| Author |
Topic |
cpu939
Gallente
Volatile Nature
White Noise. |
Posted - 2009.08.30 15:56:00 - [ 31]
i would like to know if said post is reported can it be removed/hiden till a forum mod/dev looks at it, i know most would never click on this links but then again there are people who will not think about it. you know the people with there brain between there waist and knee |
Zartanic |
Posted - 2009.08.30 16:00:00 - [ 32]
Edited by: Zartanic on 30/08/2009 16:04:28
Back to the Ops point, I had the same issue with a few friends of mine although that was for ingame spam. Some players get really hacked off with it, I do myself, even though It would be better to ignore it. If I had not played the game before I would certainly have stopped my trial and tried one of the numerous other games out there.
When I first came to EVE a few months ago after a long break I was surprised at the ingame spam too as I'd naively assumed they would have dealt with it a long time ago as the game I was in had done so.
Add to that all the botting I saw and I just thought CCP had given up or, even worse, allowing a limited amount of it.
But now CCP have banned those accounts and are clearly trying to fight the forum spammers I'm more positive about the whole thing. Their recent dev blogs also helped a lot to give me a good picture of CCP's attitude to this and what they are doing about it.
But spam does give a very bad impression to some people. If that happens just point them to the dev blogs and other sites news about the action CCP have taken.
I just hope CCP can continue to improve in this as they will have lost subs over it for sure.
|
Erinyes Nazgul |
Posted - 2009.08.30 16:32:00 - [ 33]
 Originally by: Vardain Starhammer
Edited by: Vardain Starhammer on 30/08/2009 10:13:11
Is it really that hard to create a filter to stop anyone posting threads with the title (sexy sports anchor/ satalite watch etc...) ?
No. It is not hard. However, as soon as you ban those phrases, they will change. There is nearly an infinite number of phrases that are usable and 'allowed.' Filtering text won't stop (or even slow down) the problem. If you think a few steps past what you think is a solution, you'll see the real depth of the problem. |
Taedrin
Gallente
Kushan Industrial
|
Posted - 2009.08.30 17:16:00 - [ 34]
Originally by: Erinyes Nazgul
Originally by: Vardain Starhammer
Edited by: Vardain Starhammer on 30/08/2009 10:13:11
Is it really that hard to create a filter to stop anyone posting threads with the title (sexy sports anchor/ satalite watch etc...) ?
No. It is not hard. However, as soon as you ban those phrases, they will change. There is nearly an infinite number of phrases that are usable and 'allowed.'
Filtering text won't stop (or even slow down) the problem.
If you think a few steps past what you think is a solution, you'll see the real depth of the problem.
Why not take a heuristic approach instead of a straight filter? Have an analyzer which looks for web addresses which are SIMILAR to banned addresses instead of exact matches. Example, let's say you have a banned website which isn't allowed to be posted: "www.ISKsellingisdumb.com". Such an analyzer should be aware of various name mangling strategies that these people employ to avoid filters such as 1337-speak or white-space mangling. So not only would exact matches of the address not allow you to post, but so would "close matches" such as "www.ISK sellingisdumb.com" or "www ISKsellingisdumb.c0m" or even "www 15|<5311|N615|)uM|3dot(0m". The idea being that if the ISK seller has to mangle the name so badly to escape the filter that nobody can figure out what the website IS, then CCP can nullify the effectiveness of their advertisements. |
Zartanic |
Posted - 2009.08.30 17:56:00 - [ 35]
Edited by: Zartanic on 30/08/2009 17:58:08 Originally by: Erinyes Nazgul
Originally by: Vardain Starhammer
Edited by: Vardain Starhammer on 30/08/2009 10:13:11
Is it really that hard to create a filter to stop anyone posting threads with the title (sexy sports anchor/ satalite watch etc...) ?
No. It is not hard. However, as soon as you ban those phrases, they will change. There is nearly an infinite number of phrases that are usable and 'allowed.'
Filtering text won't stop (or even slow down) the problem.
If you think a few steps past what you think is a solution, you'll see the real depth of the problem.
