Popular Post hooovahh Posted August 1 Popular Post Report Share Posted August 1 Hello all. The last 72 hours we've had some issues with spam bots taking over the forums, pretty aggressively. As a result new account creation has been temporarily disabled. Thanks to all those using the report feature. I don't read every post but I do read every new thread title and you are very helpful in spotting issues. There might be some forum upgrades taking place soon to help combat this issue. After which the new user creation will be turned back on. Nothing is scheduled yet but this is meant to be a heads up that the forums might have some down time soon and it is to be expected. Thanks for your patients. 1 6 Quote Link to comment
Bryan Posted August 5 Report Share Posted August 5 I use the "Unread Content" link almost daily, and it appears that spammers are still hitting the forums pretty hard as that's where I see the most evidence. I don't know if new account creation was turned back on, but if it hasn't yet, it looks like they're still finding a way. 1 Quote Link to comment
hooovahh Posted August 5 Author Report Share Posted August 5 Yeah it sure has. It has slowed down believe it or not. But I do still see new accounts being made. I'll just keep trying to flag spam as I see it, until new upgrades are complete. 1 Quote Link to comment
LogMAN Posted August 6 Report Share Posted August 6 They probably went to bed for a few hours, now they are back. Is CAPTCHA an option for posting new messages? Quote Link to comment
ShaunR Posted August 6 Report Share Posted August 6 (edited) 1 hour ago, LogMAN said: They probably went to bed for a few hours, now they are back. Is CAPTCHA an option for posting new messages? They are signing up when new registrations are disabled. It looks like an exploit. Edited August 6 by ShaunR Quote Link to comment
LogMAN Posted August 6 Report Share Posted August 6 (edited) Ah perhaps I misunderstood. It sounded like account creation turned itself on again. Edited August 6 by LogMAN Quote Link to comment
hooovahh Posted August 6 Author Report Share Posted August 6 Honestly my tools for fighting this are quite limited at the moment. That's why upgrades are likely to come. Until then thanks for your patients. I also check the Unread Content section and hate it to see it blasted with 100s of garbage. When I'm at work it is easy to just refresh once in a while and delete it as it comes. But then Brian goes to sleep, and robots don't need sleep. Maybe the next upgrade will be if I can become a robot. 2 Quote Link to comment
Popular Post LogMAN Posted August 6 Popular Post Report Share Posted August 6 Thanks for cleaning up the mess. Let us know if we can help. In the meantime we'll provide moral support in the forms of memes 3 Quote Link to comment
hooovahh Posted August 8 Author Report Share Posted August 8 Also just so others know, you don't have to report every post and message by a user. When I ban an account it deletes all of their content so just bringing attention to one of the spam posts is good enough to trigger the manual intervention. 1 1 Quote Link to comment
LogMAN Posted August 8 Report Share Posted August 8 Reporting every post is some serious determination 😮 Quote Link to comment
ShaunR Posted August 9 Report Share Posted August 9 12 hours ago, hooovahh said: Also just so others know, you don't have to report every post and message by a user. When I ban an account it deletes all of their content so just bringing attention to one of the spam posts is good enough to trigger the manual intervention. By now, you really shouldn't have to be deleting them manually. If it's an exploit then it should have been patched already (within 24hrs is usual). If it's just spam bots beating CAPTCHA then maybe we can help with a proper spam plugin (coding challenge?). This is a software engineering forum and if we can't stop bots posting after a week then what kind of software engineers are we? It's also quite clear to me that this is no more than a script kiddie. You can watch the evolution of the posts where originally they had unfilled template fields that, as time went on, became filled. Quote Link to comment
X___ Posted August 9 Report Share Posted August 9 50 minutes ago, ShaunR said: By now, you really shouldn't have to be deleting them manually. If it's an exploit then it should have been patched already (within 24hrs is usual). If it's just spam bots beating CAPTCHA then maybe we can help with a proper spam plugin (coding challenge?). This is a software engineering forum and if we can't stop bots posting after a week then what kind of software engineers are we? It's also quite clear to me that this is no more than a script kiddie. You can watch the evolution of the posts where originally they had unfilled template fields that, as time went on, became filled. It takes a thief to catch a thief. Quote Link to comment
