Ellenor Malikcan someone help me diagnose a correct-password unauthorized problem?
stvnhas left
stvnhas joined
Steven Roosehas left
solhas left
Ellenor Malikhas left
podhas joined
Ellenor Malikhas joined
pintoseskhas left
stefanhas joined
wladmishas left
loopboomhas left
ibikkhas joined
kusonekohas left
kusonekohas joined
Huxxhas joined
Menelhas joined
lorddavidiiihas joined
some1has joined
Douglas Terabytehas left
Douglas Terabytehas joined
stvnhas left
ru_maniachas left
Licaon_Kterhas joined
openchathas joined
TMakarioshas left
TMakarioshas joined
ru_maniachas joined
solhas joined
stvnhas joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
some1has left
some1has joined
nickomemohas left
nickomemohas joined
nickomemohas left
derventiohas joined
openchathas left
openchathas joined
jayteeukhas left
jayteeukhas joined
Martinhas left
Martinhas joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
lorddavidiiihas left
raghavgururajanhas left
mjkhas joined
openchathas left
j.r (jugendhacker.de)has left
j.r (jugendhacker.de)has joined
guus.der.kinderenhas left
Menelhas left
404.cityhas joined
404.cityhas left
lorddavidiiihas joined
jayteeukhas left
jayteeukhas joined
froghas joined
derventiohas left
derventiohas joined
mehdihas left
stvnhas left
Ge0rGhas joined
j.r (jugendhacker.de)has left
stvnhas joined
j.r (jugendhacker.de)has joined
junaidhas left
86ulhas joined
junaidhas joined
rom1dephas joined
henrikhas joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
Steven Roosehas joined
abidal3has joined
junaidhas left
junaidhas joined
madmalkavhas joined
j.r (jugendhacker.de)has left
jayteeukhas left
jayteeukhas joined
nickomemohas joined
creep.imhas left
creep.imhas joined
j.r (jugendhacker.de)has joined
rom1dephas left
qnixhas left
qnixhas joined
stvnhas left
xihas left
jayteeukhas left
jayteeukhas joined
Ellenor Malikhas left
Ellenor Malikhas joined
stvnhas joined
jayteeukhas left
jayteeukhas joined
Viktor Lindberghas left
Viktor Lindberghas joined
jayteeukhas left
jayteeukhas joined
neoxhas joined
qnixhas left
stvnhas left
abidal3has left
jayteeukhas left
jayteeukhas joined
stvnhas joined
jayteeukhas left
jayteeukhas joined
ajeremiashas joined
ntuseracchas joined
lorddavidiiihas left
stvnhas left
stvnhas joined
Menelhas joined
qnixhas joined
derventiohas left
qnixhas left
ajeremiashas left
lorddavidiiihas joined
qnixhas joined
stvnhas left
stvnhas joined
pintoseskhas joined
qnixhas left
stvnhas left
patascahas joined
mehdihas joined
qnixhas joined
qnixhas left
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
loopboomhas joined
stefanhas left
loopboomhas left
loopboomhas joined
stefanhas joined
stvnhas joined
some1has left
patascahas left
stvnhas left
presprouthas left
loopboomhas left
patascahas joined
qnixhas joined
inkyhas left
mss_cyclisthas left
mss_cyclisthas joined
stvnhas joined
froghas left
some1has joined
Krishas joined
patascahas left
mehdihas left
Menelhas left
nickomemohas left
Viktor Lindberghas left
Viktor Lindberghas joined
froghas joined
lorddavidiiihas left
stevenhas joined
mimi89999https://is.gd/SyJF9o
mimi89999Is that the Jabber spam service?
mimi89999BTW, got spam from `intercoracoid@404.city`.
some1has left
mimi89999real and rare
Ge0rGmimi89999: that's a jabber spam service indeed
ntuseracchas left
mimi89999Can the operators of those servers remove their accounts or we block their servers?
mimi89999Who is the admin of 404 city?
