User Controls

How many requests is to much?

  1. #1
    esbity African Astronaut
    If I ran a program that registered accounts on a web application(likely creating SQL entries), at what point and frequency would the admin stop my shit?

    Lets just say that the accounts contained basic info, fist name, last name, address, phone number, email, pasaword, username, maybe a couple hint questions.

    Would a throttle of one account every 10 seconds for 3 hours a day likely be noticed? That would be a little over 1000 accounts a day.

    What would the factors be? What would the best approach be?

    Would it make a difference if I made the accounts very similar(like username1, username2, username3)...would your typical admin on a large website likely notice?

    How close are the accounts being created monitored on a large well known website?

    Would you notice any of this on NIS Lamy?
  2. #2
    Glokula's Homabla African Astronaut
    creating fake facebook accounts is pretty badass dude
  3. #3
    esbity African Astronaut
    Originally posted by Glokula's Homabla creating fake facebook accounts is pretty badass dude

    Its actually not Facebook. I wont say what it is. Its likely not a huge site. Let me research and see what I can find out about it...
  4. #4
    Firekrochfatty African Astronaut
    Seriously, what's the point in multiple accounts? Trolling... ? What's the point in that, even? To me, it's just a form of internet stalking.
    The following users say it would be alright if the author of this post didn't die in a fire!
  5. #5
    aldra JIDF Controlled Opposition
    depends on how closely monitored it is

    if it's automated, I'd (as the site admin) probably set the threshold as one account per IP every 5-10 minutes. Even if you were switching IPs they'd likely notice the abnormal traffic fairly quickly.

    that heavily depends on how many resources they have and how important that application is; if it's just one person's project and they don't have an infrastructure team it depends on how well they understand security (probably not very well)
  6. #6
    SBTlauien African Astronaut
    Originally posted by Firekrochfatty Seriously, what's the point in multiple accounts? Trolling… ? What's the point in that, even? To me, it's just a form of internet stalking.

    Monetary gain.

    This particular site has had over 8 million visits in the last 6 months. NIS has had 94.74K visits. If I'm reading it all correctly. SO this site really isn't that big or popular. The company is, but people aren't really visiting the site so much.

    https://www.similarweb.com/website/niggasin.space
  7. #7
    aldra JIDF Controlled Opposition
    Originally posted by Firekrochfatty Seriously, what's the point in multiple accounts? Trolling… ? What's the point in that, even? To me, it's just a form of internet stalking.

    autism
    The following users say it would be alright if the author of this post didn't die in a fire!
  8. #8
    aldra JIDF Controlled Opposition
    did you forget which account you were logged in to
    The following users say it would be alright if the author of this post didn't die in a fire!
  9. #9
    Lanny Bird of Courage
    Yeah, like aldra said, it varies wildly depending on big the relevant website is.

    ISS doesn't have anything for automatic detection of registration spam. It wouldn't be too hard to build but the volume and nature of abuse on here has been low enough that it's easier to spend a few minutes here and there to clean up spam by logging into the DB and throwing together some SQL to mop up spam accounts than it is to make some kind of automatic monitoring or mitigation system.

    This is probably the usual mode of operation for most small and mid sized web services. Of course at some point abuse becomes enough of a problem that you can actually save money on moderation efforts by programming automatic mitigation. The general field is usually referred to as "anomaly detection" and the publications in that space are an interesting mix of garbage fluff systems papers that probably shouldn't have been published and actually interesting applied information theory/statistics.

    As for noticing it on NiS, I'd notice if someone started abusing alt accounts, and if they really pushed beyond the normal level of account registration (which is fairly low) but didn't do anything with those accounts, that'd turn up and warrant investigation when I run aggregate statistics every now and then but could go unnoticed for a while.
  10. #10
    Mewsik African Astronaut [diagonally photosensitise my summation]
    Originally posted by Lanny Yeah, like aldra said, it varies wildly depending on big the relevant website is.

    ISS doesn't have anything for automatic detection of registration spam. It wouldn't be too hard to build but the volume and nature of abuse on here has been low enough that it's easier to spend a few minutes here and there to clean up spam by logging into the DB and throwing together some SQL to mop up spam accounts than it is to make some kind of automatic monitoring or mitigation system.

    This is probably the usual mode of operation for most small and mid sized web services. Of course at some point abuse becomes enough of a problem that you can actually save money on moderation efforts by programming automatic mitigation. The general field is usually referred to as "anomaly detection" and the publications in that space are an interesting mix of garbage fluff systems papers that probably shouldn't have been published and actually interesting applied information theory/statistics.