hooovahh Posted August 9 Author Report Share Posted August 9 5 hours ago, ShaunR said: By now, you really shouldn't have to be deleting them manually. Moderator tools are way more restrictive than Administrator. I appreciate the support but it is all I can do to get rid of the stuff manually that makes it through until better tools are installed or upgraded. Quote Link to comment
Rolf Kalbermatter Posted August 14 Report Share Posted August 14 On 8/9/2024 at 4:11 PM, hooovahh said: Moderator tools are way more restrictive than Administrator. I appreciate the support but it is all I can do to get rid of the stuff manually that makes it through until better tools are installed or upgraded. Maybe there is an option in the forum software to add some extra users with limited moderation capabilities. Since I was promoted on the NI forums to be a shiny knight, I have one extra super power in that forum and that is to not just report messages to a moderator but to actually simply mark them as spam. As I understand it, it hides the message from the forum and reports it to the moderators who then have the final say if the message is really bad. Something like this could help to at least make the forum usable for the rest of the honorable forum users, while moderation can take a well deserved night of sleep and start in the morning with fresh energy. 🤗 It only would take a few trusted users around the globe to actually keep the forum fairly neat (unless of course a bot starts to massively target the forum. Then having to mark one message a time is a pretty badly scaling solution). Quote Link to comment
ShaunR Posted August 14 Report Share Posted August 14 (edited) 1 hour ago, Rolf Kalbermatter said: Maybe there is an option in the forum software to add some extra users with limited moderation capabilities. Since I was promoted on the NI forums to be a shiny knight, I have one extra super power in that forum and that is to not just report messages to a moderator but to actually simply mark them as spam. As I understand it, it hides the message from the forum and reports it to the moderators who then have the final say if the message is really bad. Something like this could help to at least make the forum usable for the rest of the honorable forum users, while moderation can take a well deserved night of sleep and start in the morning with fresh energy. 🤗 It only would take a few trusted users around the globe to actually keep the forum fairly neat (unless of course a bot starts to massively target the forum. Then having to mark one message a time is a pretty badly scaling solution). Not exactly a software solution though. I wrote a plugin for my CMS that uses Project Honeypot so it's not that difficult and this is supposed to be a software forum, right? The problem in this case, however, seems to be that it's an exploit-it needs a patch. Demoting highly qualified (and expensive) software engineers to data entry clerks sounds to me like an accountants argument (leverage free resource). I'd rather the free resource was leveraged to fix the software or we (the forum users) pay for the fix. The sheer hutzpah of NI to make you a no-cost employee to clear up their spam is, to me, astounding. What's even more incomprehensible is that they have also convinced you it's a privilege Edited August 14 by ShaunR Quote Link to comment
Rolf Kalbermatter Posted August 14 Report Share Posted August 14 (edited) 24 minutes ago, ShaunR said: The sheer hutzpah of NI to make you a no-cost employee to clear up their spam is, to me, astounding. What's even more incomprehensible is that they have also convinced you it's a privilege 😁 well, I can be sometimes tempted. And to be honest, selecting that menu option if I'm looking at the message already is really just taking up one second. It's in fact a lot quicker than selecting the report option and writing "SPAM" in it. Now, spending substantial time on their forum is another topic that could spark a lot of discussion. 😂 Edited August 14 by Rolf Kalbermatter Quote Link to comment
LogMAN Posted August 14 Report Share Posted August 14 2 hours ago, ShaunR said: The problem in this case, however, seems to be that it's an exploit-it needs a patch. It appears that, although registration is disabled, social sign-in is still possible and allows for account creation (even if registration is disabled). For example, Twitter - Social Sign In - Invision Community. Maybe turning those off will put us in a walled garden 🤔 1 Quote Link to comment
