, “www”, and a TLD.

IMO blocking TLD should only be done for TLDs with intended unwanted purposes, such as “.sex” or “.xxx”

A block of “http” could also come with a whitelist, blocking all “http” urls unless specifically mentioned. In whitelist.

Another possibility is using “parental control blacklists”, but many spam sites are redirecting over short lived domains, that might be taken down and moved as sites are blacklisted


Sent from my iPod touch using Tapatalk
Skippern
OpenTTD Mac user

User avatar
Redirect Left
Tycoon
Tycoon
Posts: 6570
Joined: 22 Jan 2005 19:31
Location: Wakefield, West Yorkshire

Re: Spam Issues

Post by Redirect Left » 25 Oct 2017 14:02

I still think just not allowing immediately registered users to post a link at all is fine.

Don't block it from being parsed and showing up here, block it at the time they try to submit the post, return an error relating to URL postage, and suggest they upload it to the forums attachments - we know a spam bot won't do that.

You all seem to be saying block it from showing up if it has X or Y in its address, much easier to just intercept it at time of post and return an error. Spambots probably wouldn't even know how to handle that error being thrown upon them anyway.
Image
Worst Behaved IRC Member of 2008, 2009 & 2010 - Go Me!

User avatar
YNM
Tycoon
Tycoon
Posts: 3543
Joined: 22 Mar 2012 11:10
Location: West Java

Re: Spam Issues

Post by YNM » 26 Oct 2017 12:50

Auge wrote:Hello
skippern wrote:blocking "http" I think is good, all shared URLs should be "https"
Really? Many websites still using unsecured HTTP, even with declining tendency. On the other hand your proposal will not work with spam links using HTTPS. So your proposal doesn't work.

Tschö, Auge
Well, if we block straight http and someone put "https" the http is still broken isn't it ? So even if there's like, I don't know, an extra s, it still breaks it.

Though I wonder if it's possible to ban a word just from a portion. Maybe any post with "http" should just be blocked. Probably would be quite like this.

Also, is it possible for such things to be implemented perfectly ?
YNM = yoursNotMine - Don't get it ?
「ヨーッスノットマイン」も合うでしょう。

User avatar
skippern
Traffic Manager
Traffic Manager
Posts: 199
Joined: 30 Oct 2013 13:57

Re: Spam Issues

Post by skippern » 26 Oct 2017 13:04

There are several browsers that now handles URLs without the http part, like "://tt-forums.com/" and the browser automatically amends HTTPS/HTTP


Sent from my iPhone using Tapatalk
Skippern
OpenTTD Mac user

User avatar
Redirect Left
Tycoon
Tycoon
Posts: 6570
Joined: 22 Jan 2005 19:31
Location: Wakefield, West Yorkshire

Re: Spam Issues

Post by Redirect Left » 26 Oct 2017 13:59

YNM wrote: Also, is it possible for such things to be implemented perfectly ?
It can 100% be implemented in a manner where they can't post any links directly. But they will always be able to get around it, maybe post the url using some cyrillic characters, or adding dots and spaces to get around it. Browsers are very good at understanding stuff you don't want it to understand, and parse links that would otherwise be broken. Which is why I suggested editing the posting PHP page to block it at the code level, so it never gets posted and throws an error page - that alone will probably thwart 90% of spam, as the bots won't understand what happened. The rest, done by actual people, probably paid to do so, would have to come up with some other alternative, such as posting an image with the url in.
Image
Worst Behaved IRC Member of 2008, 2009 & 2010 - Go Me!

User avatar
YNM
Tycoon
Tycoon
Posts: 3543
Joined: 22 Mar 2012 11:10
Location: West Java

Re: Spam Issues

Post by YNM » 26 Oct 2017 22:46

skippern wrote:There are several browsers that now handles URLs without the http part, like "://tt-forums.com/" and the browser automatically amends HTTPS/HTTP
... which means now it detects .co or somesuch.
Redirect Left wrote:... But they will always be able to get around it, maybe post the url using some cyrillic characters, or adding dots and spaces to get around it. Browsers are very good at understanding stuff you don't want it to understand, and parse links that would otherwise be broken.
I'm actually fine if they end up posting the URLs, I just hope they don't come in bright colors and having a working hyperlink. As long as they don't catch too much attention it's fine IMO.


The other option is to provide CAPTCHAs every login, or even every visit.
YNM = yoursNotMine - Don't get it ?
「ヨーッスノットマイン」も合うでしょう。

User avatar
skippern
Traffic Manager
Traffic Manager
Posts: 199
Joined: 30 Oct 2013 13:57

Re: Spam Issues

Post by skippern » 27 Oct 2017 06:22

Another way is to only allow URLs from white listed sites, if moderators have access to edit the whitelist it wouldn't be too difficult to add your site to it.