Filters work. At worst they cause a major annoyance for the posters which is important as time is money for them. They do not speak English so it is not easy for them to provide a new heading, that's obvious from the terrible English they post with now. As said above filters also make the poster mangle the link. Someone would have to be very thick to make it usable. At the moment we have exactly the same posts which is stupid. There are sophisticated filters out there but CCP uses none of them except for swearing. So they have the tools already. I never ever click on any link, even from CCP, but some seem to have a habit of clicking on any crap that passes by. A filter would make that hard to do. |
Kateryne
Minmatar
Kat's Discount Weapon Emporium
NISYN Inc. |
Posted - 2009.08.30 17:59:00 - [ 36]
The spammers are using isk/stolen credit cards to buy game time in order to post ingame/on forums.
So make it so that to sell gtc both parties have to make use of a captcha - this would remove bots.
Then prevent trial accounts from posting in forums (already done i believe) and posting in local channel (really needs to happen!).
Also have an algorithm that prevents characters being created if it detects keys being pressed too quickly at the naming stage - ie spamming the keyboard to create the likes of oihsgohg or aiguobaiubaeg |
Zartanic |
Posted - 2009.08.30 18:02:00 - [ 37]
Edited by: Zartanic on 30/08/2009 18:04:23
Well yes, the trick is to make it so fiddly and time intensive to do they give up. Doing nothing is an open door.
I suspect CCP is using filters now though. Late last night every single forum had a post by some mangled name. But they were removed very quickly. That may have been manually done in block by CCP though, I don't know.
The fact many forums have only a few posts showing means there are hundreds of attacks going on all the time, we only see the few that have slipped through.
Im still amazed some are dumb enough to click on them. Its causing CCP and indirectly us a lot of money to deal with it.
|
Kiri Serrensun |
Posted - 2009.08.30 18:14:00 - [ 38]
Originally by: Jim McGregor
Or better, make it more advanced. Accounts can post, but if a user clicks the "Report" link on their post, NONE of their posts (past and future) show up in the forum anymore until a moderator has had a look at it.
Take a moment, if you will, and imagine the deluge that would come from CAOD and C&P as everyone mass-reports their enemies to shut down their forum access.  |
Bestofworst Worstofbest
Caldari
Science and Trade Institute
|
Posted - 2009.08.30 18:42:00 - [ 39]
Shouldn't there be a way or function or command for CCP to ban the account, and banning the account could automatically delete all posts under that account? Would help clean the spam up a bit if it is possible. |
Barkaial Starfinder
Minmatar
The Kairos Syndicate
Transmission Lost |
Posted - 2009.08.30 18:54:00 - [ 40]
How about a virtual keyboard at login screen?
They would need a more complex keylogger to grab passwords. |
Bestofworst Worstofbest
Caldari
Science and Trade Institute
|
Posted - 2009.08.30 19:09:00 - [ 41]
Originally by: Barkaial Starfinder
How about a virtual keyboard at login screen?
They would need a more complex keylogger to grab passwords.
Keyloggers often take Screenshots now. And Virtual keyboard still works like typing I do believe. |
Malcanis
Caldari
Vanishing Point.
The Initiative. |
Posted - 2009.08.30 20:30:00 - [ 42]
Edited by: Malcanis on 30/08/2009 20:30:03 Originally by: Saint Lazarus
Because even paying with stolen ISK or credit cards CCP is still making cash from all these spam attacks. 
Oh really? How so? Do explain how an account paid for with a stolen credit card, which payment then gets reversed and CCP charged a significant fee, is profitable. |
Barbara Nichole
Cryogenic Consultancy
Black Sun Alliance |
Posted - 2009.08.30 20:44:00 - [ 43]
Quote:
Oh really? How so? Do explain how an account paid for with a stolen credit card, which payment then gets reversed and CCP charged a significant fee, is profitable.
Obviously the damage is done and profitablilty raked from the account before the reverse is made. Also someone stealing accounts for assets would then have a shell of an account with which to post their bait once again without having to deal with credit cards at all. Once they post their crap on the forum they abandon the account. |
Erinyes Nazgul |
Posted - 2009.08.30 20:53:00 - [ 44]
Edited by: Erinyes Nazgul on 30/08/2009 21:03:34 Originally by: Zartanic
Filters work.
