Open MitchMartinez opened 9 years ago
bui
commented
9 years ago what if this was abused? eg. quickly make 50 threads to trigger the alarm and enable captcha, then delete said threads to pretend nothing happned. combined with an automated script this could make it worse than as it is just now
MitchMartinez
commented
9 years ago There is the potential of this being abused yes if continuously enabled, it would be easy to just lock up all boards into Captcha mode with a few bots. However my intentions with this solution is to fix the absent moderator problem that boards have when they are being attacked. The auto Captcha should only be enabled during times of vulnerability in which a moderator or board owner is not able to respond, i.e. when the team is asleep, vacation, some other emergency. My intention for this fix is just to create somewhat of a auto pilot moderating system which would return discussion back to normal as quickly as possible, with a fast response time, and be disabled any time any moderation staff is available. The last couple of attacks that I have witnessed the mods took several hours to respond, so I feel like this would reduce spam damage.
The function would be optional, and by default disabled. Most boards probably would not need to employ this system, however it would help boards that are continuously attacked. So the worst case scenario in which all the boards are spammed with threads and then deleted to try and trigger auto Captcha, is that the boards that are not typically attacked will not enable Captcha, and the boards that are attacked commonly will enable Captcha. This outcome is basically the same as what is happening right now anyways. However, the best case scenario is that the attacker will become bored, or will be too inept to create an automated script to trigger the Captcha every hour or two and the spam will stop. So as long as the auto captcha is not enabled on EVERY single board, and only boards that are suspected to be attacked, It would not be possible to make it worse than it is now.
This is my first time posting on this website, please forgive me if this is not the correct place to post this.
In light of the recent spam attacks on some boards on infinity chan it is apparent that problems arise when the board owners are unable to enable spam prevention functions when they are absent. Board owners are unable to be on their boards all the time, so I propose that further automation of spam prevention be utilized.
Captcha seems to be a somewhat effective way to deter most attacks that have no Captcha solving services, thus being able to enable this feature during an attack would more often than not stop the attack or at the very least slow it down. If an attack was occurring on a board that had Captcha disabled with the board owner absent, the board will most likely be wiped clean. For this reason some board owners have decided to keep Captcha on permanently. While a solution to the problem, I believe that a constant use of Captcha is a nuisance to the community. I suggest that we somehow make it so that boards can auto detect if an attack is occurring, automatically enable Captcha posting and then disable after a certain time has elapsed.
One thing that I noticed is ubiquitous between all of the attacks is that the pph skyrockets. An idea to exploit this is to create a threshold in which Captcha will be enabled once a certain pph threshold has been reached. This threshold should be variable and up to the board owner to decide what the limit should be. Once Captcha is enabled, it will auto disable after a board owner specified time has been elapsed. Also, being able to program the threshold to change during different times can also reduce the change of an attack during low post hours.
This system is advantageous for three reasons:
I believe that the current autonomous anti spam functions are adequate when the board owners and volunteers are present to deal with the problem. However, I feel like this system can really help improve spam defenses when the moderation team for a board is sleeping or unable to deal with the problem immediately.
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.