[Moderation] Dealing with subtle spammers placing "tiny little ads"


Recommended Posts

Reading it all I'm really in doubt.
All the arguments do make sense. I actually never searched thru older topics for spam, so I don't know how big the problem is.
Email verification is indeed very easy to fake. This will not stop spammers. They are not lazy, that's for sure.
And would the backlash of unhappy users be worth it? Yesterday I read the topic of "Armbian censorship" from a while ago. (Too bad I wasn't online back then, I would have loved to give my opinion.)
 

1 minute ago, chwe said:

can you provide data how many spammers overcome our current system with first thread approved editing their follow up and how may posts they modify after its?

I was just gonna ask the same.

On the other hand. Nobody has the time to go thru all the old topics to fish out these things.
And why should a novice forum user need to change his thread/message after more than a few hours? But would it mean more work dealing with people asking to change something, or adding numerous messages with small details.
I do like free and don't like policing. (did I just recap everything in this thread :) )
My point is, I don't know...

Link to post
Share on other sites
Armbian is a community driven open source project. Do you like to contribute your code?

37 minutes ago, chwe said:

can you provide data how many spammers overcome our current system with first thread approved editing their follow up and how may posts they modify after its?

 

Not without doing some further study. But offhand I can say it's maybe on the order of tens, dozens maybe (not a lot)?

 

This whole thing has become quite overblown, to be honest. It started with Igor suggesting (in IRC) that I search for one single URL on the forums. Which led to me discovering handful of spammers x 1-5 posts each = ~ some dozens of posts (that I discovered so far, could be more, I dunno). And then one guy coming back very recently (as can be seen in recent Reports history for those who have access).

 

Then I devised some slightly more organized way to search for them and simply shared it in OP, for other newer Mods to also follow, as a sort of guide. And I thought that would be the end of it, we quietly keep going about our work, except perhaps armed with one more tool in the toolbox so to speak.

 

Then began a reasonable discussion of a (very) slight change to policy. We overlook some use-case (Tutorials, etc.). So we adjust policy to account for. So far so good.

 

Then few people come in thinking the sky is falling, spreading FUD and Help Help I'm Being Repressed! (which is totally un-warranted and hyperbolic IMO).

 

Since this topic has gone all over the place since then (mostly missing the point, IMO) I will re-iterate, what is actually being proposed:

  • has no downsides
    • will not affect any normal user in any way
    • the few actual affected use-cases (see @guidol post for example) have been addressed
    • no other affected use-cases have actually been given (only hyperbole)
    • requires no additional ongoing effort from current staff / Mods (only some tiny changes to settings)
    • in fact it would reduce ongoing effort
  • but has a lot of upside
    • will help to deal with this specific (admittedly small) problem
    • but also better deal with spam in general

And therefore I don't understand why not to do it (emotional reactions aside)?

 

The best thing I can actually suggest, is for everyone to calm down and re-read the entire thread very carefully, when you have some time. Because it is clear to me that a lot of things have been simply missed, or glossed over, in rushes to post.

 

EDIT: If anyone has constructive criticism, or actual use-cases that have been overlooked (specific examples) please contribute them for discussion. But please can we stay away from vague generalizations and hyperbole.

 

Edited by TRS-80
add last bit
Link to post
Share on other sites
11 hours ago, TRS-80 said:

 

OK, even if that is true, I don't understand why not to do it? It requires zero effort on our part? And makes one more hurdle for spammer, but not legitimate user.

 

I never said that we should not use email verification ;)

I just wanted to mention that this is just a low end protection against spamers.

Link to post
Share on other sites
13 hours ago, TRS-80 said:

Perhaps you post in haste,

perhaps you should try to wear my hat, my shoes and think my way. Then perhaps you understand me.  Pro Tipp: look what I refer to (quote), usually helps a lot to understand.

 

Edit: While this was not marked as a quote, it was one from this thread:  limit the time for regular users to edit messages to 2-3 hours or 1 day)

Edited by Tido
added a tipp
Link to post
Share on other sites

Don't confuse freedom and mess (permissiveness), it's not the same thing. I didn't see any arguments for what ordinary users need to edit messages after 1-2 days. Changing the text (not correcting typos or errors) after a while is a bad procedure. People have already read the message, may have responded to it, and no one will return to the corrected message, so there is no point in changing it. There is a good rule of thumb, before clicking the submit button, read what you wrote. This is not respect for everyone, send obviously crooked messages (so that others would try to understand what is written there) and then constantly correct them.

