Can someone explain some of these new posts?

[52 Bill]

There seem to be a number of new posts from new "members" that almost make sense in English, but not quite. Is this some new form of computer generated replies that are coming in here?

I really don't understand, what is the purpose of these posts? Some of them have links, but they don't really even ask for you to click them. Does somebody get paid by the number of links that are posted to forum sites? Or is this some sort of search engine ploy to get better listing hits?

[big_teee]

There seem to be a number of new posts from new "members" that almost make sense in English, but not quite. Is this some new form of computer generated replies that are coming in here?

I really don't understand, what is the purpose of these posts? Some of them have links, but they don't really even ask for you to click them. Does somebody get paid by the number of links that are posted to forum sites? Or is this some sort of search engine ploy to get better listing hits?

Can you give an example?
Don't guess I've seen them.
T

[52 Bill]

Can you give an example?
Don't guess I've seen them.
T

Solid state amp design resources

Post 4 of this thread. Maybe Tboy deletes them before they're up for too long.

[tedmich]

once you ban robots from SS amp threads they pretty much die!

seriously though the bots get through every once in a while

[Steve A.]

There seem to be a number of new posts from new "members" that almost make sense in English, but not quite. Is this some new form of computer generated replies that are coming in here? I really don't understand, what is the purpose of these posts?

I think it is like a hacker's game to see how many forums they can fool into thinking that they are human by generating replies that fit many situations.

IMO the best way to filter out that shit is to charge a nominal fee to join AMPAGE, maybe even as low as a dollar. PayPal had made it very easy to collect small amounts. If someone really can't afford that they can send a message to staff to review their application for membership. (Current members have already been vetted so they wouldn't have to jump through that hoop.)

I know that sounds elitist but anybody can view the forums without joining if they are looking for information. But if they want to post they need to join.

Steve Ahola

P.S. Actually on second thought the policy could be for prospective members to send their request to staff for approval, with an option for immediate action if they PayPal $5 to support the site.

P.P.S. I get email notification whenever someone reports spam so it is a lot more common than many people might think. Almost always one of the mods deletes it right away along with any other posts they have made and usually blocks the IP address.

At this time we are being reactive, responding to a spam report concerning a new member or spambot. I think that we need to be proactive and prevent them from joining in the first place. Another solution might be to use a captcha to sort out the men from the boys, er, bots. (There are some captchas that are way too difficult- I like the audio alternatives which have you identify a few words in a stream of garbled nonsense.)

[Chuck H]

I'm not mean it. I see forum it's fine. Thank you for this posting. Maybe if you don't this can help.

http://www.condomdepot.com/?gclid=CI...FRIzhwodJBQ2dA

[Steve A.]

I'm not mean it. I see forum it's fine. Thank you for this posting. Maybe if you don't this can help.

Condoms - Read Condom Reviews at The Condom Depot

That is an interesting point that you bring up. <click>

[Chuck H]

You probably have a blocker for browsing. Since it's a condom link it may have sent up a flag.

[big_teee]

I think it is like a hacker's game to see how many forums they can fool into thinking that they are human by generating replies that fit many situations.

IMO the best way to filter out that shit is to charge a nominal fee to join AMPAGE, maybe even as low as a dollar. PayPal had made it very easy to collect small amounts. If someone really can't afford that they can send a message to staff to review their application for membership. (Current members have already been vetted so they wouldn't have to jump through that hoop.)

I know that sounds elitist but anybody can view the forums without joining if they are looking for information. But if they want to post they need to join.

Steve Ahola

P.S. Actually on second thought the policy could be for prospective members to send their request to staff for approval, with an option for immediate action if they PayPal $5 to support the site.

P.P.S. I get email notification whenever someone reports spam so it is a lot more common than many people might think. Almost always one of the mods deletes it right away along with any other posts they have made and usually blocks the IP address.

