The Mighty Buzzard writes:
I've been hinting around about this for a week or two, so here it is. I circulated this proposal around the staff mailing list before Thanksgiving and got nobody telling me it sucks and to die in a fire, so it falls to you lot to do it if necessary. Let's be clear beforehand though. This is not a complete solution; no meta-mod consideration included for instance. Nor is it a permanent change. What it is is an experiment. Unless you lot are overwhelmingly opposed, we'll run it for a month or two and either keep it, keep parts of it, or trash it entirely based on staff and community feedback. We're not the other site and this isn't Beta; what we as a community want is what's going to happen. So, here's the deal with the bit that's likely to be most controversial right out front. Bad downmods and mod-bombing both suck hardcore but you can't really get rid of them and still have downmods even with meta-moderation because you still have the same ideologically driven few who think Troll/Flamebait/Overrated means Disagree. To that end, I converted all the downmods to +0 mods and added a proper Disagree +0 mod. They affect neither score of the comment nor karma of the commenter but will show up beside the comment score (and be subject to user adjustment from their comments preferences page) if they hold a majority vote. It'll be entirely possible, for instance, to have a +5 Troll comment and equally possible that the same comment will show as -1 Troll to someone who has Troll set to -6 in their preferences. Underrated and Overrated are also out. For Underrated, I for one would really like to know why you think it's underrated. For Overrated, it was almost exclusively used as Disagree, which we now have. Second, everyone who's been registered for a month or more gets five mod points a day. We're not getting enough mods on comments to suit the number of comments; this should have been tweaked a while back but we quite frankly just let it slip through the cracks. Also, the zero-mod system will need the extra points to reliably push comments from +5 insightful to +5 Flamebait if they warrant it. We may end up tweaking this number as necessary to find the right balance during The Experiment. Third, we're introducing a new Spam mod. As of this writing it's a -1 to comment score and a -10 to the commenter's karma; this may very well change. Sounds easily abused, yeah? Not so much. Every comment with this mod applied to it will have a link out beside the score that any staff with editor or above clearance on the main site (this excludes me by the way) can simply click to undo every aspect of the spam moderation and ban the moderator(s) who said it was from moderating. First time for a month, second time for six months; these also are arbitrary numbers that could easily change. So, what qualifies as spam so you don't inadvertently get mod-banned?
Caveats about banning aside, if something is really spam, please use the mod. It will make it much, much easier for us to find spam posts and attempt to block the spammers. One SELECT statement period vs one per post level of easier. Lastly, if I can find it and change it in time for thorough testing on dev, we'll be doing away with mod-then-post in favor of mod-and-post. Without proper downmods, there's really just no point in limiting you on when you can moderate a comment. Right, that's pretty much it. Flame or agree as the spirit moves you. Suggestions will all be read and considered but getting them debated, coded, and tested before the January release will be a bit tricky for all but the exceedingly simple ones.
As much as I hate CAPTCHAs, this is the ONLY effective way I know off to stop spambots/crapbots from autoposting here if the CAPTCHAs themselves are essentially impossible to solve algorithmically.
Show one CAPTCHA to a poster to solve and let them post additional messages without another CAPTCHA.
You can't stop spammers/crappers/griefers who use 'Mechanical Turk' methods (basically free pr0n to solve CAPTCHAs) to get past them.
To thwart that, you have have some sort of IP-based rate limiting and bring up additional CAPTCHAs when this rate is exceeded. Sadly, this will impede the users who make a lot of worthwhile posts in a short time in order to minimized the spam and crap posted here. This posting rate must be sufficiently tuned and randomized to prevent spammers/crappers/griefers from continuously posting their junk by 'flying under the radar'.
Repeated offending IP-addresses/netblocks can be blocked automatically and should only be unblocked manually via email/phone(?)/snail mail. The recieved info must contain concrete proof it came from a human being who pledges not to spam/crapflood here again. If it happens again (and again), you can charge monetary damages which MUST BE PAID in order to be unblocked. Otherwise, the IP-address/block is permabanned. A permabanned IP-address/block should only be unblocked if it can be proven that it has changed hands to a new owner. This approach will work with static IP-addresses allocated to businesses/individuals but not (so much) for dynamically allocated IP-addresses assigned by an ISP.
I can't bring myself to do that. Algorithms are better at solving captchas than I am.
As for IP/subnet-based rate limiting, we can do that but it was specifically removed as it annoyed the community more than spam did at the time. I don't think we're quite to the level of spam where it needs to go back in yet.
IP/subnet bans we really try not to hand out, especially permanently. As anyone who spent time on irc back in the 90s can attest, they are entirely too easy to circumvent and come with collateral damage.
What we do do though is if too many of an IP/subnet's posts have been downmodded recently, no I don't know the exact calculation for this on the live server, they are barred from posting again for 72 hours. I found this by being blocked from posting on my own dev VM the other day after doing a lot of moderation tests but haven't looked into it much yet. It's quite possible it's even disabled on live; you'd need to ask paulej72 or NCommander as they'd have been the ones to do it.
Another potential defense: DNS/IP moderation to thwart commercial spammers.
Find/compile/buy(?) and keep updated a DNS-name list of ALL known online payment gateways and e-commerce platforms (eBay, Amazon, Paypal, Clickbank, Gumroad, etc.) and their IP address ranges (dotted quad and uint32 formats).
When a post containing links to content containing any unwhitelisted e-commerce links is posted, it is temporarily 'hellbanned' [wikipedia.org] untill it is moderated--the poster can see but everyone else cannot until it is approved and is displayed to everybody. To cut down the moderation workload as much as possible, a 'whitelist' of approved domains/IP address ranges that contain webpages containing e-commerce links are automoderated and posted for all to see. One site that SHOULD to be whitelisted like this is Wikipedia and all its subdomains due to the fundraisers they have in order to stay online as a proven valuable internet resource:
There could be more deserving sites out there that could be added to this whitelist.
The above method will increase your bandwidth and CPU processing costs and could be gamed by griefers/'insane' marketers [e.g. use the HTTP(S) HEAD command to avoid downloading a 5+ MB 'link farm' (e-commerce mall) HTML page. ]
This method should stop for-profit spammers but won't stop the HOSTS/GNAA/ETC. griefers as those posts likely have NO e-commerce links in them to detect, moderate, and plonk. It also won't stop spammers who use B1FF [wikipedia.org] and other tricks in their posts to avoid dectection. For those, have a 'this is spam' link so the offending posts can be downmodded, analyzed, and 'programmed against' in the future.
Feel free to pass this post on to paulej72 and/or NCommander -- perhaps they can use this information to help protect Soylent News from being ruined by spammers/griefers.
P.S. Due to recent news of the takedown of THE PIRATE BAY, please maintain suitably geographically distant offsite mirror copy/copies of of Soylent News to guard against catastrophic/complete loss of this valuable online internet discussion forum. This wasn't done by one business in one of the WTC towers on 2001-09-11 as their off-site backup was in the OTHER WTC tower....