-
Notifications
You must be signed in to change notification settings - Fork 203
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Counter spam project entries #1377
Comments
We have added a delay for logging in to new local accounts, and are working to delay activation emails. That should help. |
It appears as if our countermeasures are working. I am going to close this for now. If the issue arises again, we can revisit this issue. |
Huzzah! They were primarily your ideas. Thank you. |
It seems like there are quite a few spam entries in the database by owner KOSASIH. |
@wolfgangwalther - thanks for reporting this! It looks like KOSASIH is intentionally working to evade our automated checkers, and is making plenty of false claims. For example:
I think we should just delete all these projects' badge entries, without trying to contact the developer, as they seems clearly fraudulent. @jdossett @wolfgangwalther - any thoughts? |
+1 Probably delete / block the developer / account, too. All of the repos look the same. |
We need to be able to lock out individual users. We could trivially delete the account on our site, but then the attacker could come back on the same account. That's an easy add, since we don't need a UI for it. This is why we can't have nice things :-(. |
Here's a quick summary of current badge entries owned by KOSASIH | Name | Description | Website | License | Owner | Last achieved at | Tiered % | Badge Name Description Website License Owner Last achieved at Tiered % Badge Workspace, Marketplace, Online store, Business autobuilder system that provides payment services using bitcoin and other digital currencies. Data infrastructure connector management system System development of science education programs in the field of mathematics. Disaster auto recovery data base management system. Marketplace for new innovations in blockchain technology and Crypto currency, NFT, API's and mining technology. Digytal asset management tools Disaster Recovery dabase management system NFT marketplace that serves transactions with cryptocurrencies Miner new innovations technology API's Marketplace Mostly a graphical frontend for mining Cryptocurrency by providing a handy way to perform cryptocurrency mining using a graphical interface. NFT Marketplace which provides transactions with cryptocurrencies NFT marketplace that provides transaction services using cryptocurrencies AI project Global virtual museum NFT Marketplace Merciez Project Management |
So unless I learn of something surprising, later today I plan to run:
I really hate to edit others' entries, but we can't let clear fraud continue. I haven't investigated every project, but multiple instances of clear fraud mean we've completely lost all trust in this user & must not allow this to continue. |
Pull request #1771 will let us record blocked users (along with the rationale). We can implement enforcement later, but I want to be able to record what happened in the database. |
Unfortunately we have started to get more spam entries of projects.
We need to find ways to help automatically counter them. Anything from simple notices that adding a project will NOT help SEO (because of the way we announce links), to checking that URLs exist, to requiring repos & checking that they are actual repos. I'd like to hear ideas.
The idea is to make it harder for spammers (not impossible just more annoying), while not making it harder for legitimate projects.
The text was updated successfully, but these errors were encountered: