What's with this forum board ?

Let me start off by saying that I know exactly zero about IT issues. So let me ask my questions and those more fluent in forum board admin can teach me.

This morning when I logged in here I saw 17 pages of those spam threads all started by the same member in a very short period of time. I know this isn't new or novel. To me this morning seemed way worse than previous spam attacks on this board which prompted my starting this thread.

1) Is this board software somehow easier to exploit than others ? I'm a big time forum user for about 20 years now and this is the only one I've ever been a member of that is so frequently overwhelmed by this spam stuff. 

2) Are there no controls that can be instituted ? For instance, brand new member only gets to post one new thread per day until they've proven themselves to be a solid citizen.  Or how about, no member of any standing may start more than 5 threads in a single 24 hour period ? Or every single new member must make an introduction post about themselves and they may not post further until a moderator has read their introduction and vetted them ? Can there not be some form of gauntlet put into place to weed these spammers out ? And if not, why not ?

I'm not being hateful with these questions, I am trying to understand the system that the board administrators are working with. I like this board and simply want to be more aware of what is going on.

I agree. 

Eddie,

Your suggestions seem like good ideas. I have no particular insight, I'm just another guest here - but it appears GRM has chosen to "roll [their] own" message board software rather than use other commercially available (and stable, mature) products. I presume this is so they can control the advertising ($ to keep this going). I can't think of any other reason it'd be worth it to pay developers to build and continuously update this message board. 

Yeah...I have about 25 pages of spam here. The doors, windows and fireplace dampers were left open last night. 
I agree that some control parameters would be helpful and I can't imagine any legit human would oppose that. 

As much as I love the GRM family, there steadfast refusal to change th forum software makes me shake my head. But, it's the way they want it. And it's up to them to clean up the mess regularly.

Seems to be an especially clever bot that dumped all the canoes over the weekend.

True on the bots but thank you to the moderators that come in here every single morning and take out the trash. By 8:00 est the mess is always cleaned up. 

I'm just going to say that outsiders have little idea how heavy and unrelenting the attacks are on public websites. GRM gets the occasional leaker that's a bit annoying, but it's low consequence and they're doing pretty well if it's so infrequent. 

We've definitely made some compromises here, and one of them is a persistent focus on letting people join the conversation as quickly as possible.

Without new users, a message board dies, and we've managed to keep growing while other boards fail in part because there's no waiting period or approval to join the conversation in a thread you've just googled.

This does make it slightly easier for spammers, but fortunately we have an amazing group of moderators who do a pretty good job keeping things cleaned up.

One thing to keep in mind, too: Our site is extremely high-traffic, and our forum has great SEO. That makes it a prime target for spammers. 

In reply to Cousin_Eddie (Forum Supporter) :

There just aren't enough mods to keep an eye on it 24/7. Especially since 2 have wandered off to other places for a while. 

I still wonder what anyone expects by loading up a forum with crap. No one is going to click on it. We certainly aren't going to buy anything if we did. What's  the endgame?

Appleseed said:

I still wonder what anyone expects by loading up a forum with crap. No one is going to click on it. We certainly aren't going to buy anything if we did. What's  the endgame?

They are hoping people find their posts when they google something and click on their links.

In reply to eastsideTim :

So, they want someone to click on a link on Google that drives them to GRM?

Why?  Does that improve their ranking with Google?

How do they monetize/ capitalize on that?  

In reply to SV reX :

If they can sneak them in unnoticed, it shows history with bigger, reputable websites this is why old posts are such canoe fodder, but it works with newer stuff too. This increases their Google ranking and SEO score, while we may not be the target audience, it's also foolish to expect we're the only target. 

Think adding a kid as a user on a credit card. You've had a MasterCard since 81, you add the child you had in 2003 as a user. Their credit history is now older than they've been alive, when all you did was put their name on something. 

Similar concept, just done with bots instead of people. 

I own /run a board. I see about 30,000 hits a week. It is very small compared to what I suspect GRM is getting.  It is a monumental pain in the back side to deal with.  Hell looking at the log files when everything is going correctly is time consuming. I have been critical of some of the things GRM does and I don't always agree with the GRM collective BUT the board is managed extremely well. The balancing between keeping the board open and inviting while keeping the many destructive forces out is extremely difficult.   And yet GRM has managed to do it exceptionally well to the point that I am sure 99.9 percent of their efforts goes un noticed.   
 

