Jump to content

(sub)Forums are being flooded with BS!


BDMSTUDIOS

Recommended Posts

I have reported several of the spammer's posts since this morning, European time. (There is a "Report" link at lower right of each post.)

 

I guess we just have to wait until the Americans wakes up. They do delete spam during the weekends, not only during weekdays.

 

Hi, GREAT job and thanks for the reply!

 

Cheers

Link to comment
Share on other sites

Here's the link to my post on the "Retrospect 9 or higher for Macintosh" forum discussing this, in relation to how it has been dealt with on the Ars Technica forums.

 

P.S.: The reason the link doesn't work any more is that someone with administrator authority, presumably He Who May Not Be Named Lightly, deleted the entire thread containing the post.  I really don't understand why he did so.  The reports of spam in the early posts were correct.  The link in my post to the thread in the Ars Technica forums was surely helpful, along with my description of how Ars Technica administrators had dealt with their spam.  My characterization of the nationality of the spammers, reflecting statements by other posters to the Ars Technica thread who could read the spammers' distinctive script (which even I can recognize), was surely correct and referred to "some  ...s".   The suggestion in my post that this was an opportunity for He Who May Not Be Named Lightly to shine was not abusive, and—given the reference to a smiley after it—could surely be recognized by anyone without undue sensitivity as an expression of sympathy with the amount of work that He Who May Not Be Named Lightly would have to do to fix the problem.  All in all, I think He Who May Not Be Named Lightly owes all of us who posted in that thread an apology.

 

P.P.S.: They're back.  Approximately 1.15 pages of Korean-script spam in the "Retrospect 9 or higher for Macintosh" forum as of 10:15 a.m. EDT on 13 November.

Link to comment
Share on other sites

Here's the link to my post on the "Retrospect 9 or higher for Macintosh" forum discussing this, in relation to how it has been dealt with on the Ars Technica forums.

 

P.S.: The reason the link doesn't work any more is that someone with administrator authority, presumably He Who May Not Be Named Lightly, deleted the entire thread containing the post.  I really don't understand why he did so.  The reports of spam in the early posts were correct.  The link in my post to the thread in the Ars Technica forums was surely helpful, along with my description of how Ars Technica administrators had dealt with their spam.  My characterization of the nationality of the spammers, reflecting statements by other posters to the Ars Technica thread who could read the spammers' distinctive script (which even I can recognize), was surely correct and referred to "some  ...s".   The suggestion in my post that this was an opportunity for He Who May Not Be Named Lightly to shine was not abusive, and—given the reference to a smiley after it—could surely be recognized by anyone without undue sensitivity as an expression of sympathy with the amount of work that He Who May Not Be Named Lightly would have to do to fix the problem.  All in all, I think He Who May Not Be Named Lightly owes all of us who posted in that thread an apology.

 

P.P.S.: They're back.  Approximately 1.15 pages of Korean-script spam in the "Retrospect 9 or higher for Macintosh" forum as of 10:15 a.m. EDT on 13 November.

 

P.P.S.: They're back.  Yeh wright! ... and counting!

 

I can't understand why - in 2016 - this user-forum is STILL NOT secure!

 

ScreenCap%202016-11-14%20at%2014.06.28.j

 

NUFF SAID!

 

Admin, could you please respond, TIA!

 

Cheers

Link to comment
Share on other sites

Heavens to Betsy!  Retrospect Inc. seems to have been motivated by this problem to upgrade to non-free forum software from Invision Power Services Inc..  That's why the logo in the browser tab has changed from the red Retrospect cube to the 'V' in the blue box.  That will cost them a minimum of US$30/month for 40 simultaneous visitors.

 

Couldn't He Who May Not Be Named Lightly just have done what I suggested, which is what Ars Technica has done?

 

P.S.: Here's the Ars Technica Macintoshian Achaia thread that tells how they got rid of the spam in that forum.

 

P.P.S.: When I try to post from Firefox 50.0, I still don't get any formatting buttons and I still get extra HTML character entities thrown in.  That would imply that the Retrospect forums are still using the same software they did.  So why are we getting the IPS Community banner at the top of the page?  Did Retrospect Inc. just pay IPS to get rid of the spam?

