I am back.

submitted by magnora7[A] from (self.SaidIt)

sorted by:
top
newinsightfulfun
you are viewing a single comment's thread.

view the rest of the comments →

[–]magnora7[S] 8 insightful - 4 fun8 insightful - 3 fun9 insightful - 4 fun -  (22 children)

Would it help to have new accounts automatically placed into "quarantine"?

Or accounts that are "suspicious".

No, because limiting user engagement from the start will inhibit growth of the site. And more importantly, the attackers often use aged accounts. They registered literally thousands of accounts many months ago. That cat is out of the bag, as far as saidit goes. So account age is not a reliable indicator for anything most of the time unfortunately.

In the case of suspected manipulators, we could even mark them as "sus".

Any manipulation marking system like this will be hijacked by the manipulators. They literally have hundreds of accounts. So they will mark people they don't like as 'sus' and the whole system will be immediately broken and maliciously hijacked.

Voat had a similar failure. They had a "protectvoat" group that was to maintain the quality of the site. That group got hijacked by attackers. They then used the power of that group to silence any normal conversation, and silence new users. This is what caused voat to become the mess it was.

I like some of your other ideas, I like that you are thinking about these problems, because they are very tough problems indeed. The voting buttons thing might be cool, but at some point there is too many buttons. I think 4-5 is the max number of buttons. And from a software perspective, adding another button would be a huge huge deal, because the whole database is written around there being exactly 2 voting options. To add a 3rd button to the saidit/reddit code, it would probably be a 100-200 hour project. And I wish that was an exaggeration.

Anyway, keep thinking... I personally think the core problem is that it's too easy to register usernames. A lot of the core issues come down to the fact one person can easily use a bot to make 1000s of accounts, and with a VPN and fake IP addresses, there is basically no way to connect those accounts as being owned by the same person. So there needs to be a way to keep it closer to 1 account per human. Most sites accomplish this now with phone numbers, or connecting through facebook, or something like that. I have thought perhaps we could do it in a way where the person has to write a 5-sentence essay on 1 of 100 topics, like "Why does war exist?" or "What's the purpose of language?" and then we see how intelligent and grammatical their responses are. This would be much harder to automate, but with GPT-3 bots getting good now even that might not be enough. And of course this would all have to be on a new site, because like I said the cat is out of the bag with saidit username registrations

[–]zyxzevn 5 insightful - 3 fun5 insightful - 2 fun6 insightful - 3 fun -  (20 children)

Thanks for this insight. And already people were fearing that some admins were hijacking reddit.

Connecting via phone-numbers can be hijacked via click-farms. But can block some activists.

Reddit uses DRM to identify browsers, which could be helpful to ID the user at registration.
You can also run a system-analysis (network-test, speed-test, mem-test, screen-size, browser-version) to see if registrations are very similar.

As a fun note, I thought of more controversial questions at the registration:
"Who really started WW1?" "What department was destroyed at the Pentagon at 9/11?"
"How fast flies a swallow?"
"What makes frog change their sex?"
"How bad is sugar for your health?"
"What makes facebook addictive?"
"What states reported voting fraud, and how much?"
"Who pays fact-checkers?"
"Why does laughing gas make a person fall asleep?"
It would be fun to have an extreme long list of questions.
And researching some of the answers would make people realize that there is more going on.
Why not use the questions to help convince attackers to stop?

[–]magnora7[S] 6 insightful - 3 fun6 insightful - 2 fun7 insightful - 3 fun -  (18 children)

You can also run a system-analysis (network-test, speed-test, mem-test, screen-size, browser-version) to see if registrations are very similar

Yes I have done this. They spoof their IP, spoof their browser and even spoof the version number of the browser. It's constantly changing for all of them with every comment and post it's a new browser, new IP, new everything, basically randomized. They've really got it down to a science. Although perhaps the randomness itself is a giveaway...

Thanks for your questions, good ideas. We just need something that is easy to do once, but very hard to do 100 times. Another option would be to have them pay $1 in some cryptocurrency to register an account. This would mean they'd have to pay me to attack the site, which upsets their whole method that is based on being able to register unlimited accounts. But it would obviously deter some real users too. But that might be a cost worth paying.

Why not use the questions to help convince attackers to stop?

Lol you might as well try telling wet paint not to dry. Not worth the effort, trust me. Plus if one does wake up and quit, they just replace that person, so this doesn't actually mitigate the attack.

[–]zyxzevn 5 insightful - 3 fun5 insightful - 2 fun6 insightful - 3 fun -  (17 children)

it's a new browser, new IP, new everything, basically randomized. They've really got it down to a science. Although perhaps the randomness itself is a giveaway...

Sounds like very organized. Maybe even military.
Certainly a well worked out procedure.
Maybe they also have 1000s of facebook /google accounts.

Speed of a calculation also randomized? (javascript/wasm) Might be harder. Also some data may be cached if they did not clear it (like site icon).

[–]magnora7[S] 9 insightful - 5 fun9 insightful - 4 fun10 insightful - 5 fun -  (16 children)

Yeah I agree it's very organized. It's known JIDF has done this sort of thing for a while, could be them. I've had run-ins with them before. They stole one of my subreddits long ago fraudulently through the redditrequest system and literally put up a JIDF flag on the sidebar after they stole it. That was like 6 years ago. Then when I started calling those people out, the reddit admins immediately banned my account for something I did 3 months prior...