I guess what I am saying is be carful what you wish for and take the time to appreciate what you have. It is so easy to criticize.  There are some really cool features on this board that I have not seen on other boards.  The big one that was a game changer for me is the drag and drop of photos in to posts or just cutting and pasting of images in to posts.   SO COOL!!!!  The other huge thing (and I was critical of it when it was implemented and now fully admit I was wrong) is the mobile interface. GRM has about the best interface on mobile devices to the point that I sometimes prefer it to the PC.   
 

Anyway enough of my ramblings. The bots suck but in the big picture GRM has done a phenomenal job with this board. 

It doesn't really matter what you do to prevent spam, the AI bots are improving just as quickly.  Limiting posts won't help because one bot can generate nearly unlimited usernames, hack the Captcha, click the verification email link, and post 50,000 spamz from different IPs in a matter of 45 seconds.  This is why the mods tell you not to interact with them or post after spam zombies.  It's interaction which helps the spammer bot.  It also doesn't do any good to tell them what a shiny happy person you think they are, because they aren't human.  It's a computer in East Analton or Buttwadshire.  

The value to them is sometimes generating traffic.  They might provide a link to a genuine site they're trying to hype or it could be fishing.  Even if they don't place a link, there is money in the data surrounding your interaction.  If User7349582 quoted the reply, it shows that user is willing to interact more (is more gullible) than if you didn't interact (no data).  Then they can sell the data point which says User7349582 is a good target.

SV reX said:

In reply to eastsideTim :

So, they want someone to click on a link on Google that drives them to GRM?

Why?  Does that improve their ranking with Google?

How do they monetize/ capitalize on that?  

Rev got it, when a site that Google "trusts" has links to another site, that shows Google that the other site can be trusted to a certain extent too.

So when a good site links to another, the other site gets some Google credit. Some people believe of you can plaster links to your own site all over the internet and Google will rank you higher for it.

Conversely, if you have the trusted site and you link to untrustworthy sites, your google site ranking goes down. So that's why it's important to remove the junk links too.

What happens behind the scenes...
The other morning, via my phone I saw the 49 spam posts from one new user.  The site developers have this now as easy as a one button hit for for anyone with limited Mod powers to use the "nuke" button.  One hit and all 49 posts go away and as well as everything that screen name has put into any existing thread.  It's really quite efficient.  

One thing changed recently, and you may not realize how good we had it...
Most of the garbage postings come from out of country and given time zones, most of these posting come in overnight while we're all asleep.  But, we had Tim living outside the US as well.  This meant that his waking hours were our sleeping hours.  Since he was living on the other side of the clock he ran the night shift for years.  By the time we woke, he had everything cleared out often with as easy as one click of a button.    

So, that then goes to the question that I have been wondering...
Do we have any members who also live on the other side of the clock who could be trusted with some limited responsibility?   

John Welsh said:

So, that then goes to the question that I have been wondering...
Do we have any members who also live on the other side of the clock who could be trusted with some limited responsibility?   

an alternative would be to have someone in the Pacific Time zone, who 'frequently' stays up until ~midnight local (which is 4am east coast; so there'd only be a 2-3hour gap).

In reply to sleepyhead the buffalo :

That's why I used the phrase, "the other side of the clock" because it too could be someone working overnights, like a night watchman, who gets some time to surf the internet.  

But, Pacific Time Zone would be great too!

ddavidv said:

As much as I love the GRM family, there steadfast refusal to change th forum software makes me shake my head. But, it's the way they want it. And it's up to them to clean up the mess regularly.

Seems to be an especially clever bot that dumped all the canoes over the weekend.

I for one absolutely love it.  Not going with the mainstream, being unique.  It's absolutely fantastic. 

Conformity breeds mediocrity.

In reply to 1988RedT2 :

So, you'd be ok if we started making wheels that were a shape other than round?

I hear you, but the flip side is that reinventing the wheel is often a waste of energy. 
 

Some things work because they work.  

Other side of the clock?

Some of us don't sleep.

I'm a night owl, so kind of a different clock, but actually in EST

My normal "clock" is to get up at 10am and go to bed at 2-3am.

Plus, do you really want to trust me with power?

This would be a good opportunity to update our instructions on how to report the spam. I'm aware that we should not reply in those threads (the old "canoe" hack), and of course don't open any links. 

What I'm currently doing is copying the user name and posting that to the canoe thread.

SV reX said:

In reply to 1988RedT2 :

So, you'd be ok if we started making wheels that were a shape other than round?

Some things work because they work.  

Not to quibble, but I hardly think that your analogy is apt.  There are many competing brands of forum software.  The fact that one of these brands has dominated the market doesn't necessarily mean that it's the best.  Certainly doesn't mean that it's the only way.  For all of our culture's talk of embracing "diversity", true intellectual diversity is often very much lacking.