 

P.P.P.S.: As of 22:54 on 15 November, there are 4 new spam threads in the "Retrospect 9 or higher for Macintosh" forum.  Based on what I have read on Ars Technica, that probably means there is one spammer account that is still registered and allowed to post.

Link to comment
Share on other sites

>No updates during these five years?

 

That isn't what I said. Using the same forum software, and it is kept up to date to the best of my knowledge.

 

I have adjusted the forum spam filters to see if it helps.

 

 

IMHO you (or your co-workers at Retrospect Inc.) are being obtuse, He Who May Not Be Named Lightly, so in the interest of all users of the Retrospect user forums I'll spell it out for you—based on  what I have read on an administrative thread of another set of forums that seems to have dealt permanently with this problem:

 

The basic source of the problem is that there are some Korean-language (that's the Hangul script that they use) spammers who have discovered how to automate the account signup process  for forums that use the type of forum software Ars Technica and Retrospect Inc. use.  Among other things their automation (or possibly low-wage Bangladeshis they may have hired) can do is to cope with whatever CAPTCHAs the forum software may require for account signup.  Those Ars Technica forums posters who can either read Korean or use Google Translate have said that the spammers are creating accounts on popular forums and doing automated posting to them in order to promote some gambling sites—whether websites or physical sites I don't know.  The spammers' idea is to raise the online profile of these gambling sites by doing Search Engine Optimization, whose embodiment for Americans is gaming Google Search.  The spammers are incredibly persistent.

 

The only way the Ars Technica administrators have found to cope with the spammers is to disable automatic posting capability for newly-created forum accounts.  Ars Technica evidently has introduced a manual exchange of e-mails requirement before posting can begin.  The Ars Technica administrators and volunteer moderators have followed this up by deleting any spammer accounts that had already been created before the manual-exchange-of-e-mails requirement was instituted.  BTW, the spammers have sent e-mails to the Ars Technica administrators asking why they can't post to their accounts—which in the opinion of those administrators is true chutzpah (that's a Yiddish term, not a Korean one, for those who don't know).

 

The Ars Technica administrators are not happy with having had to institute the manual-exchange-of-e-mails requirement.  For one thing, it means more work for them.  For another thing, it inhibits the ability of new forums users to sign up for an account and immediately start posting about whatever software/hardware problems they are having.  But it seems to be the only way to permanently deal with these spammers.  I'm sure that the spam filters for the Ars Technica forums are at least as good as the spam filters for the Retrospect Inc. user forums, so if Ars Technica administrators couldn't deal with the spammers through filters alone then neither will you be able to do so.

 

Please excuse me if I have unfairly belittled your efforts to date,  He Who May Not Be Named Lightly.  But, BTW, why have the Retrospect user forums suddenly started displaying an IPS Community banner instead of a Retrospect banner at the top of the forum pages?  How is that evident switch supposed to help?

 

P.S.: As of 4:24 a.m. EST on 16 November the spammers are back on the "Retrospect 9 or higher for Macintosh" forum; I think that proves my point.

 

P.P.S.: In second sentence of second paragraph, parenthetically allowed for the possibility that the spammers may be using low-wage humans to get around CAPTCHAs.

 

P.P.P.S.: This morning (16 November) I copied this post as a Support Case, to make sure He Who May Not Be Named Lightly read it.  The case has now been closed by Support.

Link to comment
Share on other sites

It occurred to me later this morning that there might be a way of making the manual exchange of e-mails requirement before posting can begin easier for the Retrospect Inc. administrator(s) of these forums than it is for Ars Technica forums administrators.  It depends on the fact that—IIRC—anybody purchasing a license for Retrospect must supply an e-mail address, and on the fact—again IIRC (its been 12 years since I signed up for a Forums account)—that anybody signing up for a Forums account must also supply an e-mail address.  It should be comparatively easy for He Who May Not Be Named Lightly to get Retrospect engineering to supply him with alphanumerically-sorted copies of those two e-mail address lists, plus simple programs to do binary searches of those sorted lists.

