Bots on PPRuNe
They seem to be a regular presence recently in the forums, reposting parts of previous posts.
What else are they doing? |
Spam ? That's what bots usually do.
|
As in harvesting emails for future use?
There is nothing to see in the posts themselves. http://i43.tinypic.com/7142rk.jpg When doing a posts search something does show up which is not visible in the post itself. Would you know what that is? http://i39.tinypic.com/16h6zjk.jpg |
As in harvesting emails for future use? Would you know what that is? I suspect the image filename of "avtar" gives a hint...it's a little icon, anything from a smilie to a small image meant to represent the user. |
A number of them will be being used by search engines (such as google) to update their indexes of pprune. It is no surprise since pprune often appears high up on google searches... Google is also often quicker/easier (in my opinion) to find a long lost thread than the built in search tools. They wont be re-posting posts though (unless their design is flawed).
My memory is that you need to create an account to post here which bots have great difficulty doing. Could it be there are some pilots who are just a little too fatigued to function properly logging in? |
I am getting curious now.
What would be the purpose of having a bot that posts parts of previous posts and includes a 1x1 pixel sized image that is not visible? If it was an attempt at spam would there not be links or something visible? Riverrock, You can see usernames registered in the last few days with names like "Claudette381" or "Curtis532" and so on, making posts that just include this little image file and snippets of previous posts on the same thread. |
A number of them will be being used by search engines (such as google) to update their indexes of PPRuNe. What would be the purpose of having a bot that posts parts of previous posts and includes a 1x1 pixel sized image that is not visible? If it was an attempt at spam would there not be links or something visible? This is the way with email spam anyways. Not sure if it works the same way with forum spam. With email spam, oftentimes each email has a slightly modified link all redirected to the same inviisible 1x1 image. That way they can know exactly which of their thousand spam Viagra emails has made it to human eyes. :E |
Ross,
I see. So would the inclusion of this 1x1 image cause an increase in apparent views on the hosting server/website and increase ad revenues? |
which means I was extra stupid to copy the link of the invisible pic to another window (got it from 'more posts by...' and Amazon books it was) - Clyde...whatevernumber it was, in "2 last letters start the next word", because the post was weird, as the next post is supposed to have the definite letters there. :{
(Clyde38, looked it up). |
If any of these spam accounts are not being banned by moderators in the course of moderation, please list their user names here, and we'll take a look. Thanks!
|
Happy Daze
If you really want to encounter a plethora of "BOTS" just pop over to the USA politics hamsterwheel.
Stuffed chock full of them over there :ok: |
With email spam, oftentimes each email has a slightly modified link all redirected to the same inviisible 1x1 image. Maybe M$ Outlook will... but I would be suprised if that was the default configuration nowadays. This is absolutely the oldest trick in the book for infecting email software... include a malformed jped/pdf/whatever in the email. However, I recall there was a company making money out of a service whereby you included the 1-pixel image in your outgoing email(s) and that way you could tell when the recipient has read it. Without some trick like that, there is no way to tell if somebody has opened an email. |
CleeIB,
Sunflower100, plus two others I reported but can't remember, are linkspamming at the moment. |
I reckon that Bushfiva might be a bot, y'know ;)
:} just kidding |
Thanks, guys. The mods are collecting bot usernames as they ban them, and we are looking into back end tweaks to help keep them away.
|
No URLs in posts by new users might be a start? There'd be no reason to post here. I guess you know the IP addresses, so it would be interesting to know if this is a dedicated guy in the US, or a work for hire done by an Indian or Chinese spam farm.
|
Bushfiva, it's actually not possible to restrict links within posts in vBulletin without unofficial hacks, which the tech team are reluctant to implement. We could restrict posting altogether by new users, but that's pretty drastic and hard to implement, given the dispersion of spammers across the forums. We'll focus on some back end tweaks to try to slow down these spammers from entering in the first place.
|
Well, you are the owners of vBulletin so you would be the right people to turn an unofficial hack into an official option. :}
How about a minimum image size in both terms of dimensions and kB? Then single-pixel images and blank images hiding at the end of the text wouldn't work. |
Bushfiva,
You're missing the point. The aim should be to catch them before they even have the opportunity to post. Not trying to catch them out at the posting stage, because they are only going to work around that. Bring back captcha logins I say ! :E (plus a few additional tricks here and there....) |
No, I'm not missing the point. These aren't bots, they're people paid to get past the registration and login barriers, then start posting apparently reasonable postings but including a one-pixel link. You can try to block them at the point of entry by making the cost higher than the value in posting, agreed. But you can also stop them by making their postings readily detectable. You may not have noticed, but at least one of these "bots" has been creating threads. If images below a certain pixel size can't be posted, all the single-pixel issues go away. If images below a certain file size can't be posted, then most of the transparent-image-at-the-end-of-the-text issues go away, courtesy of Mr Huffman and friends.