Ge0rGhe's often here as 404city
Beherithas left
mimi89999I'm flooded with spam from that server now.
mimi89999Like one message every 10 sec
Beherithas joined
Ge0rGmimi89999: from the same account or from different ones?
patascahas joined
mimi89999Where is he?
mimi89999Same
Ge0rGmimi89999: I've pinged the admin now
tomYes there's a channel
tomA process
tomYou have to give them some time to proccess the abuse request though before they get in a blocklist
mimi89999OK. Can you link the channel/form/whatever?
kikuchiyohas left
tomWhat's that private spamfighting muc on yax.im again?
tomI got an invite ounce but forgot about it
some1has joined
lorddavidiiihas joined
Ge0rGit doesn't exist any more
tommimi89999: https://github.com/JabberSPAM
mimi89999How to quickly block a JID server level?
tomWith mod_firewall
tomOr for a specific account
tomhttps://xmpp.org/extensions/xep-0191.html
antranigvhas joined
some1has left
some1has joined
ajeremiashas joined
froghas left
mimi89999has left
patascahas left
patascahas joined
mimi89999has joined
kikuchiyohas joined
kikuchiyohas left
patascahas left
patascahas joined
some1has left
stvnhas left
stvnhas joined
some1has joined
kikuchiyohas joined
kikuchiyohas left
lorddavidiiihas left
kikuchiyohas joined
kikuchiyohas left
raghavgururajanhas joined
raghavgururajanhas left
raghavgururajanhas joined
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
some1has left
netbk.dehas left
Ge0rGhas left
patascahas left
patascahas joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
stevenhas left
jayteeukhas joined
raghavgururajanhas left
raghavgururajanhas joined
lorddavidiiihas joined
some1has joined
Ge0rGhas joined
stvnhas left
stevenhas joined
stvnhas joined
some1has left
some1has joined
kikuchiyohas joined
kikuchiyohas left
jayteeukhas left
jayteeukhas joined
xihas joined
jayteeukhas left
jayteeukhas joined
kikuchiyohas joined
kikuchiyohas left
jayteeukhas left
jayteeukhas joined
patascahas left
patascahas joined
some1has left
inkyhas joined
patascahas left
patascahas joined
kikuchiyohas joined
kikuchiyohas left
rom1dephas joined
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
some1has joined
some1has left
kikuchiyohas joined
kikuchiyohas left
solhas left
solhas joined
patascahas left
patascahas joined
rom1dephas left
froghas joined
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
some1has joined
kikuchiyohas joined
kikuchiyohas left
perflysthas joined
guus.der.kinderenhas joined
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
ajeremiashas left
alienhas left
alienhas joined
guus.der.kinderenhas left
kikuchiyohas joined
kikuchiyohas left
lorddavidiiihas left
lorddavidiiihas joined
wladmishas joined
kikuchiyohas joined
kikuchiyohas left
ntuseracchas joined
kikuchiyohas joined
kikuchiyohas left
perflysthas left
patascahas left
patascahas joined
rom1dephas joined
some1has left
kikuchiyohas joined
kikuchiyohas left
jayteeukhas left
jayteeukhas joined
froghas left
kikuchiyohas joined
kikuchiyohas left
qnixhas left
qnixhas joined
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
Viktor Lindberghas left
Viktor Lindberghas joined
patascahas left
patascahas joined
kikuchiyohas joined
Menelhas joined
kikuchiyohas left
rom1dephas left
kikuchiyohas joined
kikuchiyohas left
lorddavidiiihas left
lorddavidiiihas joined
patascahas left
patascahas joined
kikuchiyohas joined
kikuchiyohas left
henrikhas left
kikuchiyohas joined
kikuchiyohas left
nickomemohas joined
lorddavidiiihas left
henrikhas joined
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
bastoon> mimi89999: https://github.com/JabberSPAM
Should it rather contain only registered domain names (to ICANN registrars) and not sub-domains?
This might break implementations if you change the format in a hurry (and that probably will one day).
kikuchiyohas joined
kikuchiyohas left
henrikhas left
henrikhas joined
Jonnyhas left
bastoon> mimi89999: https://github.com/JabberSPAM
Shouldn't it rather contain only registered domain names (to ICANN registrars) and not sub-domains?