Sent from my iPhone using Tapatalk
Skippern
OpenTTD Mac user

User avatar
YNM
Tycoon
Tycoon
Posts: 3543
Joined: 22 Mar 2012 11:10
Location: West Java

Re: Spam Issues

Post by YNM » 27 Oct 2017 16:33

skippern wrote:white listed sites
Too cumbersome that I think. We should just make it that anyone who can post URLs are actual person. If they're paid to advertise so be it, the numbers aren't that high I think given the availability of bots.
YNM = yoursNotMine - Don't get it ?
「ヨーッスノットマイン」も合うでしょう。

User avatar
skippern
Traffic Manager
Traffic Manager
Posts: 199
Joined: 30 Oct 2013 13:57

Re: Spam Issues

Post by skippern » 27 Oct 2017 18:28

Captcha


Sent from my iPod touch using Tapatalk
Skippern
OpenTTD Mac user

User avatar
Redirect Left
Tycoon
Tycoon
Posts: 6570
Joined: 22 Jan 2005 19:31
Location: Wakefield, West Yorkshire

Re: Spam Issues

Post by Redirect Left » 28 Oct 2017 06:56

skippern wrote:Captcha
Modern bots can easily complete CAPTCHAs with moderate success rates.
Image
Worst Behaved IRC Member of 2008, 2009 & 2010 - Go Me!

User avatar
skippern
Traffic Manager
Traffic Manager
Posts: 199
Joined: 30 Oct 2013 13:57

Re: Spam Issues

Post by skippern » 28 Oct 2017 08:11

There are similar systems using different approaches, like identifying parts of images containing store fronts, traffic signs, mathematical equations, etc. setting up a random captcha and on interval also a 2nd or 3rd level of confirmation makes it increasingly difficult for a bot to bypass the security.

I am aware that most of these captcha systems have its weaknesses, and are on the other end used in machine learning, early generations of captcha helped google learn OCR with early printed Gutenberg documents and hand writing, now the focus seems to be object identification


Sent from my iPhone using Tapatalk
Skippern
OpenTTD Mac user

User avatar
YNM
Tycoon
Tycoon
Posts: 3543
Joined: 22 Mar 2012 11:10
Location: West Java

Re: Spam Issues

Post by YNM » 28 Oct 2017 10:19

I notice that the names they generate tend to have some common elements. Mayhaps a filter on those as well ?
YNM = yoursNotMine - Don't get it ?
「ヨーッスノットマイン」も合うでしょう。

User avatar
skippern
Traffic Manager
Traffic Manager
Posts: 199
Joined: 30 Oct 2013 13:57

Re: Spam Issues

Post by skippern » 28 Oct 2017 11:18

For those using words, they usually work from a dictionary, often with some known parts and one unknown (machine learning). Too often the unknown comes in same place each time, which is a serious weakness. If you can predict the unknown location you can focus getting the rest of the equation right


Sent from my iPhone using Tapatalk
Skippern
OpenTTD Mac user

User avatar
Redirect Left
Tycoon
Tycoon
Posts: 6570
Joined: 22 Jan 2005 19:31
Location: Wakefield, West Yorkshire

Re: Spam Issues

Post by Redirect Left » 28 Oct 2017 23:11

You're getting way too technical now. I still maintain its easier to edit the PHP of tyhe forum to incorporate a URL lock on people with 0 posts (indicating the first post) then throw an error. Stops it all right there in a simple single edit and easy to carry over to newer versions of the software.

Simple.
Image
Worst Behaved IRC Member of 2008, 2009 & 2010 - Go Me!

Auge
Transport Coordinator
Transport Coordinator
Posts: 375
Joined: 23 Oct 2006 02:07
Location: Berlin

Re: Spam Issues

Post by Auge » 29 Oct 2017 15:15

Hello
YNM wrote:
Auge wrote:Many websites still using unsecured HTTP, even with declining tendency. On the other hand your proposal will not work with spam links using HTTPS. So your proposal doesn't work.
Well, if we block straight http and someone put "https" the http is still broken isn't it ? So even if there's like, I don't know, an extra s, it still breaks it.