Link to post
Share on other sites

about which of the 'solutions' do we talk about..

  • verify e-mail address (then check if the spammer didn't do that as well - and if they didn't I guess they will learn that fast)
  • restricting edit post with "random rules" if they're 'not harsh enough' they'll simply overcome it (e.g. register two accounts and then like each other once and going further with the same strategy as before).. if they're to harsh it will affect users - maybe not the old ones but the new ones.. going through my old approving list

(only 14 hours here but already edited - in a 1day rule he could still do this.. i)

 

some people will edit their thread.. e.g. hopefully when their first iteration doesn't give the attention they want they clarify things or just add a note that they solved the problem on their own.. I'd rather prefer that they edit it than adding a second post just which might then go as well in the category of topic bumping etc. Or just to summarize things on the first post so that for those new to the thread, it's easy to get a clue what happened. E.g.

I have something like 40 edits in this thread (only counting mine).. To partly clarify things.. to add new findings.. to make clear things were solved.. etc. Others in board bring up do the same..

In my opinion.. if we really talk about 12 spammers which overcome the current spam-block system then this is a non issue at all. If this would be a daily issue where threads get messed up...

 

11 hours ago, balbes150 said:

I didn't see any arguments for what ordinary users need to edit messages after 1-2 days.

ordinary users:

  • write tutorials
  • write boardbring ups (I was one back then when I dealt with mt7623n
  • wrote the unofficial unsupported multimedia script :lol: i still love the name ( @JMCC, okay he's no longer an ordinary user I assume, but he started as one)

Obviously it makes sense to use the feature responsible (e.g. make clear what you changed and maybe also why - a git diff to see the history of a post would be great.. btw @Igor a quick google search showed that this might be possible, but it mostly ends in dead links.. https://invisioncommunity.com/forums/topic/364549-edit-history/ maybe your invision-fuu skills are better and you find something like that?). But it is used.. and there are a cases in which it makes absolutely sense. Also to avoid confusion (when you were obviously wrong with your assumption in the first term, or when something was solved (even when it's only editing the title from *random problem* to *random promlem [solved]* in fact you do this mostly over edit post...

I don't think it's worth to disable this for users due to 12 people abusing it..

Link to post
Share on other sites
14 hours ago, chwe said:

some people will edit their thread.. e.g. hopefully when their first iteration doesn't give the attention they want they clarify things or just add a note that they solved the problem on their own.. I'd rather prefer that they edit it than adding a second post just which might then go as well in the category of topic bumping etc. Or just to summarize things on the first post so that for those new to the thread, it's easy to get a clue what happened. E.g.

How do I know if a message has been edited ? Open all topics every time and reread them from beginning to end ?

Link to post
Share on other sites
4 hours ago, TRS-80 said:

In this thread, a bunch of {former, inactive, non}-Moderators argue against changes supported/proposed by most of current, active Moderators...

to our luck this is not a forum only for moderators right? @Igor/ @lanefu if my style of moderating stuff is no longer valuable you can happily revoke my moderator rights then.. I'll spend my time on github and PM depending on motivation.. A forum needs to work for its users not only for the moderators. After all we as moderators do only a bit of housekeeping to keep the rest going.

 

I favor the less active moderating style where you only take actions when things run out of control, either due to people insulting each other or it gets bloated by useless crap not related to the topic at all.. as long as things go more and less smooth I don't see a reason to either cut peoples rights or giving them 'official' warnings.. Others might have a different moderation style and that's also fine.. Different people will have different approaches how to solve things. Not everyone has to solve it the exact same way as I do but being able to edit posts is a feature people use and there are reasons to have it. and if 12 out of the 8204 users abuse it we're talking about less than 0.15% 'bad citizens'.. IMO a percentage we can and must accept. I'm confident that a higher percentage will use the same feature in a sane way..

