[dokuwiki] Re: Anti spam brainstorming

• From: "Harry Fuecks" <hfuecks@xxxxxxxxx>
• To: dokuwiki@xxxxxxxxxxxxx
• Date: Fri, 10 Nov 2006 00:05:30 +0100

The described idea wouldn't work to well with the recent targeted
attacks. The spammer identifies the needed fields once manually, then
he configures his script with the correct field names and runs the
script with a a list of page names (obtained through google).

Yeah but if you change the hidden / visible fields every time you
display the edit form, at random, you'd force them to have to parse
the CSS. And to make that harder, you could refer to the hidden
elements in different ways, again with some randomness - sometimes to
the id, other times a class, other times CSS selectors - would force
them into needing to interpret DOM as well. Think, cleverly done, it's
a way to make it very hard work to spam, without disturbing legit
users.

Flood protection is also probably a good one - no human is likely to
edit more than 2-3 pages a minute.

At the far end of the scale - long term problem with blacklists and
stuff like bayesian filters is they can end up accumulating a lot of
bad guys, which makes filtering progressively more expensive. What
would be interesting to know is if the guy that just spammed you then
went on to spam another wiki (Dokuwiki) with the same content / links?

My theory is the guy has a list of links he wants to spam with this
week, that he's getting paid for, but next week it will be some other
links - i.e. you may not need old entries in your blacklist for long -
they could be aged out quickly. But you do need to know what's on this
weeks spam menu as quickly as possible.

So perhaps hooking up different Dokuwiki sites on the basis of trust,
via dedicated spam blacklist RSS feeds, each publishing verified
blacklists of spam they received, allowing other sites to update their
blacklists. I.e. is spammer posts link to http://buypills.com on wiki
at site X and the admin of site X spots it and "report" the spam
target URLs via RSS, wiki sites Y and Z can update their blacklists
before the spammer turns on them. Caveat is probably people shouldn't
re-publish blacklist entries they got from elsewhere.

Shot in the dark but perhaps it would provide some interesting
results, and if it's success, you might get bloggers participating as
well - a network that reacts to spam in real time.
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

• Follow-Ups:
  • [dokuwiki] Re: Anti spam brainstorming
    • From: Sander Tekelenburg

• References:
  • [dokuwiki] Anti spam brainstorming
    • From: Andreas Gohr
  • [dokuwiki] Re: Anti spam brainstorming
    • From: Daniel Mitchell
  • [dokuwiki] Re: Anti spam brainstorming
    • From: Andreas Gohr

Other related posts:

• » [dokuwiki] Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming
• » [dokuwiki] Re: Anti spam brainstorming

1. Home
2. dokuwiki
3. Archive
4. 11-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---