This might break implementations if you change the format in a hurry (and that probably will one day).
Jonnyhas joined
qnixhas left
mss_cyclisthas left
mss_cyclisthas joined
bastoon> mimi89999: https://github.com/JabberSPAM
Why this list contains FQDNs. IMO no need for sub-domains, and only disavantages.
Then if format is changed in a hurry, this may break current implementation (and that probably will one day).
patascahas left
bastoon> mimi89999: https://github.com/JabberSPAM
Why do this list contain FQDNs. IMO no need for sub-domains, only cons.
Then if format is changed in a hurry, this may break current implementation (and that probably will one day).
Martinbastoon: Because some xmppds are served on a subdomain.
kikuchiyohas joined
kikuchiyohas left
qnixhas joined
bastoonMartin: I'm sure spammers will exploit the possibility to infinite subs. Then don't think you'll ever have to consider multiple (sub) servers per names, one being ok, the other one spammer.
pintoseskhas left
bastoonMartin: I'm sure spammers will exploit the possibility to infinite subs. Then I don't think you'll ever have to consider multiple (sub) servers per names, one being ok, the other one spammer.
kikuchiyohas joined
kikuchiyohas left
bastoonMartin: I'm quite sure spammers will exploit the possibility to infinite subs. Then I don't think you'll ever have to consider multiple (sub) servers per names, one being ok, the other one spammer.
bastoonMartin: I'm quite sure spammers will exploit the possibility of infinite subs. Then I don't think you'll ever have to consider multiple (sub) servers per names, one being ok, the other one spammer.
kikuchiyohas joined
kikuchiyohas left
MartinSpammers usually use unmaintained servers with IBR and do not fire up own servers.
MartinAlso there is this case: Befor I was running my xmppd on a shared hoster. If I would not have used my own domain it would have been running at user.tucana.uberspace.de. So if I spam why should the innocent xmppd another-user.tucana.uberspace.de also be blocked?
ajeremiashas joined
bastoonBecause he could fire you from using his domain before being considered as spammer.
Just thought it would be simpler, lighter and more robust against spammer, but surely bad sides to investigate / accommodate.
kikuchiyohas joined
kikuchiyohas left
lorddavidiiihas joined
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
Menelhas left
Menelhas joined
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
patascahas joined
belovehas left
Ivan A.has left
ntuseracchas left
ntuseracchas joined
ntuseracchas left
froghas joined
ntuseracchas joined
patascahas left
patascahas joined
Martin> Because he could fire you from using his domain before being considered as spammer.
I don't understand this.
Marandahas left
Beherithas left
Marandahas joined
nickomemohas left
Beherithas joined
86ulhas left
stvnhas left
patascahas left
arne-bruenhas left
kikuchiyohas left
jayteeukhas left
jayteeukhas joined
stvnhas joined
86ulhas joined
jayteeukhas left
jayteeukhas joined
froghas left
qnixhas left
Arnehas left
kikuchiyohas joined
kikuchiyohas left
kahlbThis list even blacklists creep.im, which is one of the more popular public servers (among the gajim Standard Servers). Not a good Idea I think, it might break xmpp
raucao> it might break xmpp
how so? it merely breaks creep.im if they don't get their spam users under control
raucaothat's what a federation is for
creep.imcreep.im is a known spam server
qnixhas joined
raucao:)
Martinkahlb: The issue was that the operator was not reachable on his 0157 contacts. You'll see the history in my MR.
MartinUnfortunately we found him in here just after it got merged.
bastoon> I don't understand this.
From your example uberspace.de is still in control to allow/disallow a sub domains (on spam complaining).
patascahas joined
MartinYes, that's why you should report spammers. But blocking all operators from one domain because one is spamming is not useful.
ernst.on.tourhas left
ernst.on.tourhas joined
raucaoOperators are free to choose
Arnehas joined
arne-bruenhas joined
Ge0rGlet's block all OVH and Hetzner then?