No they don't. Neither subject line filters nor content filers will work. Why? Because anyone can create a perfectly eve-related post and embed a link to a malicious site that is hidden behind a seemingly benign bit of text. The problem isn't the textual content. The problem is people clicking on links. To address the IP block: Sure. Start blocking known sites. Then they switch to unknown sites. The sites pushing malicious software (e.g. key loggers) are NOT called www.thisisascammingsite.com. These are regular domains that have been rooted. Bottom line: neither content filters nor IP blocks will stop this. The ONLY think that stops this is by NOT clicking on unknown links. That's 100% YOUR responsibility. |
Iria Ahrens
Amarr
Ministry of War
|
Posted - 2009.08.30 21:16:00 - [ 45]
Edited by: Iria Ahrens on 30/08/2009 21:24:59 Originally by: cpu939
i would like to know if said post is reported can it be removed/hiden till a forum mod/dev looks at it, i know most would never click on this links but then again there are people who will not think about it. you know the people with there brain between there waist and knee
that's too open to abuse. Someone like me could go down the list and report every single thread and bombard the mods with frivolous reports. Considering that new bad accounts are being made every hour, and they can be a lot more disruptive than they already are. And what the others said. Hueristics and all that, blocking, those only work until they figure out a way around it. Which only takes a few minutes of thought to bypass any filter. Just go to any forum with a language filter and you'll see all the creative ways people get around them. Same thing. |
Zeba
Minmatar
Honourable East India Trading Company
|
Posted - 2009.08.30 21:23:00 - [ 46]
Originally by: Vardain Starhammer
can we please get rid off all these stupid people who click on keylogger links?
Thread title fixed. |
Kezzle |
Posted - 2009.08.30 21:38:00 - [ 47]
Originally by: Iria Ahrens
Edited by: Iria Ahrens on 30/08/2009 21:24:59
Originally by: cpu939
i would like to know if said post is reported can it be removed/hiden till a forum mod/dev looks at it, i know most would never click on this links but then again there are people who will not think about it. you know the people with there brain between there waist and knee
that's too open to abuse. Someone like me could go down the list and report every single thread and bombard the mods with frivolous reports.
And that wouldn't get you banned, oh no. Quote:
Hueristics...only work until they figure out a way around it. Which only takes a few minutes of thought to bypass any filter.
A good heuristic filter works very well, and can be fairly low maintenance. The processor load wpuldn't be too grievous if you only had it check new topics, either. And anything would at least make the spammers try.
|
Zartanic |
Posted - 2009.08.30 22:06:00 - [ 48]
Originally by: Erinyes Nazgul
Edited by: Erinyes Nazgul on 30/08/2009 21:03:34
Originally by: Zartanic
Filters work.
No they don't.
Neither subject line filters nor content filers will work. Why? Because anyone can create a perfectly eve-related post and embed a link to a malicious site that is hidden behind a seemingly benign bit of text.
The problem isn't the textual content. The problem is people clicking on links.
To address the IP block: Sure. Start blocking known sites. Then they switch to unknown sites. The sites pushing malicious software (e.g. key loggers) are NOT called www.thisisascammingsite.com. These are regular domains that have been rooted.
Bottom line: neither content filters nor IP blocks will stop this. The ONLY think that stops this is by NOT clicking on unknown links. That's 100% YOUR responsibility.
