aaronpk
https://github.com/aaronpk
•
Apr 1
#spam
-
I like the idea of giving the community the ability to help with this. That also happens to be the easiest thing to implement. Loqi now has a new
!kickcommand.- If you are +v (you're registered on irc-people), you can use the new
!kickcommand - You can say
!kick foobarto kick that person from the room, but only if they joined less than 5 minutes ago
- If you are +v (you're registered on irc-people), you can use the new
-
-
> When you have central control everything becomes a million times easier because you can change anything at any time. You can terminate accounts and control signups. If you don't have central control,
you have to rely exclusively on inbound filtering and have to just suck it up when spammers try to find ways around your defences. -
> All major webmail and social services force users to perform phone verification if they trip an abuse filter. This sends a random code via SMS or voice call to a phone number and verifies the user can receive it. It works because phone numbers are a resource that have a cost associated with them, yet~all users have one.
-
> Gmail was hit especially hard by this because early on Paul Buchheit (the creator) decided not to include the client IP address in email headers. This was either a win for user privacy or a blatant violation of the RFCs, depending on who you asked. It also turned Gmail into the worlds biggest anonymous remailer...
-
> The reputation system was generalised to calculate reputations over *features* of messages beyond just sending domain. A message feature can be, for example, a list of the domains found in clickable hyperlinks. Links would turn out to be a critical battleground that would be extensively fought over in the years ahead.
-
> Eventually it had to be replaced with an online system that recalculates scores on the fly. This system is a tremendously impressive piece of engineering - it's basically a global, real time peer to peer learning system. There are no masters. The filter is distributed throughout the world and can tolerate the loss of multiple datacenters.
> I don't want to think about how you'd build one of these outside a highly controlled environment, it was enough of a headache even in the proprietary/centralised setting .... -
-
Now reading https://moderncrypto.org/mail-archive/messaging/2014/000780.html to get some ideas for https://indieweb.org/spam
> I worked at Google for about 7.5 years. For about 4.5 of those I worked on the Gmail abuse team, which is very tightly linked with the spam team (they use the same software, share the same on-call rotations etc). -
"Hi Aaron, I understand you are the person that manages most of the projects for Esri." ... I'm... flattered? #spam
-
I was wondering how long it would take people to spam Google Analytics. Looks like it's happening now. http://www.ditherandbicker.com/posts/2015-01-10-rip-google-analytics.html
-
Hashcash (en.wikipedia.org)
Hashcash is a proof-of-work system designed to limit email spam and denial-of-service attacks