    As for noticing it on NiS, I'd notice if someone started abusing alt accounts, and if they really pushed beyond the normal level of account registration (which is fairly low) but didn't do anything with those accounts, that'd turn up and warrant investigation when I run aggregate statistics every now and then but could go unnoticed for a while.

    Lanny I don’t know what any of this means, but can you tell if you wanted to - if a user is posting from multiple accounts if they are using different proxy thingy’s?
  11. #11
    aldra JIDF Controlled Opposition
    Originally posted by Mewsik Lanny I don’t know what any of this means, but can you tell if you wanted to - if a user is posting from multiple accounts if they are using different proxy thingy’s?

    I can usually tell just by the posting style, but since lanny has control of the site he could use browser fingerprinting among other ways to determine whether the same person is behind multiple accounts
  12. #12
    Mewsik African Astronaut [diagonally photosensitise my summation]
    Originally posted by Firekrochfatty Seriously, what's the point in multiple accounts? Trolling… ? What's the point in that, even? To me, it's just a form of internet stalking.

    I’ve often wondered this myself. Especially here, but DH as well. Personally, I think often times (at least in the case of social boards) deception and control are important elements in the users character. They most likely are self loathing and lack compassion yet crave to be accepted but never able to achieve it, by being themselves.
  13. #13
    Mewsik African Astronaut [diagonally photosensitise my summation]
    Originally posted by aldra I can usually tell just by the posting style, but since lanny has control of the site he could use browser fingerprinting among other ways to determine whether the same person is behind multiple accounts

    Is this something fairly new? This “finger printing” thing? I too am usually pretty good about recognizing alt’s, obviously if I “know” a poster well. However, it’s not a fact or science. On DH, other posters were constantly being accused of being me and others. I only know for myself, they were wrong. They posted nothing like me either. There have been a few posters over the years I can literally feel, before they post. Those are the ones usually who I have a strong dislike for, for good reason.

    So if someone masks their IP (which makes no sense to me, since isn’t most IP’s dynamic? I really suck at understanding this stuff) this finger printing program will still uncover who they are?
  14. #14
    Sudo Black Hole [my hereto riemannian peach]
    Originally posted by aldra I can usually tell just by the posting style, but since lanny has control of the site he could use browser fingerprinting among other ways to determine whether the same person is behind multiple accounts

    I'm not up on the latest techniques of it but to my understanding, at least from his perspective it would just provide circumstantial evidence (OS, date and time, flash cookies present etc.)

    probably the type of thing Australians worry about.

    btw the new issue of the economist has a good article on the successes of the Australian economy which is kind of interesting to me. Your country is also stupid easy to do fraud in
  15. #15
    the economist is NWO propaganda
  16. #16
    Sophie Pedophile Tech Support
    I just realized that if you have a bot create thousands of accounts on some website and have it mirror those accounts in a DB you keep locally you could probably scam some DB traders by selling the "unique" DB to them.
  17. #17
    esbity African Astronaut
    Originally posted by Firekrochfatty Seriously, what's the point in multiple accounts? Trolling… ? What's the point in that, even? To me, it's just a form of internet stalking.

    It's political.
  18. #18
    esbity African Astronaut
    Originally posted by Mewsik Is this something fairly new? This “finger printing” thing? I too am usually pretty good about recognizing alt’s, obviously if I “know” a poster well. However, it’s not a fact or science. On DH, other posters were constantly being accused of being me and others. I only know for myself, they were wrong. They posted nothing like me either. There have been a few posters over the years I can literally feel, before they post. Those are the ones usually who I have a strong dislike for, for good reason.

    So if someone masks their IP (which makes no sense to me, since isn’t most IP’s dynamic? I really suck at understanding this stuff) this finger printing program will still uncover who they are?

    No. It's been used for a long time. It primarily detects browser settings aside from OS architecture and screen size.

    There are programs that can detect simular writing styles. Also, the time a person posts can show similarities. Even the way a person browses a site can link accounts.
  19. #19
    esbity African Astronaut
    This site temporarily shut a service down but its back up now.
  20. #20
    Narc Naturally Camouflaged [connect my yokel-like scolytidae]
    You can bulk sell accounts on some sites, youtube and gmail for example. People into internet marketing and shit will always pay a few dollars for buying accounts by the hundreds.



    .
Jump to Top