SoylentNews is people
SoylentNews
I realise that this has been an unpleasant time for many of our anonymous community members, but I can assure you that it has been necessary. I am not yet prepared to go into details but I can at least update you with our findings so far. But first we have to look at some historical data.
Anonymous Cowards (ACs) have always been - and will hopefully continue to be - welcome members of our community. There are many perfectly understandable reasons for wishing to post as AC and how you chose to live your own personal life is of no concern of this site. Equally, you are welcome to use VPNs and other security measures to protect your privacy. We take similar measures to protect all of your data so that you will not be compromised by us. These measures are effective and to the SN administration ACs appear as a single user with the user identity of #1.
We cannot treat some ACs differently from others. While we can manage to sort out your comments etc with the aid of the hashes that we produce, they change so frequently as to be useless for any purpose outside of this site. But the Administration is only concerned with what happens within this site and so this point is moot. We have no interest in the rest of the internet so IP addresses are also of no interest to us. How your comments get from wherever you are to us is irrelevant. The bottom line is that ACs can only be treated as a single account. That account is granted certain permissions or not granted those permissions and they apply to every AC interaction.
Most of our community, both logged in and AC, participate in the discussions in an reasonable manner and discuss the topic that has been outlined and any threads that resulting from it. It is true that, particularly at weekends, there is a slight increase in the number of ACs appearing but on their own they are little more than a minor irritant. There is, however, a 3rd group, consisting of ACs who sole purpose seems to be to derail any sensible discussion. Over recent years they have become more aggressive and often use personal attacks rather than challenging what is being said. Some are more obvious than others and I am sure that you can all think of examples of such people for yourself. A very small number have stated that it is their aim to prevent SoylentNews from continuing.
On 22 Jun of this year we received an implied threat (https://soylentnews.org/comments.pl?noupdate=1&sid=49894&page=1&cid=1254201) suggesting the the person making it had a target date of 6 July for some event or other. It is possible that this is related to another 'prophecy' in which this individual foretold that the site would soon be dead. We believe that we can identify the person making that threat with a reasonable degree of certainty. However, since that time the number of ad-hominem attacks has increased and we have also been subjected to increasing amounts of spam. In small amounts either or both of these things can be shrugged of, but when they come increasingly aggressive and frequent, they can make the entire experience of being in this community very unpleasant. I know that we have lost both staff and numerous community members because of this toxic atmosphere - and not, as some would have you believe, because we administer the site!
Almost all of this behaviour is conducted by a very small number of ACs and occasionally via sock-puppet accounts. As the levels of harassment increased over the last few weeks it was obvious to us that we could remove it by simply preventing AC access. This was not an easy decision to make but we knew that we could protect the majority of the site by this simple action. The result is, as you know, that we reluctantly removed anonymous access by ACs to the front page.
We are now actively looking for more permanent solutions and hopefully to exactly what we had before. I have experimented with providing stories on the front page which are AC friendly, and also in my journal. We are still looking for a better solution but unless we can separate individual ACs then I cannot see what else can be done. I would welcome your feedback and suggestions. The outcome of our decision is also our loss as you can see if you look at the numbers of comments that we are now getting compared to before the ban.
I have spent a lot of time analysing the posts, both current and historical, to try to identify the person or persons responsible for this unwanted content. I am not going to name specific individuals because I believe that you can each reach your own conclusions. By looking at both the spam and comment content, and their meta data, I have established the following.
The person spamming our site is one of our own Anonymous Cowards who is currently blocked because we have removed access for the AC account - and that block affects all ACs. He is also one of the people regularly carrying out ad hominem attacks against other community members. He will be reading everything that we post about this issue.
Unless the abuses cease everywhere on the site including in journals, ACs will remain outside of the main site except for specially released stories until we can devise a better system. For us to currently do anything different would be foolish and irresponsible in the extreme. As soon as the abuse ceases we can readmit all ACs to the main site again.
I know that this will be as much of a disappointment to you as it is to me, and you may also be thinking of leaving. I ask you not to go. Rather I would encourage you all to let the abusers know that they are not fighting for your freedom of speech ("freeze peach") but they are by their actions actively preventing your participation in our site. There is one particular post (https://soylentnews.org/comments.pl?noupdate=1&sid=50204&page=1&cid=1257692) which suggests that this is being done on behalf of all ACs and that you all stand as one behind this action. I don't believe that anybody has the right to claim that if you haven't actually agreed to it.
(Score: 0) by Anonymous Coward on Monday July 04 2022, @05:24PM (5 children)
I never said to only store the hashes temporarily or not at all. Record, use, and keep those indefinitely.
The options I was referring to was in reference to what you can possibly store/record in addition to hashes so that you can use the additional information to address/deter the specific problem cases. The additional information would only be used/looked at when relevant, otherwise, just do everything the same as before.
(Score: 2) by janrinok on Monday July 04 2022, @07:00PM (4 children)
OK, I think I am understanding some of it but.....
If somebody wants to remain anonymous so that their comments are evaluated by content rather than by username then people are already able to log in and post anonymously. If they don't trust the SN staff then why are they even joining the site? Would you use a bank if you did not trust the bank staff?
What additional information will they provide? How will that information identify somebody who might be about to abuse our system or how do we relate that information to somebody who abused the site in the past?
Who do you envisage will calculate the hash and what is it a hash of? If it is the AC then why should we trust his hash? If it is a hash of an IP, how will he know which IP address we are seeing? He will not know what TOR exit IP or might not even know the VPN IP he is using. If it cannot cope with TOR, then we need to have different procedures for different types of IPs that we might see. So it cannot be the AC who provides it.
If we calculate it (again?) then that will require a software change - well the whole thing will actually - and we cannot implement that change without a programmer. We haven't had a programmer for almost a year. But what do we gain by implementing this change? We already have to calculate a hash, and every AC logging in has to go through the security procedures that a username/password can bypass. If they want to prove who they are there is a perfectly good procedure for doing that - we call it logging in. Once inside (and verified) they can post anonymously. That system is already implemented and is being used by many community members today.
We already store both the IP hash and the subnet hash. But ACs do not connect to this site using the same IP/subnet every time they do so. Some people are changing their IP every few minutes. That is how they hope to avoid having the same hash twice. There are flaws in that logic which we can sometimes exploit but that is another discussion entirely.
I haven't used slashdot in years so I have no idea what they do - but I am still not clear exactly what you are suggesting the benefits will be or how they work.
I am tired and it has been a long weekend, so perhaps it is my problem not understanding what you are suggesting. But at the moment there are too many uncertainties for me to see how it would help resolve matters for AC posts.
(Score: 0) by Anonymous Coward on Tuesday July 05 2022, @03:52PM (3 children)
With the hostmask you can set temporary bans that are broad enough to block the person's ISP within a given region but narrow enough not to block the ISP within other regions and not to block other ISPs. Kinda like how IRC channels do (at least Efnet used to let channels do this, I haven't used it in a long time).
Of course most IRC servers do screen for things like VPNs and Tor before they even let you in. Perhaps you can have a way for screening for these things and have submitted posts made from these sources prescreened before posted.
(Score: 2) by janrinok on Tuesday July 05 2022, @05:55PM (2 children)
There is no way of proving that the AC contacting us now on a specific IP address is the same one that was 'prescreened' - whatever that term means to you. You can be "prescreened" quite easily but we call it "creating an account". And afterwards it doesn't care what IP address you have.
It sounds to me that you want the benefits of having an account without actually creating one. Nope, it's not going to happen.
If you want to connect to the site as an AC you have to go through the automatic security checks.
(Score: 0) by Anonymous Coward on Tuesday July 05 2022, @06:15PM (1 child)
I mean you prescreen the comments themselves coming from VPNs or TOR for flaimbait before you let them be posted. There are services that can determine if they are coming from tor/known VPNs.
(Score: 2) by janrinok on Wednesday July 06 2022, @04:31AM
Any rewriting of Perl code - and to change comment processing requires a lot of changes - requires a Perl programmer that we do not have.
As an aside, the title "Maybe do like slashdot" isn't very helpful unless you say what slashdot do. Most of us left that site in 2014 and haven't been back.