At this time we are being reactive, responding to a spam report concerning a new member or spambot. I think that we need to be proactive and prevent them from joining in the first place. Another solution might be to use a captcha to sort out the men from the boys, er, bots. (There are some captchas that are way too difficult- I like the audio alternatives which have you identify a few words in a stream of garbled nonsense.)

Your right it does sound elitist!
T

[Steve A.]

Your right it does sound elitist!
T

I think that we should be elitist and allow only human beings to join.
Another solution would be to prevent new members from including links in their posts until they have proven that they are not spambots, spammers or trolls.
I believe that it is a serious problem and these spambots (or jerks) could post links to very malicious sites. Even if you don't click on the link intentionally accidents do happen.

You probably have a blocker for browsing. Since it's a condom link it may have sent up a flag.

No- I have my browser set up to encourage malicious sites. The link displayed fine in my reply so it was some bug with the BBS software or Firefox. Speaking of which FF 10.0.0 and 10.0.1 were very buggy- I'd be typing away in FaceBook and then the browser would "wink" out like switching off a light. When I'd restart FF all of the windows would come right back up, usually with the contents in open text boxes intact (except for FB!)

Speaking of which Facebook has got to go! We all want an open forum where we can post and reply to topics and exchange PM's (just like FB) but without all of the bullshit. Like mining our data and selling it to the highest bidder. Although I was never a member, I heard that the WELL was a really cool forum back in the days of dial-up BBS's, and I think that we need a second generation Facebook that is more interested in its users than in making a huge profit. I can see them earning enough money from ads to pay all of the expenses and even give the owner and staff a good salary. But not make him the richest youngster in Silicon Valley. Something like the Music Electronics Forum, but expanded to include all interests.

Steve Ahola

[g-one]

Your right it does sound elitist!
T

Perhaps a new definition of "humanist" would be better here, as in "biased against non-human posters" .

[Steve A.]

Perhaps a new definition of "humanist" would be better here, as in "biased against non-human posters" .

I believe that the proper word would be "racist" as we would allow only members of the human race to join.

BTW if anyone spots anything that looks like spam please report it. This isn't like the government and we actually do follow up on spam reports.

Steve

[Enzo]

Or we can accept the fact that occasional spambots will get through and tboy will shoo them away. DO we really need to change our entire way of doing things just to service this one kind of interrupt?

Imagine someone cuts in line in front of you at the bank/store/whatever, do we then start requiring appontments, or take-a-number machines? Or do we just accept that now and then some rude asshole will assert himself?

[Steve A.]

Or we can accept the fact that occasional spambots will get through and tboy will shoo them away. DO we really need to change our entire way of doing things just to service this one kind of interrupt?

The only change I suggest would be how new members would join our forum. I threw out some ideas which certainly have their flaws (as is usually the case with brainstorming.) Perhaps we could do what many forums do and have a human being review each application. (I'll do it if no one else wants to.)

I think that things are serious when Google labels us as a Malicious Site as they did last November (although it turned out that it wasn't spambots that were at fault.) I just checked and we had 52 spam reports in the past 6 months. Not horrendously high, but IMO enough to be concerned about. Here is a link to the discussion about Google reporting us as a Malicious Site:

why does Firefox Call this a Virus Attack Site?

BTW I just tried visiting the old AMPAGE archives and got a Malicious Site warning from Firefox.

Steve Ahola

P.S. Back at the old AMPAGE forum there was a quite a controversy over the suggestion that people must register and log in to be able to post and reply. Spambots weren't the problem- it was human spammers, trolls and anonymous posters. Many people threatened to leave if registration was required. As I recall (never a good bet!) it became too much of a hassle for tboy to maintain the BBS program he had written and when it crashed the last time he let it die a natural death, with the Music Electronics Forum rising up from its ashes... and with registrations and logons that did not doom the endeavor. (BTW when tboy started writing the AMPAGE BBS software there really wasn't anything like it- it was head and shoulders above all of the other forums. But the canned BBS software finally did catch up with him.)