Though I wonder if it's possible to ban a word just from a portion. Maybe any post with "http" should just be blocked.
If you block URLs with the protocol HTTP, you'll block all of these URLs, not only spam links. It's a classic case of overblocking. On the other hand you'll miss that way all spam links, noted with the protocol HTTPS. Solution would be to forbid HTTPS-links too. ;-)
YNM wrote:Also, is it possible for such things to be implemented perfectly ?
Is a perfect spam filter possible? No, it isn't.
skippern wrote:There are several browsers that now handles URLs without the http part, like "://tt-forums.com/" and the browser automatically amends HTTPS/HTTP
This is a valid behavior. On that way one can note an URL in a link (i.e. //:example.com) as protocol relative URL. If the page was requested via HTTP, the link in it would get the protocol HTTP (http//:example.com) and when the page was requested with HTTPS also the link would get the protocol HTTPS (https//:example.com). Nowadays the technique is more or less obsolete (therefore read the update in the head of the article).
skippern wrote:Another way is to only allow URLs from white listed sites, if moderators have access to edit the whitelist it wouldn't be too difficult to add your site to it.
You don't like the forum team, ehh? ;-) Every time, someone wants to link to a site, which is not on the whitelist, she/he must register the URL of the site/page to the whitelist and the curator of this list must check the URL for it's reliability? Looks not to be very practicable to me.

Tschö, Auge

User avatar
YNM
Tycoon
Tycoon
Posts: 3543
Joined: 22 Mar 2012 11:10
Location: West Java

Re: Spam Issues

Post by YNM » 29 Oct 2017 18:56

Auge wrote:
YNM wrote:
Auge wrote:Many websites still using unsecured HTTP, even with declining tendency. On the other hand your proposal will not work with spam links using HTTPS. So your proposal doesn't work.
Well, if we block straight http and someone put "https" the http is still broken isn't it ? So even if there's like, I don't know, an extra s, it still breaks it.

Though I wonder if it's possible to ban a word just from a portion. Maybe any post with "http" should just be blocked.
If you block URLs with the protocol HTTP, you'll block all of these URLs, not only spam links. It's a classic case of overblocking. On the other hand you'll miss that way all spam links, noted with the protocol HTTPS. Solution would be to forbid HTTPS-links too. :wink:
That's the point. An overblock for certain amount of posts, or until moderators lifted the block.

Hence why I asked is it possible or not.

Kind of like how this forum handles some expletion, automatically replaces with set of *'s, but this time it's not even a replacement, it's a complete erase or even objection to pass such posts.

Or like this other forum handles the word for ideology of NSDAP.

Basically link-breaking, at least such that they're no longer making a yellow clickable hyperlink in sight.
YNM = yoursNotMine - Don't get it ?
「ヨーッスノットマイン」も合うでしょう。

User avatar
orudge
Administrator
Administrator
Posts: 24013
Joined: 26 Jan 2001 20:18
Skype: orudge
Location: Banchory, UK
Contact:

Re: Spam Issues

Post by orudge » 29 Oct 2017 20:23

A few things:

- The forums already use a CAPTCHA on registration.
- Known spammers (according to stopforumspam.com) are blocked.
- Many spammers are real people, not bots. Unfortunately because of a massive influx of these from India we had to block a significant IP range from the country.
- My intention I think may be to try something that Redirect Left has suggested - simply restrict posting URLs in first posts. A friendly notice would be displayed so genuine new users would hopefully not be discouraged.

User avatar
Hyronymus
Tycoon
Tycoon
Posts: 13190
Joined: 03 Dec 2002 10:36
Location: The Netherlands
Contact:

Re: Spam Issues

Post by Hyronymus » 30 Oct 2017 14:09

Why not make that the first 10 posts? If what you say yourself is true and most spammers are human the step to submit 2 posts might not be that difficult, 11 posts though...

User avatar
Redirect Left
Tycoon
Tycoon
Posts: 6570
Joined: 22 Jan 2005 19:31
Location: Wakefield, West Yorkshire

Re: Spam Issues

Post by Redirect Left » 30 Oct 2017 14:24

Ten might be better, but might lead to low quality posts in a hurry to post something.
Image
Worst Behaved IRC Member of 2008, 2009 & 2010 - Go Me!

User avatar
NekoMaster
Tycoon
Tycoon
Posts: 3942
Joined: 16 Aug 2008 22:26
Skype: neko-master
Location: Oshawa, Ontario, CANADA

Re: Spam Issues

Post by NekoMaster » 30 Oct 2017 16:06

I think restricting posting of links of any kind for new members is a good thing. Though perhaps if someone had something legit they could have a moderator check it out first? Maybe like any posts with a link in it for a newbie will be witheld for moderator/admin review and if its ok then a mod/admin can allow the post to be visable. If not it can be removed with a warning (Do not post spam! This is strike 1 of 3!)
Image Proud Canadian Image
Nekomasters Projects! (Downloads available on BaNaNaS!) \(>^w^<)/
# NARS ADD-ON SET 2CC | 2cc Rapid Transit For Me! (2ccRTFM) | 2cc Wagons In NML (2ccWIN)
# NML Category System (Organize your GRFS!) <- TT-Forums Exclusive Download!

Post Reply

Return to “Forum Suggestions and Feedback”

Who is online

Users browsing this forum: No registered users and 0 guests