Jump to content

LAVA Spam and Upgrades

hooovahh

By hooovahh,
in Site News

Recommended Posts

  • Popular Post
hooovahh Experienced

hooovahh

Posted
  • Popular Post
Posted

Hello all. The last 72 hours we've had some issues with spam bots taking over the forums, pretty aggressively.  As a result new account creation has been temporarily disabled.  Thanks to all those using the report feature.  I don't read every post but I do read every new thread title and you are very helpful in spotting issues.

There might be some forum upgrades taking place soon to help combat this issue.  After which the new user creation will be turned back on.  Nothing is scheduled yet but this is meant to be a heads up that the forums might have some down time soon and it is to be expected.  Thanks for your patients.

  • Like 1
  • Thanks 6
Link to comment
  • Replies 56
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

hooovahh
hooovahh

Hello all. The last 72 hours we've had some issues with spam bots taking over the forums, pretty aggressively.  As a result new account creation has been temporarily disabled.  Thanks to all those usi

bjustice
bjustice
hooovahh
hooovahh

Oh yeah it sucks. I do what I can, I contact the admin when there are issues I can't resolve. I appreciate your patients.

Posted Images

Bryan Enthusiast

Bryan

Posted
Posted

I use the "Unread Content" link almost daily, and it appears that spammers are still hitting the forums pretty hard as that's where I see the most evidence. 

I don't know if new account creation was turned back on, but if it hasn't yet, it looks like they're still finding a way.

  • Like 1
Link to comment
hooovahh Experienced

hooovahh

Posted
  • Author
Posted

Yeah it sure has. It has slowed down believe it or not. But I do still see new accounts being made.  I'll just keep trying to flag spam as I see it, until new upgrades are complete.

  • Like 1
Link to comment
ShaunR Proficient

ShaunR

Posted
Posted (edited)
1 hour ago, LogMAN said:

They probably went to bed for a few hours, now they are back. Is CAPTCHA an option for posting new messages?

They are signing up when new registrations are disabled. It looks like an exploit.

1lp7dv.jpg.36c1c46be3c8fcfff364329fd1423e48.jpg

Edited by ShaunR
Link to comment
hooovahh Experienced

hooovahh

Posted
  • Author
Posted

Honestly my tools for fighting this are quite limited at the moment.  That's why upgrades are likely to come.  Until then thanks for your patients.  I also check the Unread Content section and hate it to see it blasted with 100s of garbage.  When I'm at work it is easy to just refresh once in a while and delete it as it comes. But then Brian goes to sleep, and robots don't need sleep.  Maybe the next upgrade will be if I can become a robot.

  • Sad 2
Link to comment
hooovahh Experienced

hooovahh

Posted
  • Author
Posted

Also just so others know, you don't have to report every post and message by a user.  When I ban an account it deletes all of their content so just bringing attention to one of the spam posts is good enough to trigger the manual intervention.

  • Like 1
  • Haha 1
Link to comment
ShaunR Proficient

ShaunR

Posted
Posted
12 hours ago, hooovahh said:

Also just so others know, you don't have to report every post and message by a user.  When I ban an account it deletes all of their content so just bringing attention to one of the spam posts is good enough to trigger the manual intervention.

By now, you really shouldn't have to be deleting them manually.

If it's an exploit then it should have been patched already (within 24hrs is usual). If it's just spam bots beating CAPTCHA then maybe we can help with a proper spam plugin (coding challenge?). This is a software engineering forum and if we can't stop bots posting after a week then what kind of software engineers are we?

It's also quite clear to me that this is no more than a script kiddie. You can watch the evolution of the posts where originally they had unfilled template fields that, as time went on, became filled.

Link to comment
X___ Community Regular

X___

Posted
Posted
50 minutes ago, ShaunR said:

By now, you really shouldn't have to be deleting them manually.