[tedmich]

there is a scene in "Bladerunner" where the detective has to interview the suspected android for HOURS in order to determine if they are, in fact human. A mini "Turing test " exists every time you engage a spambot, but I know of several "people" over at HC who would fail such a test regularly.

Human or not?
http://music-electronics-forum.com/s...?searchid=8389

[big_teee]

Everything in a Democracy has its Flaws, but If it Ain't Broke, Don't Fix it!!!
I say, IMHO Just Leave it alone.
B_T

[Steve A.]

Everything in a Democracy has its Flaws, but If it Ain't Broke, Don't Fix it!!!
I say, IMHO Just Leave it alone.
B_T

I respect your opinion but I believe that the site is broke. It wasn't me but one of our more vigilant members who brought up the issue. I really don't mind getting the spam reports and dealing with them (if another mod hasn't gotten to them first- which is usually the case.) But if this security breach results in someone having their computer trashed I think it is a problem. Or if it gets us listed as a Malicious Site by browsers or search engines.

there is a scene in "Bladerunner" where the detective has to interview the suspected android for HOURS in order to determine if they are, in fact human. A mini "Turing test " exists every time you engage a spambot, but I know of several "people" over at HC who would fail such a test regularly.

These spambots are not that smart. They usually give stock replies prompted by certain words scanned in posts. Asking them questions like "Why do you want to join Music Electronics Forum?" should separate the wheat from the chaff.

One of the first computer games I got for my Tandy EX-1000 was built around artificial intelligence. As I recall it was called ELIZA named after one of the first AI games which was developed in the 60's:

ELIZA - Wikipedia, the free encyclopedia

According to the Forum page we have 21,224 members of which 1,074 are active. If the powers that be eventually decide to implement some sort of vetting process for new members it shouldn't affect all of the existing members who have been vetted by the passage of time (unless there are "sleepers" ready to attack when their master gives the word. )

Steve Ahola

P.S. Hmmm... I think I may have spotted another 'bot who joined yesterday and made just one post with no spam link. Could I get a second opinion on this? (I don't mind nonhuman members unless they start posting crap links.)

I think I'm in love... with Audacity

[big_teee]

Who Knows, we may all be Spam Bots, living under a Secret Identity!
T

[Steve A.]

One of our more vigilant members- no, not a vigilante!- just reported the following post as a possible 'bot (no spam at this time)

OTL Amp

[Steve A.]

There seem to be a number of new posts from new "members" that almost make sense in English, but not quite. Is this some new form of computer generated replies that are coming in here?

I really don't understand, what is the purpose of these posts? Some of them have links, but they don't really even ask for you to click them. Does somebody get paid by the number of links that are posted to forum sites? Or is this some sort of search engine ploy to get better listing hits?

Since the original question was posted, we have gotten more of these mysterious guests. So what is their game???
On one hand it could be completely benign like a computer student/fanatic just seeing if he can program a 'bot that can join forums and start threads and post replies. In the past I would give them the benefit of the doubt since that fits in with the DIY vibe of this forum.
However on the other hand their intentions could be malicious and once they have joined and made a few innocuous posts they might deliver their payload whatever it might be. (I have a hunch that many forums are watching out for 'bots that join and immediately dump their load.)

Steve Ahola

P.S. I guess I could send a PM to both of these suspected 'bots and welcome them to the Forum.

[Enzo]

Well let's not confuse separate issues. Spambots may be annoying, but as you mentiion, they also were not at fault for the malicious site warning. SO let's not bring up the malware issue when talking about the spambots. The "security breach" of spambots is not the threat to anyone's computer. The malware is far more likely to come via those google ads striping the page tops.

SO if someone actually reviews all new applicants, how does that stop hackers? If I want to screw with your computer, all I have to do is get a free hotmail account, join up the forum, and once accepted as a real human, I could post some links to entrap the innocent, and move on to the next forum.

[Chuck H]

Yup. The last time I did it I used the screen name "Enzo".