This is the subreddit (which was intended to be a backup/alternate sub for /r/undelete): https://www.reddit.com/r/undeleteundelete/

They also have a wiki article: https://en.wikipedia.org/wiki/Jewish_Internet_Defense_Force

So this has been a problem for a while. Usually it was just an edge case thing though, or trolls playing around, but now it's a serious problem that affects almost all sizable forums. Our current attacks could be JIDF, could be Chinese, could be US, could be Russian, could be all 4, could be something else. Who knows. I would say JIDF and China both probably do not like some of the things posted on saidit, so they would have motive. But I really have no idea. Could just be a crazy guy in his basement who works for hire off craigslist paid by some random person that just doesn't like saidit for some reason. But it seems pretty well coordinated, especially if you include the DDOS attacks (which are STILL ongoing, like every 3rd day for literally years) so I'd guess it's at least a 3-4 person organization.

Also the DDOS attacks still occur even though they're obviously not successful, which indicates to me someone just has an automated DDOS attack botnet on a rotating schedule.

Speed of a calculation also randomized?

Cool idea but each page is always completely custom so there's no baseline metric to judge against because the filesize is always different

Also some data may be cached if they did not clear it (like site icon).

Perhaps, I'm not sure how to detect this in a way that would be useful though

[–]zyxzevn 5 insightful - 3 fun5 insightful - 2 fun6 insightful - 3 fun -  (14 children)

It sounds like JI DF to me.

With calculation I mean something like a complicated physics calculation.
In both JS and WASM.
You can also render something to the screen with JS to test the speed of their graphics.
You can combine the speed-check with a word-check (captcha). You render a noisy image of a moving&rotating word, while spheres and other objects move in the image. Easy for humans. Very hard even for AI trained for exactly this.

[–]JasonCarswell 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (4 children)

Perhaps a new idea: Make our own captcha with a 3x3 or 5x5 grid or whatever. Those 9 or 25 squares each have an image with one optical illusion or visual puzzle that has to be selected by a human.

[–]zyxzevn 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 3 fun -  (3 children)

Click the pictures related to news items that are censored in mainstream news..

Like: Student uprising China. Tower7. Fake chemical attack in Syria. Fake passports that survived 911. Palestine children being shot.
Collateral Murder, Damaging Hillary e-mail, crime statistics, rape statistics, Actual covid death statistics, Vaccine victim, etc.

[–]JasonCarswell 3 insightful - 4 fun3 insightful - 3 fun4 insightful - 4 fun -  (2 children)

I like your train of thought!
However, it has to be easy enough and not too esoteric to avoid alienating newbies and sheeple, unless we want to make a conspirophile club.

Riffing with a joke based on your premise:
Show a bunch of famous politicians, "Click on the faces of war criminals:"
Correct answer: all of them.

[–]zyxzevn 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 3 fun -  (1 child)

Order the list on how many people they got killed..

My idea might stop some foreign interference and from some agencies. But we would need to test it.
The Chinese student uprising will stop some chinese manipulators. They are not allowed to discuss some topics.
The Palestine/Israeli apartheid system problems may work a bit, but I think that exposing the warcrimes&corruption will do better. I assume that they care about their own country.
Same with US/UK agencies. Want to improve your country/agency? Why not expose some problems and corruption? Like the $90T debt that the pentagon has created according to the financial expert (Skidmore). Or the weapons and money that were given to terrorists in Iraq/Syria to prolong a devastating war.

[–][deleted] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (8 children)

fancy shit. does anyone have these moving captchas in use today?

[–]zyxzevn 4 insightful - 2 fun4 insightful - 1 fun5 insightful - 2 fun -  (0 children)

I saw it a few times. Most sites use google (google-captcha) instead.

[–]magnora7[S] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (6 children)

That's a cool idea. I could probably cook something up maybe, like 2 grids and the letters, each rotating independently, all the same color on top of each other, with some animated wavy effects distorting all that.

I found this code available, view the demo, we could modify this maybe: https://www.codeseek.co/martingrand/animated-captcha-concept-WxPZVY?lang=en

That was the only one I could find, everything else was research papers

[–][deleted] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (5 children)

Nice, I bet that would work much better than what we have in place now to stop bots and scripts and non-humans.

[–]magnora7[S] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (4 children)

Yeah I agree, I'm down to swap out our captcha with this animated one if that's an easily doable thing

[–]JasonCarswell 2 insightful - 3 fun2 insightful - 2 fun3 insightful - 3 fun -  (0 children)

I'm surprised to hear you thinking tribaly like that. Sure Zionist are at the top, but really it's about speaking truth to all power, regardless of national origin or their minions.

[–]JasonCarswell 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

Who watches the watchers?

[–]JasonCarswell 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

Don't mark the suspected. That's baseline for everyone. The bottom. Start at the top...

Mark the well known to be trusted, starting from the center, with M7. Have the trusted and known mark others. When someone trusted falters, remove their "trust" and all their "trustees". What remains is trust.

Use /s/friends, another vote, an invite only sub with a whitelist, or some new thing.

Too few buttons is dumbing down the world! Meanwhile the techno-corporatocracy is hoarding all the info. We need our own qualitative data. I have a new simple idea that can change it all but it needs coding - a lot of it. But first I'll need to illustrate and maybe animate it to convince anyone. Animated ideas and 2D pixels are easier to refine than complex architectural engineering.

The critical problem with Reddit and SaidIt is that VERY limiting 2-vote database. That's why we need to start fresh, from what I can observe.

At the very minimum, mine needs 25. Preferably 25x9 or better 25x9x9 (more than this and it's no longer simple) and then the same again on the right side for metatags. Add some scrolling and then it's almost infinite. I bet it could be used for many other purposes too. I may have shared too much and spoiled the surprise. It's not a riddle or rocket science, but IMO it's simple and elegant - yet requires a seriously flexible powerful database array behind it along with settings interfaces.

I've been pondering vote improvements since I arrived. I haven't considered the security or signup much beyond my recent friend-2-friend post. (Cloudflare bounced me right after that. First time since months ago when you adjusted it.)

I LOVE your essay idea.