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
mathieuioperators being unreachable while their server is used as a spam relay is a valid reason for inclusion in spam lists
kikuchiyohas joined
kikuchiyohas left
kikuchiyohas joined
kikuchiyohas left
Ge0rGmathieui: how long should one wait to determine "unrechable"?
mathieuiGe0rG, no available means of contact
mathieuiif one is available, I guess it’s up to you
kikuchiyohas joined
kikuchiyohas left
raucao> let's block all OVH and Hetzner then?
hetzner do actually block your server's network traffic if you spam their local network
kikuchiyohas joined
kikuchiyohas left
Ge0rGraucao: but hetzner isn't using xmpp internally.
raucaocomparing someone using a hetzner server to spamming the outside network with the hetzner network itself makes no sense
raucaothe xmpp spam server is not a data center
nickomemohas joined
raucaoit is a specific service running under a specific domain
Ge0rGraucao: what's your point?
raucaowhat is yours
raucaoyour comparison was a non-sequitur
jayteeukhas left
jayteeukhas joined
raucao> operators being unreachable while their server is used as a spam relay is a valid reason for inclusion in spam lists
this is the point that some people seem to disagree with, and so far there were no valid arguments against it brought forward here
kikuchiyohas joined
jayteeukhas left
kikuchiyohas left
jayteeukhas joined
qnixhas left
qnixhas joined
kikuchiyohas joined
kikuchiyohas left
Ge0rGraucao: my response was to the point about blocking all of uberspace if there are spammy servers on there.
Arnedo those spammers use some settings?
kikuchiyohas joined
kikuchiyohas left
Arnelike a special cipher for prosody
kikuchiyohas joined
kikuchiyohas left
Arneor a deprecated maybe
kikuchiyohas joined
kikuchiyohas left
Arneso we need to change all our settings ;D
Ge0rGArne: spammers register accounts on free servers.
kikuchiyohas joined
kikuchiyohas left
Ge0rGAh, it was strato who requested headers as evidence for the spam I reported.
kikuchiyohas joined
kikuchiyohas left
bastoon> let's block all OVH and Hetzner then?
OVH automatically forwards whois alias to real mails. I don't get this point.
Moreover XEP (if generalized) make the process operator independent.
nickomemohas left
raucao> raucao: my response was to the point about blocking all of uberspace if there are spammy servers on there.
sry, i didn't see that someone wanted to block all of uberspace
raucaoi thought it was in response to blocking creep.im
raucaomea culpa
Ge0rGbastoon: of the two reports I sent to OVH, one server got shot down, and for the other one I never heard back
nickomemohas joined
antranigvhas left
Ge0rGkode.im and im.koderoot.net are the #1 and #2 sources of spam for me for the last weeks.
Ge0rGcreep.im is #3. creep.im, wanna have a new list of JIDs to delete?
creep.imshoot it. you have my JID
Arnemh, maybe free inbandregistration is not really good xD
mimi89999BTW, are SPAM reports verified in any way?
mimi89999Ge0rG: Did 404 admin respond?
Ge0rGmimi89999: haven't seen them online yet
Ge0rGArne: yes, you shouldn't do it if you don't want to be a full time anti-spam admin
ArneI use my own webregistration combined with some other things
Ge0rGmimi89999: how would you verify them? I always send logs to the ISP / server admin so they can match against their own logs
antranigvhas joined
stvnhas left
creep.imI do IBR and I am only removing spam accounts by request
creep.imit's not much work
creep.imalthough this is meaningless: spammers easily create dozens of new accounts
Ge0rGcreep.im: it's only not much work if nobody reports ;)
mimi89999I used to get spam from creep.im, but I'm not getting anymore
Ge0rGhundreds.
kikuchiyohas joined
kikuchiyohas left
creep.imif you care about your users, the best bet to filter spam at the receiving side
creep.imI told you guys like a million times
nickomemohas left
Ge0rGcreep.im: you mean, each user must filter spam on their own?
creep.imbut for some reason you are afraid of captcha
creep.imnot user. server. there are plugins for that
kikuchiyohas joined
stefanhas left
Ge0rGcaptchas are bad for usability
creep.imyou only enter it once
creep.imnot a big deal for usability
Ge0rGwhat if you can't read well?
creep.imyou want to create a walled garden without spammers, introducing your custom esoteric registration systems, but his is it different from WhatsApp? it's actually less usable than WhatsApp
creep.imyou want to create a walled garden without spammers, introducing your custom esoteric registration systems, but how is it different from WhatsApp? it's actually less usable than WhatsApp
mjkGe0rG, creep.im: audio captcha is a thing, too
mimi89999creep.im: So every time I want to contact a new new account I need to fill a captcha?