If it's an exploit then it should have been patched already (within 24hrs is usual). If it's just spam bots beating CAPTCHA then maybe we can help with a proper spam plugin (coding challenge?). This is a software engineering forum and if we can't stop bots posting after a week then what kind of software engineers are we?

It's also quite clear to me that this is no more than a script kiddie. You can watch the evolution of the posts where originally they had unfilled template fields that, as time went on, became filled.

It takes a thief to catch a thief.

Link to comment
hooovahh Experienced

hooovahh

Posted
  • Author
Posted
5 hours ago, ShaunR said:

By now, you really shouldn't have to be deleting them manually.

Moderator tools are way more restrictive than Administrator.  I appreciate the support but it is all I can do to get rid of the stuff manually that makes it through until better tools are installed or upgraded.

Link to comment
Rolf Kalbermatter Proficient

Rolf Kalbermatter

Posted
Posted
On 8/9/2024 at 4:11 PM, hooovahh said:

Moderator tools are way more restrictive than Administrator.  I appreciate the support but it is all I can do to get rid of the stuff manually that makes it through until better tools are installed or upgraded.

Maybe there is an option in the forum software to add some extra users with limited moderation capabilities. Since I was promoted on the NI forums to be a shiny knight, I have one extra super power in that forum and that is to not just report messages to a moderator but to actually simply mark them as spam. As I understand it, it hides the message from the forum and reports it to the moderators who then have the final say if the message is really bad. Something like this could help to at least make the forum usable for the rest of the honorable forum users, while moderation can take a well deserved night of sleep and start in the morning with fresh energy. 🤗 It only would take a few trusted users around the globe to actually keep the forum fairly neat (unless of course a bot starts to massively target the forum. Then having to mark one message a time is a pretty badly scaling solution). 

Link to comment
ShaunR Proficient

ShaunR

Posted
Posted (edited)
1 hour ago, Rolf Kalbermatter said:

Maybe there is an option in the forum software to add some extra users with limited moderation capabilities. Since I was promoted on the NI forums to be a shiny knight, I have one extra super power in that forum and that is to not just report messages to a moderator but to actually simply mark them as spam. As I understand it, it hides the message from the forum and reports it to the moderators who then have the final say if the message is really bad. Something like this could help to at least make the forum usable for the rest of the honorable forum users, while moderation can take a well deserved night of sleep and start in the morning with fresh energy. 🤗 It only would take a few trusted users around the globe to actually keep the forum fairly neat (unless of course a bot starts to massively target the forum. Then having to mark one message a time is a pretty badly scaling solution). 

Not exactly a software solution though. I wrote a plugin for my CMS that uses Project Honeypot so it's not that difficult and this is supposed to be a software forum, right?

The problem in this case, however, seems to be that it's an exploit-it needs a patch. Demoting highly qualified (and expensive) software engineers to data entry clerks sounds to me like an accountants argument (leverage free resource). I'd rather the free resource was leveraged to fix the software or we (the forum users) pay for the fix.

The sheer hutzpah of NI to make you a no-cost employee to clear up their spam is, to me, astounding. What's even more incomprehensible is that they have also convinced you it's a privilege:blink:

Edited by ShaunR
Link to comment
Rolf Kalbermatter Proficient

Rolf Kalbermatter

Posted
Posted (edited)
24 minutes ago, ShaunR said:

The sheer hutzpah of NI to make you a no-cost employee to clear up their spam is, to me, astounding. What's even more incomprehensible is that they have also convinced you it's a privilege:blink:

😁 well, I can be sometimes tempted. And to be honest, selecting that menu option if I'm looking at the message already is really just taking up one second. It's in fact a lot quicker than selecting the report option and writing "SPAM" in it. Now, spending substantial time on their forum is another topic that could spark a lot of discussion. 😂

Edited by Rolf Kalbermatter
Link to comment
LogMAN Collaborator

LogMAN

Posted
Posted
2 hours ago, ShaunR said:

The problem in this case, however, seems to be that it's an exploit-it needs a patch.

