Some ideas.... [LWN.net]

Some ideas....

Posted Jul 29, 2010 5:36 UTC (Thu) by jmorris42 (subscriber, #2203)
Parent article: On comment spam

First one must know the enemy.

The spammer is a volume guy and is cheap. He wants to spew as many copies of his ad as possible at the lowest possible cost.

So first off, any post by a subscriber can be assumed good. After all, if the spammer is willing to pay to put his ad here he could just write sales@lwn.net and if he isn't pitching something totally bogus/illegal he could just buy a real ad. This means that while in theory a spammer could post spam with paid accounts or use paid accounts to approve posts in a moderation scenario, etc. in reality it isn't likely to happen unless the spam scene drastically changes in the future.

While they really like automated tools some do pay third world labor to manually post because humans can still get past filters better than current bots. They can grind out accounts and posts and a captcha just slows them down a little bit. So what are their weaknesses? How about leverage the fact this site caters to a very specific demo? Instead of a typical captcha use a small set of multiple choice questions that anyone who should be posting here could answer but spammers would have to go google. Or display five distro mascots/logos and require matching them to their names. That would waste a lot more of their time than a typical captcha, thus encouraging them to go somewhere they can get more bang for their buck.

And again, after one or two successful ontopic posts it can be assumed that the user is legit. Again, this is a specialty site and a lowest possible labor rate third worlder (who can't graduate to outsourced call center work or something more legit) probably isn't likely to be able to make a couple of cogent posts in a place like this just to get to spew comment spam for a few hours until the account gets closed and every post they made gets rubbed out. The return on the labor is bad.

Don't try to stop the spammers. Realize you can't. What you can do is make it too expensive for most to bother. You will always get a few who try it as they figure this out.

Now know thyself (and the users). You are short on labor but have a highly technical and generally spam hostile readership. Only new accounts need to be suspected so put a spam mallet icon beside those user's posts and let the readers bang on it. Three strikes and it is out. Two posts go out and the account goes dead and after a quick moderation double check by a staffer all posts from that account go away with a single click. Add one final feature to limit how many posts a new account can make in a day and the spam problem should be under control.

Only one problem remains... the spammers who creep in and post in old threads might survive the probationary period. So just don't allow a newly created account to post in a thread over an age threshold, perhaps a month?

(Log in to post comments)

Some ideas....

Posted Jul 29, 2010 7:00 UTC (Thu) by PaulWay (✭ supporter ✭, #45600) [Link]

> The spammer is a volume guy and is cheap. He wants to spew as many copies
> of his ad as possible at the lowest possible cost.

I suspect that this, like many generalisations, is not always true. I suspect, for instance, that some companies would see the cost of buying a subscriber account as cheap compared to the cost of getting an ad placed legitimately on LWN. There are plenty of dumb comment spammers that are already blocked by the site mechanics, others that are smart enough to bypass those but get blocked by general moderation, and fewer still that are prepared to invest the time (and perhaps the money) for what they see as advertising to a select, high-reputation community.

In this regard I think LWN is already filtering out the vast majority of unwanted comments.

Sadly, it sounds like these people aren't selling a service that is in LWN's sphere of interest, so even regular advertising isn't an option to them...

FWIW I'm in favour of greylisting new accounts, and perhaps giving meta-moderator status to subscribers of high standing. A 'web of trust' element might work as well - put in your GPG key ID and if it's been signed by one of the editors (tested by decrypting a URL in a message from them) then you're in :-) (for example).

Have fun,

Paul

P.S. A friend runs a website that allows people to post comments, and if you don't have the cookie you have to supply the name of a particular celebrity known in that community. Maybe asking new posters for the surname of the inventor of Linux would be a good filter to check the knowledge credentials of the poster... :-)

Some ideas....

Posted Jul 29, 2010 10:22 UTC (Thu) by dunlapg (subscriber, #57764) [Link]

>I suspect, for instance, that some companies would see the cost of buying a
>subscriber account as cheap compared to the cost of getting an ad placed
>legitimately on LWN.

Cost of ads on LWN: 10000 views for $1. Views before a post is marked as spam (if normal users can click the "spam" button): probably 10, maybe 100 max. Say you get away with 3 before your account is canceled; that's still a whole lot less effective than just paying for advertisement.

Old threads

Posted Jul 30, 2010 13:24 UTC (Fri) by corbet (editor, #1) [Link]

Actually, spammers are quite happy to throw their crap into old threads. Much of the time, it seems that being seen by Google is all they actually care about.

Old threads

Posted Jul 30, 2010 13:45 UTC (Fri) by jzbiciak (✭ supporter ✭, #5246) [Link]

Is this part of why you limited email notifications to a month, max?

Old threads

Posted Jul 30, 2010 14:43 UTC (Fri) by ortalo (subscriber, #4654) [Link]

Have you considered simply hiding comments from Google indexing then?
That's not realistic?

Old threads

Posted Jul 30, 2010 15:07 UTC (Fri) by corbet (editor, #1) [Link]

I guess that never really crossed our minds. Comments are content too, and some of them are very much worthwhile. I'd prefer not to hide them from the net.

That said, we do put rel=nofollow onto links in comments in some situations.

LWN quiz?

Posted Jul 30, 2010 16:56 UTC (Fri) by dmarti (subscriber, #11625) [Link]

How about just making new non-subscriber comment posters answer a few basic questions?

When would you run the "make oldconfig" command?

If a manufacturer installs Linux on mobile phones and sells them, which of the following actions does the GNU GPL require?

Which of these is _not_ a Linux filesystem?

Old threads

Posted Aug 3, 2010 23:48 UTC (Tue) by PaXTeam (subscriber, #24616) [Link]

> That said, we do put rel=nofollow onto links in comments in some situations.

what we do on the grsec forums is that for 'new' users (registered for less than X days and/or posted less than Y times) we disable the rendering of the url tag (i.e., the url is rendered as plain text, and not lost). this doesn't prevent spamming but is an annoyance for those semi-automated drive-by spammers who want to lure readers to their own sites with a click of a button. and for targeted spams it's hand-to-hand combat as usual ;).

Old threads

Posted Aug 5, 2010 11:19 UTC (Thu) by yodermk (subscriber, #3803) [Link]

I was going to suggest something like that. Actually I was thinking more like banning new users posts with URLs, but close. :)

Obviously, virtually every spam message contains a URL. Most legitimate comments do not.

Preventing those with fewer than 5 legit comments from posting messages with URLs seems like a small price to pay.

Old threads

Posted Jul 30, 2010 16:45 UTC (Fri) by james (subscriber, #1325) [Link]

It would be quite in character for spammers to send out millions of spams, each containing little more than a generic tease (hard for spam filters to filter) and a link to a LWN comment.

Regular LWN readers would not be the target of the spam, except that the spammers might hope LWN-reading sysadmins would be less likely to block lwn.net and more likely to unblock it, thinking that a LWN block was a mistake by the filtering software...