In general, a blend of approaches probably works best. But these guys *are* vBulletin, so saying they don't like hacks is disingenuous. Don't make it a hack, make it part of the product. IB has more than 100 web sites; it's not just trying to fix PPRuNe, it's trying to fix their entire portfolio. |
Thanks for the suggestions, guys. We'll see what we can do. Captcha logins are probably not worth the inconvenience to existing members (I know I would hate that), since all spammers need to do is just make it in once before they get banned.
|
Could you hold first-time-post till a moderator approves content? Or would that be a avalanche of work? How many 1st time posters on this forum everyday, say?
|
ross, manual moderation of first-time posters would indeed be an avalanche of work. The number of daily new registrants varies, but it's typically around the many dozens.
|
Another one for you Clee...
http://www.pprune.org/tech-log/48085...ml#post7105872 I think ? Unless "Add Content" is shorthand for something else ? |
This is the way with email spam anyways. Not sure if it works the same way with forum spam. With email spam, oftentimes each email has a slightly modified link all redirected to the same inviisible 1x1 image. That way they can know exactly which of their thousand spam Viagra emails has made it to human eyes. - send to 10% of the membership with headline A - send to 10% of the membership with headline B - wait three days - see which headline prompted more people to read the email - send the remaining 80% with the more effective headline. All of which comes with the mailing list software ... |
Another one for you Clee... |
I use an add-on for Firefox call NoScript. Basically lets you authorize/deauthorize what scripts sites can run. Comes in really handy for forums, albeit initially cumbersome as you have to configure the add-on for each site you frequent (i.e. allow pprune.org, block google, etc.).
|
There are several of these "Add content" posts going back to July 2011. All seems to have been made by users that has been registered for years and made a high number of legitimate posts.
|
I would like to propose a conspiracy theory.... I have often wondered after visiting a plethora of web sites and taking in to account of the ability of computers/software to read text when posted and reply!!!
My concern is this. How do I know that I'm the only 'real life' poster on this site? Daz |
dazdaz1
Ever heard of Eliza ? Summary. Computers are dumb. You would soon notice robotic replies to your posts. |
http://www.pprune.org/tech-log/48085...ml#post7105872 I think ? Unless "Add Content" is shorthand for something else ? Please keep calling suspicious posts to my attention. This one by itself isn't enough to act on. Thanks! |
Thanks Clee.
|
LigonHester seems to be another one.
|
Thanks, stevep64. We took care of that one.
|
ytdjyty is a spamalope.
|
Thanks, bushfiva. We banned that one and its Chinese IP address range.
|
A couple more that seem dodgy Samanfotto and Elsie93. Not sure about Samanfotto. Both have posted "add content" in the same thread http://www.pprune.org/atc-issues/481808-skyguide.html but Elsie93 is cutting and pasting other peoples comments too.
|
Not sure if its people being hacked or a script that is posting in their name when they click but like stated previously, it seems to be legit members with post history that checks out posting small phrases like "Add Content"...
http://www.pprune.org/terms-endearme...ning-scam.html |
One of them's adding single-pixel links. They're link spammers. Looks like Indie Cent may have lost control of his account, too.
(Digs a bit more) Well, either some people have compromised passwords, or there's another issue at play. Just searching "Add Content" shows some interesting stuff: Subria023 14th Nov 2011, Spitfire Boy 14th Oct 2011, DADDY-OH! 3rd Jan 2012, The Cleaner 27th Feb 2012, PEGGY since 27th Jan 2012 and so on. |
Thanks, Bushfiva. I'll have the tech team see if they can find anything regarding cause and/or solution.
|
All times are GMT. The time now is 05:07. |
Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.