August 20, 2014 at 7:41 am
I still don't understand why there was pushback from the website devs over the obvious solution of some form of Turing Test (with Captcha or it's derivatives being the most common form). I suppose some dedicated spammers will still manually create logins and then quickly flagging/deleting their posts and disabling the logins will be the main line of attack. But the VAST majority of spam posts are undoubtedly from new logins created automatically. If they have a backlog of logins accumulated then again we will just have to find and disable them as they become activated.
Best,
Kevin G. Boles
SQL Server Consultant
SQL MVP 2007-2012
TheSQLGuru on googles mail service
September 21, 2014 at 7:51 am
Spamming has definitely reached new heights, forums are fobar, points and threads dropping like flies, something must be done to stop this. First thought is that no one ever posts more than one valid new topic on a thread at this frequency.
😎
September 21, 2014 at 12:43 pm
I don't think there's a programmable solution out there that will prevent spammers without affecting the "standard users" (captcha would belong to that kind of solutions). The majority of the current spam include links as well as keywords like TV or soccer. But reacting to that doesn't help in the long run. The next attack could include other keywords and no links. To automatically limit the number of posts per user might not help either, since thoses folks create numerous logins on the fly.
From my point of view the most efficient solution (until anything better is developed) is to involve the community. Similar to what we do right now, bu without the additional manual step from SSC staff.
As discussed before in "The Thread" I recommend to give permission to some of the regulars (either based on points or on any other rule SSC is comfortable with) to "flag" a post and/or user. Flagged post will be hidden until either deleted or "un-flagged" by SSC staff.
But the current situation has to change with highest priority. SSC is under attack!! 😉
September 21, 2014 at 4:02 pm
I'm not sure why you think Captcha or similar won't help/stop the attacks. Unless someone has come up with a way for the images to be properly recognized, that is.
1) Force EVERY EXISTING USER to do a Captcha ONCE on the next login, then allow them to login and post as usual from that point forward. Give users a message as to why this action is being required once.
2) Force every NEWLY CREATED USER to do a Captcha before said user is actually created.
Would this not be workable?
As it is, SSC.com is being relegated to non-functionality and it won't take long for users to abandon it in droves (if that hasn't already happened).
Best,
Kevin G. Boles
SQL Server Consultant
SQL MVP 2007-2012
TheSQLGuru on googles mail service
September 21, 2014 at 4:41 pm
TheSQLGuru (9/21/2014)
I'm not sure why you think Captcha or similar won't help/stop the attacks. Unless someone has come up with a way for the images to be properly recognized, that is.1) Force EVERY EXISTING USER to do a Captcha ONCE on the next login, then allow them to login and post as usual from that point forward. Give users a message as to why this action is being required once.
2) Force every NEWLY CREATED USER to do a Captcha before said user is actually created.
Would this not be workable?
As it is, SSC.com is being relegated to non-functionality and it won't take long for users to abandon it in droves (if that hasn't already happened).
Regarding captcha recognition, a google search for "captcha recognition tool" returend more links than I expected...
For the one-time solution there's a "hole": how about a user answer the captcha and then starts to send spam? For such a scenario, it doesn't matter if it's applied only to new users or to all listed users: neither approach would prevent using the login as a spam source starting after answering the captcha (programmatically or manually)...
September 21, 2014 at 7:47 pm
additionally, how about a scheduled job that looks for more than one post per second per user, and deletes the ones that were spammed based on that criteria?
Lowell
September 21, 2014 at 8:30 pm
I think the problem is more than just the spam. If threads are dropping then that also sounds like malware. If malware has injected into any of the pages on the site, then spam posts are pretty easy to post. It also means that forum threads and posts are easy to drop. We can see that both spam posts and threads dropping are an issue right now.
On the plus side, I do know the folks at RG/SSC are working to get it resolved.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
October 15, 2014 at 8:36 am
Just to reiterate what Steve said in his post over on The Thread yesterday, we've implemented ASKIMET for posts. This took effect yesterday and shouldn't slow things down, but we are evaluating and discarding SPAM posts. Let us know if things affect you.
Thanks,
Melanie
SQLServerCentral Team
October 15, 2014 at 9:15 am
Melanie.Townsend (10/15/2014)
Just to reiterate what Steve said in his post over on The Thread yesterday, we've implemented ASKIMET for posts. This took effect yesterday and shouldn't slow things down, but we are evaluating and discarding SPAM posts. Let us know if things affect you.Thanks,
Melanie
SQLServerCentral Team
Thanks for the update Melanie. We appreciate all the effort you and the team have put towards making this better. 🙂
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 – Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
October 15, 2014 at 10:46 am
It may just be a butterfly flapping his wings in China, but I am getting routine crashes on SSC.com forums using IE10.0.9200.17054.
Best,
Kevin G. Boles
SQL Server Consultant
SQL MVP 2007-2012
TheSQLGuru on googles mail service
October 15, 2014 at 1:19 pm
TheSQLGuru (10/15/2014)
It may just be a butterfly flapping his wings in China, but I am getting routine crashes on SSC.com forums using IE10.0.9200.17054.
Yeah, performance hasn't been to great lately.
Need an answer? No, you need a question
My blog at https://sqlkover.com.
MCSE Business Intelligence - Microsoft Data Platform MVP
October 15, 2014 at 1:45 pm
My issues were hard crashes of the browser. However, I have noticed them on 2 other sites too, so something has indeed zigged on my machine. Sigh ...
Best,
Kevin G. Boles
SQL Server Consultant
SQL MVP 2007-2012
TheSQLGuru on googles mail service
October 15, 2014 at 2:35 pm
TheSQLGuru (10/15/2014)
My issues were hard crashes of the browser. However, I have noticed them on 2 other sites too, so something has indeed zigged on my machine. Sigh ...
Some might argue that the problem is that you are using IE. 😀 Have you tried any other browsers? I quit using that abomination of a browser years ago and have never looked back...well except for testing.
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 – Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
October 15, 2014 at 5:07 pm
TheSQLGuru (10/15/2014)
It may just be a butterfly flapping his wings in China, but I am getting routine crashes on SSC.com forums using IE10.0.9200.17054.
I am using IE10.0.9200.17089 and I have to use the compatibility mode to have IE work correctly. Actually setup IE to automatically use it on SSC.
October 16, 2014 at 8:52 am
Lynn Pettis (10/15/2014)
TheSQLGuru (10/15/2014)
It may just be a butterfly flapping his wings in China, but I am getting routine crashes on SSC.com forums using IE10.0.9200.17054.I am using IE10.0.9200.17089 and I have to use the compatibility mode to have IE work correctly. Actually setup IE to automatically use it on SSC.
Yeah - I have that set up too.
I have isolated the cause as a stupid browser-based VPN I just started using for a client. I do have Chrome on board so I use that for SSC activities when I have IE doing the VPN thing.
Best,
Kevin G. Boles
SQL Server Consultant
SQL MVP 2007-2012
TheSQLGuru on googles mail service
Viewing 15 posts - 16 through 30 (of 34 total)
You must be logged in to reply to this topic. Login to reply