Ge0rGmjk: but not in the typical xmpp captcha "solutions"
Ge0rGcreep.im: my server has IBR and no captchas
creep.imyou fight spammers, but spammers don't care. users are hurt instead
Ge0rGsame with captchas ;)
mimi89999Would be better to fill the captcha once.
mimi89999On registration
creep.imGe0rG: you have IBR with your custom esoteric filtration system, I heard about it
mjkGe0rG:
> but not in the typical xmpp captcha "solutions"
Unfortunately. I was nudging creep.im to think about it :)
creep.imGe0rG: now open source it and encourage everyone to use it
Ge0rGcreep.im: I'm doing RBL checks against dnsbl.dronebl.org with ready-made prosody modules
stvnhas joined
creep.imwrite an article about it, I don't know. a lot of people have no idea how to approach this problem
Ge0rGoh, spammers are also solving recaptcha to register bot accounts.
Licaon_KterGe0rG:
> I'm doing RBL checks against dnsbl.dronebl.org with ready-made prosody modules
That site is down?
Ge0rGLicaon_Kter: https://dronebl.org/ - the other one is the RBL address
argon3771has left
argon3771has joined
Licaon_KterOh
creep.im> creep.im: https://yaxim.org/blog/2020/05/12/new-anti-spam-measures/
great job. someone will definitely find that helpful. although not privacy-oriented operators, who want to keep legitimate Proxy/Tor users using the service
stvnhas left
Ge0rGcreep.im: legitimate Tor users can connect via Tor, join the yaxim support MUC and ask to be unblocked.
creep.imhow do you distinguish if the user is legitimate?
Ge0rGcreep.im: I don't ask questions.
creep.imalso, there may be dozens of such requests
creep.imon a day
raucaowhy would you in the first place. if they spam, the account gets blocked
raucaotor or not
Ge0rGcreep.im: I had a dozen of such requests since I made that policy
Ge0rGcreep.im: a spammer will register hundreds or thousands of accounts at the same time
creep.imhow many such requests you receive daily?
Ge0rGcreep.im: I had a dozen of such requests since I made that policy
Ge0rGthat's two per month
jayteeukhas left
jayteeukhas joined
creep.imare there a lot of daily registrations?
qnixhas left
creep.improxied and regular
jayteeukhas left
jayteeukhas joined
Ge0rG100 - 500 per month
Ge0rGI don't count the proxy registrations, I only count the ones that complain
creep.imthat's manageable
qnixhas joined
stvnhas joined
Ge0rGI also have hundreds of bot registrations sometimes, so it's hard to tell for sure
creep.imanyway, you are coming up with your own solutions to a common problem. there should be a universal ready made way of doing this. like a plugin, or a built-in fictionally right in the server(s). manual process is a no go, especially for one-man server operations
Licaon_Ktercreep.im: redo everything on Prosody then, easy :)
Ge0rGcreep.im: I've documented my way and made the tools accessible. Somebody else needs to do the same for ejabberd.
creep.imLicaon_Kter: it'll still not be automated
Ge0rGcreep.im: spammers will circumvent automated systems
creep.imsomehow I didn't get a single spam message in months...
