As I mentioned a few weeks ago, BMG (and many other Soapblox sites) have been hit with an invasion of spammers who create accounts for the sole purpose of posting commercial links in their profiles. All evidence suggests that these are actual people, which is why devices designed to restrict signups to real people — like emailing passwords and using captchas — are ineffective at stopping them. Soapblox isn’t the only platform with this problem:
Captchas – distorted words that can be interpreted by humans more easily than by machines – tamed spam on craigslist for a while. Then it came back full force, not because the spammers had solved the difficult problem in artificial intelligence but because they had hacked an easier problem in global economics. I recently established a friendly email dialog with a young man in Dhaka, Bangladesh, who works on a 13-person team that creates craigslist spam. He fills in Captchas, creates new accounts with masked IP addresses, and posts ads all day long using text from a database provided by his employer, an anonymous spam king. The going price for a spam post on craigslist is about 50 cents, with large discounts for volume.
The onslaught of new users has continued unabated since I posted about it last month. So we’ve moved to a somewhat drastic solution, which you need to know about:
Until further notice, the automatic password generating system at BMG is disabled. If you want to create a new account, or have forgotten your password and need to reset it, you can do so by following the instructions in the email that the system will send you. We will have to generate passwords manually, so please be patient if we cannot grant you access right away.
We regret having to do this — it’s a hassle for us, and an inconvenience for you. But it is the only way we can think of to control the proliferation of spam accounts on the site. Thanks for your understanding.
One practice that has helped some development communities is to establish a trust metric system. Here are the highlights:
<
p>
<
p>This information allows a directed graph to be drawn, revealing individual spammers and efforts to take over the community through recruiting outside invaders (the latter happens more often than folks like to admit).
<
p>If an episode occurs, this graph can identify the intruders so that further action can be taken if need be.
the problem I see with BT’s suggestion is the risk of echo chamber. I like it when new people show up
out ofin to the blue, and I don’t want barriers that prevent new, productive members from joining the discussion.<
p>When two men face a lion, each man doesn’t have to outrun the lion to survive — he only has to outrun the other man. Likewise, raising the barrier to be sufficiently high so that spam goes elsewhere is all that is needed methinks.
The Editors have been playing whack-a-mole very skillfully — I have only seen actual spamposts a few times in the past few weeks… making it seem from the user perspective like this isn’t much of a problem at all.
The two times I tried to contact blue at bluemassgroup dot com (with the @ and the . in it) about spam comments, the messages bounced.
There was a brief period when the mailbox was full; otherwise, it shouldn’t be a problem.
The barrier is the need to be invited by a sponsor. I don’t know if you remember when Google launched GMail, but they used a similar approach.
<
p>When each existing member has many invites to give away, the effective barrier can be very low.
<
p>Wikis have always had this problem, there is an essential tension between the desire to attract new blood and the risk of being infected with undesirables (spammers and invaders).
<
p>Given the strongly political nature of our subject material, the ability to recognize and handle organized invasions might prove important. These do happen, though perhaps not here yet. Group A decides to target (open) Group B, and sends large numbers of Group A members to “participate” in Group B. It’s a bit like encouraging (or even paying) party crossovers during primaries to help or hinder selected opposition candidates.
the things I’ve seen on BMG have dealt with viewing NFL football online (through God knows what virus laden site link). BMG hasn’t yet been subject to the targeted attacks that Instapundit, LGF and other conservative sites have seen over the years (although I guess that is only a matter of time).
<
p>I’d just caution anyone if you see some sort of completely out of context with some sort of obtuse subject matter, don’t click.
a “hostile takeover” — being intentionally overwhelmed by “opposition” participants. The right wing attempted something along these lines against the Sierra Club a few years ago — see links here, here, and here.
<
p>The Sierra Club’s fundamental openness created the vulnerability that this hostile takeover attempted to exploit. The attempt failed, for the time being, and some members argue that the attempt was repelled because of that same openness.
<
p>Any open community — especially online communities like this — is vulnerable to this kind of attack.