Rolf Kalbermatter Posted August 15 Report Share Posted August 15 Some Zeruzandah guy really starts to get on my nerves. 👿 Quote Link to comment
Bryan Posted August 15 Report Share Posted August 15 1 hour ago, Rolf Kalbermatter said: Some Zeruzandah guy really starts to get on my nerves. 👿 So, you have no interest in joining the Illuminati or occult to be free from poverty and ancestral curses without a human sacrifice? Personally, I prefer my sacrifices to be as human-y as possible. Quote Link to comment
ShaunR Posted August 15 Report Share Posted August 15 On 8/14/2024 at 10:37 AM, Rolf Kalbermatter said: Now, spending substantial time on their forum is another topic that could spark a lot of discussion Any site that uses Cloudflare is completely safe from me using it. As far as I'm concerned it is a MitM attack. Quote Link to comment
Yair Posted August 18 Report Share Posted August 18 On 8/9/2024 at 5:11 PM, hooovahh said: ...but it is all I can do to get rid of the stuff manually that makes it through until better tools are installed or upgraded. About a decade ago, when the NI forums had a very similar spam problem, a couple of active users were given privileges to help with the spam. I realized fairly quickly that doing it manually wasn't that helpful and wrote some LV code which monitored the forums, recognized the spam, did all of the actions to remove it and block the user and then sent an email with the details. It worked quite well and would typically get rid of the spam within a minute or two of it being posted. Quote Link to comment
Rolf Kalbermatter Posted August 18 Report Share Posted August 18 (edited) On 8/15/2024 at 3:58 PM, ShaunR said: Any site that uses Cloudflare is completely safe from me using it. As far as I'm concerned it is a MitM attack. It's a valid objection. But in this case with the full consent of the website operator. Even more than that, NI pays them for doing that. There are a few things Cloudflare can do, such as deflecting DOS attacks that can make it look attractive. Personally I mostly notice it as a delay when opening a CloudFlare "protected" website. In the case of NI this can sometimes amount to an infinite delay since the CloudFlare servers seem to get caught in some infinite loop trying to decide if I'm a bot, a hacker or a harmless visitor. Usually aborting the page loading and forcing a refresh results in an immediate success. A few times per year CloudFlare decides that trying to edit a post because of a typo and subsequently resubmitting it, is a very dangerous sign of web server flooding. My guess is that they get the timing wrong at those times and the analyzer thinks that the resubmit 30 seconds later was really 30 ms later, so can't possibly be a human. Of course these services are only tolerated when they are 100% invisible. Otherwise there will always be people feeling bad about them. And things can go bad, as has been proven by the recent CrowdStrike incident too. Edited August 18 by Rolf Kalbermatter Quote Link to comment
ShaunR Posted August 19 Report Share Posted August 19 (edited) 18 hours ago, Rolf Kalbermatter said: It's a valid objection. But in this case with the full consent of the website operator. Even more than that, NI pays them for doing that. The objection is that I (as a user) do not have end-to-end encryption (as advertised by the "https" prefix) and there is no guarantee that all encryption is not stripped, logged and analysed before going on to the final server. But that's not just a single server, it's all servers behind Cloudlfare, so it would make data mining correlation particularly useful to adversaries. Therefore I refuse to use any site that sits behind Cloudflare and my Browsers are configured in such a way that makes it very hard to access them so that I know when a site uses it. If I need the NI site (to download the latest LabVIEW version for example) then I have to boot up a VM configured with a proxy to do so. I refuse to use the NI site and the sole reason is Cloudflare. So now you know how you can get rid of me from Lavag.org - put it behind Cloudlfare Edited August 19 by ShaunR Quote Link to comment
Rolf Kalbermatter Posted August 21 Report Share Posted August 21 (edited) Really????? 16 pages of spamming and still being busy!! Can we not just disable any kind of account creation for the time being, until this hole is fixed? Wouldn't this work too? https://invisioncommunity.com/forums/topic/473954-spam-attack-today/?do=findComment&comment=2943240 Edited August 21 by Rolf Kalbermatter Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.