creep.ima lot of accounts add me daily
creep.imI guess miss of them are spammers
abidal3has joined
Ge0rGI had to solve a captcha before reporting spam to you :P
creep.imyes, this is how it works
creep.immy point is that it is automated and it works
Ge0rGit's automated for you, not for the people who want to talk to you
Ge0rGwell, maybe for the spammers who can just buy captchas for 5$/1000
creep.imstill, seems like they're not doing that
creep.imI guess they just spam another servers
creep.imI guess they just spam other servers
Ge0rGcreep.im: I know that spammers are buying into IBR captchas, because you buy one, and send thousans of spam messages
Beherithas left
Beherithas joined
creep.imIBR captchas... maybe. but to be able to actually send messages, you have to solve another captcha, also you have to be added by the other party as well
creep.imonly then you are free to chat
nickomemohas joined
creep.imanyway, this is rather a temporary measure until the real solution will be available
Ge0rGthe real solution: people who don't click on spam
creep.im"temporary" could mean for next few years...
kusonekohas left
kusonekohas joined
Licaon_KterWe are well beyond years already
kusonekohas left
kusonekohas joined
lorddavidiiihas left
patascahas left
lorddavidiiihas joined
patascahas joined
ajeremiashas left
jayteeukhas left
jayteeukhas joined
kusonekohas left
kusonekohas joined
kusonekohas left
kusonekohas joined
jayteeukhas left
jayteeukhas joined
kusonekohas left
kusonekohas joined
kusonekohas left
kusonekohas joined
patascahas left
patascahas joined
kusonekohas left
kusonekohas joined
MartinThe captcha spam was the reason I could not contact creep.im
MartinI got spammed with requests to fill a captcha and did so several times. Still my messages didn't get through. That was pretty annoying and I had to block him to make his server spam me with captcha requests. That's why I contacted him t
MartinI got spammed with requests to fill a captcha and did so several times. Still my messages didn't get through. That was pretty annoying and I had to block him to make his server spam me with captcha requests. That's why I tried to contact him via email.
patascahas left
creep.imI didn't add you back immediately, that's why you've been "spammed" by captcha
creep.imbetter to spam sender with captcha, then the other way around, right?
patascahas joined
seantoddhas left
patascahas left
patascahas joined
MartinCaptchas are just the most annoying UX in spam fighting.
MartinThose block stranger modules break XMPP.
seantoddhas joined
belonghas left
xihas left
xihas joined
belonghas joined
mjkCould the invite-only model be the ultimate solution? If, by chance, a rare spammer is invited and then invites a horde of other spammers, the whole sub-tree of accounts can be efficiently truncated manually
mjkThat, of course, requires storing the data on who invited whom
arne-bruenhas left
qnixhas left
mjkThat is, basically, a social graph. A nutritious, concentrated, morsel of user data...
mjkUgh.
stevenhas left
belonghas left
arne-bruenhas joined
stvnhas left
stvnhas joined
belonghas joined
MartinInvitations are nice for family and friends servers but not for public ones.
mehdihas joined
raucaowe have closed regs and just started with invitations. but not public yet
raucaoin the future we're adding lightning network payments for signups
raucaothat way a spammer would have to pay for their account first. that makes it both harder to automate it as well as introduces a cost
raucaoi think users inviting other users is generally a good idea
raucaoobviously having to donate/pay upfront introduces friction, but then again pretty much any effective anti-spam mesure does
raucaos/mesure/measure
junaid> better to spam sender with captcha, then the other way around, right?
creep.im: hence why you dont get many spam complaints. Maybe operators choose to block the domain instead?
raucaoi think there are also many other ways to have semi-open signups where it's difficult to create many accounts and also easier to shut spammers down
ntuseracchas left
MartinThe RBL approach seems to work well for Ge0rG in reducing spam bots on yax.im.
stvnhas left
stvnhas joined
mathieuithe RBL approach prevents 99.99% of automated IBR registrations
Steven Roosehas left
Steven Roosehas joined
patascahas left
patascahas joined
bastoonOr use bitcoin approach to discourage spammers: let the user waste cpu power at registration.
bastoonOr use bitcoin approach to discourage spammers: let the user waste cpu power at registration. But indeed spammer will waste *others* cpu for their benefit ;-)
bastoonOr use bitcoin approach to discourage spammers: let the user waste cpu power at registration.
But indeed spammers will try to waste your cpu for their benefit ;-)
bastoonOr use bitcoin approach to discourage spammers: let the user waste cpu power at registration.
mjk> But indeed spammers will try to waste your cpu for their benefit ;-)
Yeah, botnets are totally immune to proof-of-work-based filtering. Actual payments, though...
j.r (jugendhacker.de)has left
lorddavidiiihas left
lorddavidiiihas joined
raucaoExactly
j.r (jugendhacker.de)has joined
Beherithas left
vu764hd68fxthas joined
Beherithas joined
froghas joined
qnixhas joined
pintoseskhas joined
ijhas left
patascahas left
patascahas joined
ernst.on.tourhas left
ijhas joined
ernst.on.tourhas joined
openchathas joined
stvnhas left
ibikkhas left
lorddavidiiihas left
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
stvnhas joined
mehdihas left
cuchas joined
thndrbvrhas left
thndrbvrhas joined
patascahas left
patascahas joined
lorddavidiiihas joined
patascahas left
patascahas joined
Beherithas left
Beherithas joined
stefanhas left
patascahas left
patascahas joined
stvnhas left
Krishas left
86ulhas left
tombastoon: that doesnt work because you need to mine a whole block to get a payout
bastoonI'm not talking about Bitcoin directly but proof of work related challenge. So can be adapted to every situation.
Beherithas left
bastoonI was just talking about Bitcoin related principle (rather said proof-of-work). So can be adapted to every situation.
bastoonI was just talking about Bitcoin related principle (rather said proof-of-work). So can be adapted to every situation.
Ex challenge: find a hash which verify sha-256(JID + random block) < X
With X given by server.
bastoonI was just talking about Bitcoin related principle (rather said proof-of-work). So can be adapted to every situation.
Ex challenge: find X which verify sha-256(JID + random X < Y
With Y given by server.
bastoonI was just talking about Bitcoin related principle (rather said proof-of-work). So can be adapted to every situation.
Ex challenge: find X which verify sha-256(JID + random X) < Y
With Y given by server.
stvnhas joined
tombastoon:
tomAll this digital methods are not very effective or degrade accessibility in my opinion
tomAnd even then
tomWell
mehdihas joined
tomIt's just a matter of how much of a skid the spammer is
tomHere's a recommendation and I want to give this to the creep.im admin too
perflysthas joined
tomIn the old days when we wanted to registered for an account on the shared UNIX system we shelled in (can be a special ssh user like registration@yourdomain.tld) and that user was redirected to a terminal forum program
stvnhas left
patascahas left
patascahas joined
tomYou entered the username and other detailed you wanted then you were given a code
tomIn order to activate your account all you had to do was mail a postcard to the sysadmin with that code written on it
tomYou can still anonymously mail letters so this doesn't hurt anonymity
tomAnd you can mail letters from anywhere in the world
tomPostcards are universal
tomIt also gives you an opportunity to build a collage and a better sense of community
tomWhen you receive the postcard you just type it into your server to lookup the reg details and activate the account
tomIf you don't get a poscard in 30 days for a code you purge the reg info
tomMost spammers don't bother when the turing test is in meatspace and costs actual money
Viktor Lindberghas left
tomNot much mind you postage and a postcard are only a few cents even worldwide postage
jayteeukhas left
jayteeukhas joined
jonas’doesn’t scale though
tomAnybody can afford to send a postcard
jonas’imagines handling 1k postcards / day
jonas’or even per week
Ellenor Malik:O
jonas’or month
jayteeukhas left
jayteeukhas joined
tomjonas’: i doubt that many reges are legit and if your that scale then geeze you would be replacing bigtech and FAANGs
tomBut
tomIf you were
tomJust replace the postcard with a printable form and buy a SCANTRON machine
tomThe same kind of machine they use for standardized tests
jonas’SCANTRON :D
raucao> bastoon: that doesnt work because you need to mine a whole block to get a payout
That's what lightning network is for
raucaoInstant cobfirmation, virtually no fee
tomThis things scale up to nationwide elections
raucaoExtra bonus with LN is that you could block a spammer's LN node, too