 

Thus, for any person who holds a license for Retrospect and has not previously signed up for a Forums account with the e-mail address he/she now supplies, it should not be necessary to do a manual exchange of e-mails before allowing that person to make posts to the new Forum account; the administrator can safely approve posting semi-automatically.  On the other hand, if the person signing up for a new Forums account does not have a license for Retrospect using the supplied e-mail address, or if he/she has a Retrospect license using the supplied e-mail address but already has another Forums account using that same e-mail address, then the administrator should exchange e-mails with the person who has signed up for the new Forums account before allowing him/her to post.

 

Being a retired applications programmer, it naturally occurred that this decision process could be semi-automated.  However I can see some potential problems with doing that.  For instance, what if the resourceful spammers get hold of a list of the e-mail addresses of Korean/other licensees of Retrospect?

 

I would greatly appreciate anybody's thoughts on this subject. 

Link to comment
Share on other sites

If I read David's post correctly, that would effectively close out those interested in Retrospect, but have not purchased a license yet.

 

 

If you read my post that way, then I didn't write it clearly enough.  In the situation you cite, the administrator should exchange e-mails with the person who has signed up for the new Forums account before allowing him/her to post.

 

In spite of my years working as a KGB interrogator under Vladimir Putin (derek500 doesn't like me to use smilies in these forums), I'm not sure what I—if I were a Retrospect Inc. Forums administrator—would ask the person who has signed up for the new Forums account.  Asking him what his/her Retrospect question is sounds like a good start; if the person seems to have no familiarity whatsoever with Retrospect's facilities, that would sound more than a little suspicious.  Asking the person for three references who would testify under mild torture that the person wasn't doing any spamming in the last week seems a bit excessive, although we used to be able to do things like that in the KGB.

 

In any case, a quick search of the Forums seems to indicate that such persons are few and far between.  AFAICT the only people who asked a question without already having a license showed up in "General Discussion—Retrospect" about 3+ years ago.  I'm sure He Who May Not Be Named Lightly would be overjoyed to encounter such a person, provided he/she were not a spammer.  In fact, that's why DovidBenAvraham greatly enhanced the Retrospect article in Wikipedia—but the readership statistics so far seem to indicate that the majority of people who are reading the article are already Retrospect users who are monitoring the article for any changes.

Link to comment
Share on other sites

@David Hertzberg: This is off-topic, but could you please stop with that childish "He Who May Not Be Named Lightly"  and "derek500 doesn't like me to use smilies in these forums" stuff?

 

It maybe was funny once, but it is becoming annoying now.

 

 

I never intend that stuff to be funny;  I intend it as needling to make a couple of points.  

 

I'll discuss the point I'm making with "derek500 doesn't like me to use smilies in these forums" in this post, and the point I'm making with "He Who May Not Be Named Lightly" in my next post.

 

derek500 said "... there is a checkbox on the right for 'enable emoticons'. Uncheck that and B) works normally! Being a tech forum, I think these should be turned off by default!" in the last paragraph of this 25 March 2016 post.  I replied "Being a tech forum dealing with backup, and especially with Retrospect, I think we need all the nuance we can get from emoticons" in the next post in that same thread.  These remarks were part of a technical discussion related to what I said in a preceding post in the same thread, which was "So the answer to your Question 1) is B] (which I must write that way because—thanks to a 'peculiarity' in the Retrospect Forums software—if I write it as 'b' or 'B' followed by ')' it gets turned into this B) smiley—as happened in your post)."  The underlying technical problem IMHO is that what the Retrospect Forums software inserts for certain emoticons is too simplistic; the insertions are identical to certain other legitimate combinations of alphabetic and special characters.  The Ars Technica forums don't have that problem, because what their software inserts for emoticons is never identical to other legitimate character combinations; for instance they insert 'B-)' without the surrounding single-quotes instead of  'B)'.  As a matter of fact, I will belatedly file that problem as a Support Case.