Its making their job harder which goes a long way to reducing the problem. If I had my way I would ban all links anyway but it seems that's not an option. At least remove the direct link and only allow the actual full link to be posted as simple text. People can copy and paste if they want. I've not clicked on a forum link in years though. If its from CCP I go to the relevant page directly. If its from any other site I do the same. Most of the time I have no interest in a link anyway though. It seems some people have an addiction to clicking them all though. I agree its players responsibility. It does not stop them coming here and whining though as if its CCP's fault. The ones double hacked should be banned as they are a hazard to everyone else and fail the most basic common sense test. |
Cyprus Black
Caldari
Perkone
|
Posted - 2009.08.30 22:47:00 - [ 49]
I would not be surprised in the least if these keylogger posters were also flooding the moderators with fraudulent forum reports. |
youwantmeicantell |
Posted - 2009.08.31 00:26:00 - [ 50]
Quote:
They did already. These are PAID for accounts posting those keyloggers. I actually think it's good they are spamming the forums. It weeds out the real stupid people by infecting their PC's with virus's, gets all their stuff yanked/sold and causes them to suffer some for their stupidity, if only for a while. AC
i got hit with a keylogger last week masquarading as a wormhole calculator. i suspected it was a logger when low and behold no wh app installed after i clicked so i scanned my pc TWICE didn't find anything woke up on tuesday morning last week to find a note attached to my pc from the wife telling me not to touch the key board and log in on her pc. he got about 8bil in total from my accounts plus corp wallet both are now banned pending investigation. not all of these links are "look at boobies and get your rocks off" some of them are actually quite clever it's quite easy to say your a dumb ass don't click the links but also realise that not everyone lives their life online and are maybe not quite as switched on when it comes to pc security as "mr I live infront of my pc and have no life" over there. i felt like a right muppet when it happened to me but it did happen. I am now running what can only be described as fort knox in a box. i will hopefully get everything back that was nicked if not well then my future within new eden could be in serious doubt. |
Lifelongnoob
Caldari
The Motley Crew Reborn
Warped Aggression |
Posted - 2009.08.31 00:48:00 - [ 51]
they are paid accounts and they are funded by stealling isk of victims and buying in game plex's to activate the trial into a full account.
ccp could stop this by not allowing a trial accounts use a plex in game but instead make them have a one off payment out of game in order to convert the trial to a full account. |
Barakkus |
Posted - 2009.08.31 01:41:00 - [ 52]
Originally by: Erinyes Nazgul
Edited by: Erinyes Nazgul on 30/08/2009 21:03:34
Originally by: Zartanic
Filters work.
No they don't.
Neither subject line filters nor content filers will work. Why? Because anyone can create a perfectly eve-related post and embed a link to a malicious site that is hidden behind a seemingly benign bit of text.
The problem isn't the textual content. The problem is people clicking on links.
To address the IP block: Sure. Start blocking known sites. Then they switch to unknown sites. The sites pushing malicious software (e.g. key loggers) are NOT called www.thisisascammingsite.com. These are regular domains that have been rooted.
Bottom line: neither content filters nor IP blocks will stop this. The ONLY think that stops this is by NOT clicking on unknown links. That's 100% YOUR responsibility.
I think you'd want to design the filter to work on the actual submitted text, not what would be displayed when viewing the post ;) Prolly should just do what other games do, and some other forums, just remove the ability to hyperlink in posts and make the stupid people copy and paste the links themselves. Then they have no one to blame but themselves for sure. If you're going to go through the effort of copy and pasting an obviously stupid link (random letters and numbers for a host/domain name?), then by all means, lose your suff. |
Barakkus |
Posted - 2009.08.31 01:48:00 - [ 53]
Originally by: youwantmeicantell
Quote:
They did already. These are PAID for accounts posting those keyloggers. I actually think it's good they are spamming the forums. It weeds out the real stupid people by infecting their PC's with virus's, gets all their stuff yanked/sold and causes them to suffer some for their stupidity, if only for a while. AC
i got hit with a keylogger last week masquarading as a wormhole calculator.
i suspected it was a logger when low and behold no wh app installed after i clicked so i scanned my pc TWICE didn't find anything
woke up on tuesday morning last week to find a note attached to my pc from the wife telling me not to touch the key board and log in on her pc.
he got about 8bil in total from my accounts plus corp wallet
both are now banned pending investigation.
not all of these links are "look at boobies and get your rocks off"
some of them are actually quite clever
it's quite easy to say your a dumb ass don't click the links but also realise that not everyone lives their life online and are maybe not quite as switched on when it comes to pc security as "mr I live infront of my pc and have no life" over there.
i felt like a right muppet when it happened to me but it did happen. I am now running what can only be described as fort knox in a box.
i will hopefully get everything back that was nicked if not well then my future within new eden could be in serious doubt.