[Steve A.]

Well let's not confuse separate issues. Spambots may be annoying, but as you mention, they also were not at fault for the malicious site warning. SO let's not bring up the malware issue when talking about the spambots. The "security breach" of spambots is not the threat to anyone's computer. The malware is far more likely to come via those google ads striping the page tops.

The fact that spambots were not responsible for the Malicious Site warning here last November does not mean they couldn't do it in the future. I suspect that malicious links have been posted here by 'bots but they were not found during two separate visits by the web spider bots scouring the internet which I believe is a requirement before a site gets the Malicious label that the search engines use, perhaps due to the vigilance of some of the members here who report spam whenever they find it.

SO if someone actually reviews all new applicants, how does that stop hackers? If I want to screw with your computer, all I have to do is get a free hotmail account, join up the forum, and once accepted as a real human, I could post some links to entrap the innocent, and move on to the next forum.

So what would be the payoff for such a hacker? It seems like a lot of trouble just to attack a small forum like ours (~21k total members but ~1000 active members.***) The point of spambots is to attack thousands of forums, the more the merrier. I think that most forums these days are using Turing tests like CAPTCHAs for member applications to help protect against spambot attacks. (I think that the payoff for malicious 'bots is to turn computers into zombies which then launch their own 'bot attacks without the user knowing it.)

Maybe I'm an alarmist but I see the Web getting more and more dangerous every day. What used to be playful pranks is now a very serious business. There are thugs out there trying to screw you up, just like wandering around the bad part of town late at night. While it may seem like I am over-reacting I think that it is better to be safe than sorry. And yes, I am not one to fight to the death defending the status quo. Don't worry- I really doubt that things will change here until a lot more people ask for them.

From the Wikipedia entry on Internet bots:

The most widely used anti-bot technique is the use of CAPTCHA, which is a type of Turing test used to distinguish between a human user and a less-sophisticated AI-powered bot, by the use of graphically encoded human-readable text.

Here is more from that page:

Malicious purposes

Another, more malicious use of bots is the coordination and operation of an automated attack on networked computers, such as a denial-of-service attack by a botnet. Internet bots can also be used to commit click fraud and more recently have seen usage around MMORPG games as computer game bots. A spambot is an internet bot that attempts to spam large amounts of content on the Internet, usually adding advertising links.

There are malicious bots (and botnets) of the following types:

* Spambots that harvest email addresses from internet forums, contact forms or guestbook pages
* Downloader programs that use up bandwidth by downloading entire web sites[citation needed]
* Web site scrapers that grab the content of web sites and re-use it without permission on automatically generated doorway pages[clarification needed]
* Viruses and worms
* DDoS attacks
* Botnets / zombie computers; etc.
* File-name modifiers on peer-to-peer file-sharing networks. These change the names of files (often containing malware) to match user search queries.
* Automating the entry of internet sweepstakes or instant win games to get an advantage
* Automating tasks on promotional web sites to win prizes
* Votebots which automatically cast votes for or againsts certain forms of user-contributed content such as videos on Youtube or reader comments on blog pages.

Steve Ahola

*** I think that most of the 20k members who are not active members joined to try to resolve a specific problem related to music and electronics. Once they got their answer (or didn't!) they probably never came back to visit or hang out.

[Steve A.]

I was just thinking that we could have an entire subforum for the various 'bots who have become members here. Let them chatter back and forth at each other to their heart's content (or should that read "to their CPU's content?") Perhaps we could label their forum the Chatterbox (Humans need not apply!)

Steve Ahola

[Chuck H]

We (human members) must be allowed to at least look though. It would be funny as hell to watch the bots prattle on and praise each others input when nothing is being said...

"I like this post. It is very accurate."

"You are right. Now I see it is easy."

"This is a smart thing to say."

"It's good to have a forum like this."

[Steve A.]