 

Now let's look at the second paragraph of post #16 in this thread.  In that paragraph I'm actually discussing a rather tricky problem, which is how to distinguish bad guys who can be expected to lie from good guys who can be expected to tell the truth.  If you think about that problem for 15 seconds, you'll realize it's the same problem as with the "extreme vetting" of Moslem refugees advocated by Mr. Trump.  In the Retrospect Forums case the bad guys merely want to subvert our forums, and the good guys merely want to discuss a legitimate concern with Retrospect.  In the "extreme vetting" case, on the other hand, the bad guys sympathize with ISIS and want to kill us, and the good guys want to get into the U.S. to avoid being killed.  Either way the problem of distinguishing bad guys from good guys is also rather funny; in fact I suspect there is a Monty Python skit about it someplace.  That's why I talked about "my years working as a KGB interrogator under Vladimir Putin", which was a joke (I actually make yearly contributions to Amnesty International) that would have been much clearer if I could have used an emoticon.

Link to comment
Share on other sites

@David Hertzberg: This is off-topic, but could you please stop with that childish "He Who May Not Be Named Lightly"  and "derek500 doesn't like me to use smilies in these forums" stuff?

 

It maybe was funny once, but it is becoming annoying now.

 

I'll discuss the point I'm making with "He Who May Not Be Named Lightly" in this post.

 

I see that Mayoff liked Hofstede's post.  That's good, because it indicates that Mayoff is actually reading this thread—which I had come to doubt.  Mayoff is, of course, the poster I intend to needle as He Who May Not Be Named Lightly.

 

For me, the problem became evident in May 2016.  In the "Retrospect 9 or higher for Macintosh" forum I made a perfectly legitimate post (I no longer remember what it was) about a deficiency in the Mac 13 User's Guide, and accompanied it with a gentle gibe about Mayoff having a hypothetical daughter with a speaking Barbie doll that says "writing is hard" (referring to a Barbie doll—quickly withdrawn after widespread criticism—some years ago that said "math class is hard").  Mayoff deleted my post, and immediately re-posted this—with evident emphasis on its final paragraph.  If Mayoff was motivated by memories of a real daughter to whom something tragic had happened, I'm truly sorry, but I think an alternative explanation for his actions is much more likely.  Given that, on 26 September, he posted "Technical Support does not write the Retrospect User's Guide. This is handled by a different team of people in the company which includes Product Management and Engineering. That same team currently writes most of the KB articles", I now think he was instead motivated by embarrassment at his own powerlessness to improve the UG.

 

But that doesn't explain what happened over the last week on the Retrospect Forums when the spam tsunami started.  In the "Retrospect 9 or higher for Macintosh" forum I posted a report about a similar spam tsunami on the Ars Technica Macintoshian Achaia forum, and what the administrators and moderators there were doing to deal with it.  The whole thread containing my post was deleted "accidentally" along with a lot of spam posts, which I discovered when the link to it I had put into post #4 of this thread stopped working.  So I first put a direct link to the Ars Technica administrative thread on the spam tsunami into post #8 of this thread as a P.S..  Then, when spam threads kept reappearing in the "Retrospect 9 or higher for Macintosh" forum after Mayoff said he "adjusted the forum spam filters", I "spelled out" the Ars Technica forums solution as post #13 in this thread. Seeing that that didn't have any effect, I copied that post #13 as a Support Case.  Finally, realizing that continuing to implement the Ars Technica solution would put a strain on Mayoff, I suggested a labor-saving technique—which BTW Ars Technica can't use because they don't sell any software—as post #14 in this thread.  All in all I put a fair amount of effort into helping Mayoff deal with the spam tsunami; all I got for it was my Support Case being closed without any comment—not even "Thanks, but we already saw this on the forums."  Am I wrong to call Mayoff "He Who May Not Be Named Lightly"?  What epithet would you folks suggest?

Link to comment
Share on other sites

Wow! Personally I think you are over-reacting,

 

It seems you cannot accept that other people have different opinions than you. Everyone that does not agree with you is against you. And that gives you the right to start name-calling and offending people.

 

Your two "explanations"  only confirm what I initially thought: Childish.

 

I know that you will not see it that way (obviously).

 

I will be the sensible one and stop this discussion. From now on you are on my ignore / block list for this forum. But I would seriously urge you to think about your attitude.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...