If it makes you feel any better, I ended up with this: http://www.symantec.com/security_response/writeup.jsp?docid=2009-081816-3934-99I downloaded a set of components for delphi, from a well known and heavily used website for delphi developers. Had it for 3 months before any of the AV companies even knew about it. Good thing it didn't actually do anything. Unfortunately I was testing those components at work for a project I was working on, decided not to use them, but in the process all of the apps I had compiled within the last 3 months were getting quarentined by our AV software all of a sudden, so I had to go recompile and redistribute a bunch of executables in a matter of an hour or two. Guess that's one of the downsides to opensource and free software....never know what you're going to get, even when it's from a reputable source. |
Jezebel Leroux
Gallente
The Scope
|
Posted - 2009.08.31 01:51:00 - [ 54]
Edited by: Jezebel Leroux on 31/08/2009 01:52:16Filtering based on message content is doomed to fail. The proper way that "real companies" block this garbage is: 1) Refuse connections from any web proxy "anonymizer" hosts, because these are 99% of the sources of abuse. http://perishablepress.com/press/2008/04/20/how-to-block-proxy-servers-via-htaccess/2) of the very, very small number of abusers that still come in, block the entire set of IP addresses that their provider uses. If you try to filter based on message content, it comes down to how much processing power you are willing to devote to every message, because content filters become quite large as abusers try an endless variety of mis-sellings, substituted characters, etc. |
Jezebel Leroux
Gallente
The Scope
|
Posted - 2009.08.31 01:52:00 - [ 55]
Edited by: Jezebel Leroux on 31/08/2009 01:55:06 Originally by: Zartanic
Edited by: Zartanic on 30/08/2009 18:04:23
Well yes, the trick is to make it so fiddly and time intensive to do they give up. Doing nothing is an open door.
You're assuming this is being done by hand, and a human user will be annoyed enough to give up. It's scripted, making it annoying simply means the script has to be adjusted. |
Terranid Meester
Tactical Assault and Recon Unit
|
Posted - 2009.08.31 02:13:00 - [ 56]
I suppose another way is to convert your isk into items like plex and weaponry and store them in a high sec pos and/or a container in station/space(or more secure in space).
Then you sell them to get your isk back. It does make me wish that CCP would allow us to convert our isk into gold (there used to be a gold option with other things under the journal Ref.Tupe tab) which we can then sell back to npc banks to get it all back. Then we can store it and get the same amount of isk back from where we bought it (plexes and faction items etc are party to market fluctuations).
|
Zartanic |
Posted - 2009.08.31 04:39:00 - [ 57]
Originally by: Jezebel Leroux
Edited by: Jezebel Leroux on 31/08/2009 01:55:06
Originally by: Zartanic
Edited by: Zartanic on 30/08/2009 18:04:23
Well yes, the trick is to make it so fiddly and time intensive to do they give up. Doing nothing is an open door.
You're assuming this is being done by hand, and a human user will be annoyed enough to give up. It's scripted, making it annoying simply means the script has to be adjusted.
Someone has to write those inane posts I assume. They do it very badly and its always the same posts, so cant CCP at least try?. But yes I suppose they could put in any crap and people would click it anyway. I have next to no knowledge of how filters work or how automated scripts work either. Not having hyper link would be a start though. Its encouraging this is happening as they have obviously been hurt by the macro bans. |
Bestofworst Worstofbest
Caldari
Science and Trade Institute
|
Posted - 2009.08.31 04:42:00 - [ 58]
|
Lana Torrin
Brutor Tribe
|
Posted - 2009.08.31 05:41:00 - [ 59]
Get rid of warning page that does nothing.. put captua back when for creating new threads.. This will do 2 things.. It'll **** off people a LOT less, and it'll mean people wont accidentally make new threads when trying to post a reply. |
Joe
Umbra Legion
Shadow Empire. |
Posted - 2009.08.31 08:27:00 - [ 60]
The Solution is simple, and the Tools are allready Inplace.
Recruit more Forum Moderators, In all Timezones.
Take it a Step further and allow the new Mods to Forum Ban and Ingame Chat Gag, and you'll have a Taskforce with the tools to put an end to this for good.
|
All Channels
EVE General Discussion