It appears that, although registration is disabled, social sign-in is still possible and allows for account creation (even if registration is disabled). For example, Twitter - Social Sign In - Invision Community. Maybe turning those off will put us in a walled garden 🤔

image.png.4089885a1eeb5d077b779e1f2cae218a.png

  • Like 1
Link to comment
Bryan Enthusiast

Bryan

Posted
Posted
1 hour ago, Rolf Kalbermatter said:

Some Zeruzandah guy really starts to get on my nerves. 👿

So, you have no interest in joining the Illuminati or occult to be free from poverty and ancestral curses without a human sacrifice?  

Personally, I prefer my sacrifices to be as human-y as possible.  

Link to comment
ShaunR Proficient

ShaunR

Posted
Posted
On 8/14/2024 at 10:37 AM, Rolf Kalbermatter said:

Now, spending substantial time on their forum is another topic that could spark a lot of discussion

Any site that uses Cloudflare is completely safe from me using it. As far as I'm concerned it is a MitM attack.

Link to comment
Yair Rookie

Yair

Posted
Posted
On 8/9/2024 at 5:11 PM, hooovahh said:

...but it is all I can do to get rid of the stuff manually that makes it through until better tools are installed or upgraded.

About a decade ago, when the NI forums had a very similar spam problem, a couple of active users were given privileges to help with the spam. I realized fairly quickly that doing it manually wasn't that helpful and wrote some LV code which monitored the forums, recognized the spam, did all of the actions to remove it and block the user and then sent an email with the details. It worked quite well and would typically get rid of the spam within a minute or two of it being posted.

Link to comment
Rolf Kalbermatter Proficient

Rolf Kalbermatter

Posted
Posted (edited)
On 8/15/2024 at 3:58 PM, ShaunR said:

Any site that uses Cloudflare is completely safe from me using it. As far as I'm concerned it is a MitM attack.

It's a valid objection. But in this case with the full consent of the website operator. Even more than that, NI pays them for doing that.

There are a few things Cloudflare can do, such as deflecting DOS attacks that can make it look attractive. Personally I mostly notice it as a delay when opening a CloudFlare "protected" website. In the case of NI this can sometimes amount to an infinite delay since the CloudFlare servers seem to get caught in some infinite loop trying to decide if I'm a bot, a hacker or a harmless visitor. Usually aborting the page loading and forcing a refresh results in an immediate success. A few times per year CloudFlare decides that trying to edit a post because of a typo and subsequently resubmitting it, is a very dangerous sign of web server flooding. My guess is that they get the timing wrong at those times and the analyzer thinks that the resubmit 30 seconds later was really 30 ms later, so can't possibly be a human.

Of course these services are only tolerated when they are 100% invisible. Otherwise there will always be people feeling bad about them. And things can go bad, as has been proven by the recent CrowdStrike incident too.

Edited by Rolf Kalbermatter
Link to comment
ShaunR Proficient

ShaunR

Posted
Posted (edited)
18 hours ago, Rolf Kalbermatter said:

It's a valid objection. But in this case with the full consent of the website operator. Even more than that, NI pays them for doing that.

The objection is that I (as a user) do not have end-to-end encryption (as advertised by the "https" prefix) and there is no guarantee that all encryption is not stripped, logged and analysed before going on to the final server. But that's not just a single server, it's all servers behind Cloudlfare, so it would make data mining correlation particularly useful to adversaries.

Therefore I refuse to use any site that sits behind Cloudflare and my Browsers are configured in such a way that makes it very hard to access them so that I know when a site uses it. If I need the NI site (to download the latest LabVIEW version for example) then I have to boot up a VM configured with a proxy to do so. I refuse to use the NI site and the sole reason is Cloudflare.

So now you know how you can get rid of me from Lavag.org - put it behind Cloudlfare :lol:

Edited by ShaunR
Link to comment

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Go to topic listing


×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept