Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cross-project-issues-dev] Are restrictions on Bugzilla worsethanspam?

Hi,

 

That’s very fortunate for you because real humans will be able to notice quickly when they are wasting their time and money.

 

All you have to do is add ‘rel="nofollow"’  to all external links to deprive the spammers of that sweet PageRank and that’s most of their economic incentive gone in an instant. This commit for Bug 1113630: Set window.opener to null for the URL field to prevent interaction between a remote script and the bug report shows which links should be changed, the templates are pretty much the same in Bugzilla 4 too.

 

In the unlikely event that a spammer is satisfied with just receiving a few accidental clicks you could make the links non-clickable, instead. This would leave the spammer with no incentives that I know of.

 

And of course, if your spammer is a real human capable of defeating a captcha then they can defeat manual account whitelisting too. A one-time setup cost, one randomly generated whitelisting request per day, and in 6 months they’ll have 150 whitelisted accounts ready to start spamming…

 

 

 

Sent from Mail for Windows 10

 

From: Daniel Megert
Sent: Sunday, November 13, 2016 16:28
To: Cross project issues
Subject: Re: [cross-project-issues-dev] Are restrictions on Bugzilla worsethanspam?

 

> Wasn't there is a captcha mechanism in place which prevents robots from registering accounts?

The webmaster said that the spam was not created by robots but real humans.

Dani



From:        Gunnar Wagenknecht <gunnar@xxxxxxxxxxxxxxx>
To:        Cross project issues <cross-project-issues-dev@xxxxxxxxxxx>
Date:        12.11.2016 19:03
Subject:        Re: [cross-project-issues-dev] Are restrictions on Bugzilla worse thanspam?
Sent by:        cross-project-issues-dev-bounces@xxxxxxxxxxx




I agree with Mickael that the situation is not good for an open community. Manual moderation does not scale and it is an extra wall for contributing.

Wasn't there is a captcha mechanism in place which prevents robots from registering accounts? Can we please prioritize the work to get the account sign-up fixed so that only humans can sign up?

-Gunnar

--
Gunnar Wagenknecht
gunnar@xxxxxxxxxxxxxxx, http://guw.io/






On 12 Nov 2016, at 17:49, Daniel Megert <daniel_megert@xxxxxxxxxx> wrote:

The spam wasted at least half an hour of my time every day, so "NO", the spam must not come back. NO WAY!

If you feel good about the spam I suggest you sign up as moderator for the new accounts.


Dani




From:        
Mickael Istria <mistria@xxxxxxxxxx>
To:        
Cross project issues <
cross-project-issues-dev@xxxxxxxxxxx>
Date:        
12.11.2016 17:07
Subject:        
[cross-project-issues-dev] Are restrictions on Bugzilla worse than        spam?
Sent by:        
cross-project-issues-dev-bounces@xxxxxxxxxxx




TL;DR: Bugzilla restrictions block new contributors - that's worse than spam.

Hi all,

A few weeks ago, because of a spam attack, access to bugzilla and ability to report bugs and comment on bugs for new members was restricted. New members now have to ask webmasters to be whilelisted and allowed to interact with the community.

I've got some colleague who just registered and tried to contribute and totally failed at it. The message about asking webmasters for whilelist wasn't visible enough apparently so they didn't realize it was necessary and just ended up  with an account which seem unusable to them. So I had to forward messages in their name: https://bugs.eclipse.org/bugs/show_bug.cgi?id=506244#c19
Moreover, in that case, we're speaking about someone working on week-ends and is ready to contribute on week-ends, and I don't expect webmasters to promptly react to whilelisting request on week-ends. So even if the user would have sent a mail, it could have requested days to be processed.
If I had not been there to assist my colleague in contributing, he'd just had given up. And I'm pretty sure that several other people have given up contributing since the introduction of this "ask for permission" rule.

So IMO, the current state is by far worse than having spam. It makes the community more difficult to join for new subscribers and appear more closed than it is. A lot of effort were done in the past to "reduce barriers" from users to contributors, and this Bugzilla thing goes to the opposite direction.
Can we please have spam and new contributors again? And then consider approaches that have worked for other tools to avoid spam? I don't get why
bugs.eclipse.orgwould be the only service for which reCaptcha wouldn't work...

Cheers,

--
Mickael Istria
Eclipse developer for
Red Hat Developers
My blog - My Tweets_______________________________________________
cross-project-issues-dev mailing list
cross-project-issues-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit

https://dev.eclipse.org/mailman/listinfo/cross-project-issues-dev


_______________________________________________
cross-project-issues-dev mailing list
cross-project-issues-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/cross-project-issues-dev

_______________________________________________
cross-project-issues-dev mailing list
cross-project-issues-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/cross-project-issues-dev

 

 


Back to the top