 

Obviously if I see spammers I flag them, game over.. next one will come, next one will be banned as soon as it gets spotted.. Ofc this won't keep the forum a 100% clean from spam, but I can life without a 100% clean forum.

 

 

 

Link to post
Share on other sites
22 minutes ago, chwe said:

forum needs to work for its users

 

Agree. We don't want to see spam and wrongly positioned messages which is why we need someone to take care of this. Volunteers are helping (me at the end) covering this, sometimes dirty, job.

 

29 minutes ago, chwe said:

After all we as moderators do only a bit of housekeeping to keep the rest going.

 

Exactly. And this tiny change in tooling will help them to help us. Perhaps not at all. At virtual no cost on users liberty.

Now, do we need to vote for this small unimportant function to be implemented? Perhaps we should only do that in first place?

Link to post
Share on other sites

So I read through this thread and there are a few thoughts that came up.

I believe when you want to solve a spam problem efficiently one needs to focus on the spam itself and not on the spammers.
I'm dealing with lots of spam on my mailservers and manually blacklisting is the least efficient way to solve this problem. In my case 2000 - 10000 Spam mails a month.
The main reasons why this is not a good practice are already described in a few posts inside this thread. Automated mail creation for example.

So what are the real problems with spam posts?
I think the most potential thread, if we focus on security, is that a user could get mislead to a dangerous URL.
There is also the problem that the Armbian Forum could get misrelated to porn pages or other ugly stuff through google searching or other online indexes.
Worst case would be if someone types porn stuff into the google search box and gets the Armbian forum as a result
or someone finds a post that should help him and this post is full off ads. This would harm the forums image.

So IMO the real problem is related to the URLs the spammers uses. So maybe there's a function like "URL registering"?
So if a user wants to add a URL which is not known by Armbian he needs to register it with a small form or so and a moderator needs to approve the URL.
Another concept could be that posts with unknown URLs needs to be approved even if they are changed after a while.
So the system needs to run the approval recognition not only on new posts but on each change to.

What's with the existing spam URLs?
I don't know if such functions exists but if we could run through all posts with URLs (maybe inside the database) and disapprove all posts with unknown URLs then we have a list we can score.
Moderators would need to approve all this posts again and register the URLs if they are valid. Maybe we should do this with a small amount of posts each.
So we would need a function like "disapprove the first 100 posts with unknown URLs". May be we could assign each moderator a few posts automatically so he can approve 10 posts a week or so.
11 Moderators would solve 110 posts a week. I don't know how big the problem is but the year has 52 weeks so we could to a lot of work without really doing anything.

I'm absolutely new to this forum so maybe this is all nonsense but hiring volunteering spamfilters does not seem to be the smart way.

 

Link to post
Share on other sites

not new.. happened before.. in all variants.. :lol: IMO you can't really track all of that and you shouldn't even try.. If the community is intact they'll report it for topics of interest.. and for the trash topics nobody reads.. we shouldn't care nor waste time with them...

 

One thing tho to protect the users might be the discord approach.. e.g. if you click on a link it pops a warning as soon as you leave discord showing the whole link in a popup and you've to accept that you leave discord.. It's kinda annoying but on the same side you've been warned and then it's up to you to decide if you trust that page or not..

Link to post
Share on other sites
1 hour ago, chwe said:

One thing tho to protect the users might be the discord approach.. e.g. if you click on a link it pops a warning as soon as you leave discord showing the whole link in a popup and you've to accept that you leave discord.. It's kinda annoying but on the same side you've been warned and then it's up to you to decide if you trust that page or not..

Interesting idea.

 

https://invisioncommunity.com/files/file/8257-no-external-links/

 

 

Testlinks:

https://forum.armbian.com/profile/5623-chwe/?wr=eyJhcHAiOiJmb3J1bXMiLCJtb2R1bGUiOiJmb3J1bXMtY29tbWVudCIsImlkXzEiOjEzMDI0LCJpZF8yIjoxMTA5NTh9

https://www.armbian.com/cubieboard-1/

 

At the first link to invision you can see a small icon. This will appear if a link goes external. Has nothing to do with the linked plugin which would add the warning page but I added this icon as immediate measure. Only visible with the dark theme now for testing. Added to Haze theme too.

Link to post
Share on other sites