We (human members) must be allowed to at least look though. It would be funny as hell to watch the bots prattle on and praise each others input when nothing is being said...

Exactly! I think that it would be more entertaining than anything on the TV.

While having dinner tonight the perfect solution popped into my head addressing everybody's concerns in this thread, something that is completely non-invasive: we need to fight fire with fire!

Why wait for the web spiders to find crap on our site? We need our own spider bots constantly examining all of the links that are posted here. They would operate in a "sandbox" so if they did land at a malicious site it would cause no damage to the computer running the bot. I think that whenever that technology is developed it should be available to all forums at a reasonable price (if not altogether free.) I think that any member could run the bot program since it would be following the same links that we all see so its not like it would add to the burden of our fearless leader, tboy.

FWIW I have posted an image of my favorite logon screen with a very user-friendly human/bot test:



Members are logged out automatically when they leave the site but it is very easy for me to log back on, with Firefox remembering my username and password and a user friendly Turing test. I guess if the 3 languages didn't cover it there could be a drop-down box with more languages listed.

Contrast that with my health plan logon which uses oddball code and will not allow Firefox to remember the username or password which I have to type it in manually every time. Quite often it doesn't work to paste in the uname or pword work so you have to type it in. And you are logged out automatically after 20 minutes of inactivity. (The 20 clock minute would be ticking away while composing a PM to my doctor- a dialog box would pop up warning that you would be disconnected but after clicking on it your PM would disappear in the ether.) I know that our medical records need to be very private but it is harder to log on to my health plan website than it is to logon to my bank!

Steve

[Steve A.]

Is this another 'bots with no payload? I guess we could call them dudbots...

behringer ddx3216 problem help needed

The person who reported that to staff suggested that changes may have already been made to the software here which prevents new members from posting links in their signature and/or in the text of the post. That makes more sense than having hackers sending in "sleeper" bots waiting for the command to attack from their master.

Steve Ahola

[g-one]

I was wondering if maybe they were testing smilie usage. I could be completely wrong, but don't recall seeing bots using smilies before recently.

[Steve A.]

I was wondering if maybe they were testing smilie usage. I could be completely wrong, but don't recall seeing bots using smilies before recently.

Omigawd- the 'bots found my stash of Quaaludes!

[tedmich]

here's another new member who agrees with me (an obvious impossibility!)

Project guess what?

[big_teee]

here's another new member who agrees with me (an obvious impossibility!)

Project guess what?

I fully Agree With You!

[Steve A.]

Well, they do say that a broken watch gives you the correct time twice a day. At least for analog clocks- the ones with hands for you youngsters out there.

I heard from our vigilant sentry that links to alibabasomethingorother.com started showing up in the posts that our new friend had already made after which they all were deleted and the new member(s) were banned. Our vigilant sentry believes that it was a human not a bot. One possibility is that he edited his posts or his signature to include the link after a few days. Another possibility is that a software revision here does not allow for links in initial posts until a certain threshold is reached.

Steve Ahola

[dai h.]

I...am.....robospammer6000..neeberneeber

One possibility is that he edited his posts or his signature to include the link after a few days.

the sig would work wouldn't it? (since as far as I know there is a time limit on editing posts)

re: the reason (or one apparent reason) for the weird posts (at least the ones w/links) is (what I heard) is that the aim is basically for the crims to obtain CC information. The spambot links (I suppose more of them = helps to land a higher google ranking = more likely for someone to shop at such a site) lead to some harmless looking site selling some generic thing (so on the surface you might think, "Who the **** cares about selling some cheesy trinkets and making the effort to spam such products?"), the buyer inputs their CC info (maybe they aren't thinking, it's a last minute shopping thing or whatever), then...

[Steve A.]

As far as I know there is a time limit on editing posts

I didn't know that! I'm a mod so I can edit anybody's posts any time I want- a power that I never abuse no matter how much somebody pisses me off.

[Chuck H]

Yeah! Well your not going to edit this post. You don't have the vegetables!