/operate/ - operate

Wrongthink operations


New Reply on thread #245
X
Max 20 files0 B total
[New Reply]

[Index] [Logs] [Banners] [Catalog]
Posting mode: Reply [Return]


thumbnail of Trump general.jpg
thumbnail of Trump general.jpg
Trump general jpg
(436.89 KB, 1869x809)
I contributed the takeaways in that screenshot. So here's the thing. Pic related is why I say I've seen this before, but that attack in 2017 wasn't as minor as it appears in the picture. It was constant, nonstop hundreds and hundreds of posts like it. There were not spinning images back then, so we hash banned the pictures pretty fast and were left with only the posts copying posts that stood out because they couldn't reference other posts correctly.

/polru/ mod apparently discovered that the crippled shit spammer gained his script from 4chan. Anyway, I was trying to suggest switching to hCaptcha in another thread but the suggestion was consumed by shit. hCaptcha uses pictures instead of letters. I doubt his script has visually trained AI capabilities.




>>372
At the moment board creation is not available. For me I get a warning first:
> CAPTCHA unavailable 

Problem with the default lynxchan style captcha is that it can be defeated easely by OCR for example. For hcaptcha or recaptcha, at least the attacker has to plug it into  a resolving service, and pay for it. So now we changing the captcha here too. Board creation will be back after we implemented the new one, right now it's only half finished.

thumbnail of 2Captcha.png
thumbnail of 2Captcha.png
2Captcha png
(116.64 KB, 379x2028)
thumbnail of Death by Captcha.png
thumbnail of Death by Captcha.png
Death by Captcha png
(60.45 KB, 847x716)
>>373
Thanks for letting us know. For solving services, I searched and found both 2Captcha and Death by Captcha. I'll label the file names for which captchas they have live losers solve, then maybe someone can find something they don't support.

Maybe audio captchas? Or some free bot detection source codes, but trial running different types so the mitigation isn't as bad as it was a few days ago. "bot mitigation source code" for the search.

Anons on another chan deterred this shitwiper by using cyrillic letters captcha. I know its not an easy option for endchan users, but still


I'll make an announcement tomorrow about how things are on endchan.org/operate, but I can reply here some.

>>374
> Thanks for letting us know.

We are doing bunch of changes because we discover new bugs, and trying to implement stuff which also creates new bugs, and we have little to no time to test it out. So things break. Not ideal, but that is the situation.
> captchas

As for captchas, it is unreasonable to expect them to stop attackers. We have some stats from recaptcha for example, how much request passed and how many failed. So for example on the 24th about 12K request passed, and about 40K failed. This means it stopped 40K tries, if I understand the context. But that also means there were over 50K tries for posting.
Same true with other mitigation efforts, such as the Proof of Work. There is a reason why it is called mitigation.
We do want different captcha, we aren't too fond of 3rd party applications. And I know quite some users neither.
Thanks for the suggestions.

>>375
That's an interesting idea, but yes it would be uncomfortable for many.

>>376
I think this or hCaptcha might work. Who's uncomfortable with finding solid icons? Anyone with gradeschool intelligence can deal with that.


>>379
Works for me. TM
What I'm thinking:
When you enable captcha do a hard reload/refresh on magra before posting. The page is cached in your browser and this way you get a fresh one form the server with the new settings.
There are a number of possibilities how to do this, all fugging browsers does it differently. Like Ctrl+F5, Shift+F5, Ctrl+Shift+R and probably others.
Could try Shift + Click Refresh.

>>380
It's not working. No captcha is appearing for [new thread] on Magrathea after hard refresh. Others are likely experiencing the same thing. One other I saw on /endchan/ outrage bunker.




>>384
Right. /nido/, /kinojo/, /test/ and /polru/. Starting to seem like it's location based whether anons can post or not. Those numbers on overboard are bad, man. Endchan wasn't a high traffic site but it's way worse now.
>>385
Yeah, it's one thing if sometimes the vast amount of 0 PPH's are there and quite another if there's 0 PPH on a ton of first page listed boards every single time.


>>387
I have spent days banning that piece of shit's proxies. My point is, usage of posting threads or replying on boards seems limited to certain regions. I know for certain I can't post even after a hard refresh. I don't know, man. I guess if nobody listens and shit continues the way it keeps going, Endchan is just dead.

>>388
Well I spent way more time than days. And some BOs/BVs even more.
Here are the facts:
- updates on the situation is on endchan/operate, it's on weekly basis
- if a board has captcha enabled, then posting on it works on Magrathea, see b, kanojo, polru, nido, and the rest of the boards, but the mentioned are the ones that get some legit traffic
- there is no restriction to certain regions, it is possible that board staff of a board issued rangebans, but then you get no error on Magrathea, no alerts for bans there
Well that's about it.

>>389
> if a board has captcha enabled, then posting on it works on Magrathea

Ah. That's the problem. I didn't realize captcha had to be enabled for all posts. As global, do you have moderation panel to do that on boards where the BOs might not understand? Because I didn't understand until now.

>>390
I can't change board settings. Occasionally in need of emergency/urgency I can take over a board switch the settings and give it back to BO. These board transfers are in the logs.
But the captcha is very easy to find in the board settings:
1. Log in on endchan.org
2. open the board settings,
3. scroll down where it says:
> Captcha mode

4. from the dropdown menu, select:
> For all posts

6. click save, just below the "captcha mode"
It is important that you log in on endchan.org, only from there you can access the full board settings. Magrathea has no features for that.


I can make posts as long as captcha is enabled, but I can not create threads. When I attempt to create a thread, with solved captcha, the post appears that it goes through but no new thread is created or appears on the board.

I also can not make any posts at all using TOR. When attempting to post through TOR, again the posts appear that they go through but evidently they do not as they do not ever show up on the board.

Is there even any point to forcing us to use magrathea at this point? Because when the change was made it did not seem to stop the spam at all. Can the new captcha not just be added to .org? Is there some other benefit to continuing to force posts through magrathea? The spam still continues. Seriously, magrathea is bugged to shit and basically unusable even beyond the spam.

>>393
You do have a point. Magrathea might only be stopping the spam because posting without captcha isn't working. The whole reason I disabled captcha and then posting didn't work is because I wanted the shit spammer to continue spamming my boards without his captcha pay service struggling. Having gone through this before, I have a stubborn determination to try to ban all his proxies on my bards (I'm not global). Not even certain that will work, as I don't know if the 2017 same attacks but different pics either left or ran out of proxies.

Coincidence that /pol/ went through the trial run of that shit faggot's script first or not? I'm going with not.

As one anon informed me at >>>/endchan/, I should tell Admins here at /operate/ that not a lot of people know about the posts without captcha being fucked. So stickies might help.

As one anon informed me at >>>/endchan/, I should tell Admins here at /operate/ that not a lot of people know about the posts without captcha being fucked. So stickies might help.



I think one of the problems is that Magrathea does not show icons for the locked threads. And ofc no popup alerts either.
It is possible that users can try posting but fail, because the thread is locked.



Endchan is down. Not sure what's up, some backend problem.

>>400
On endchan/magra? Not yet. We tried to weld recaptcha in, but did not work out.





Lessons learned: During scripted spam bot attacks - don't lock threads but ban every proxy and proceed with mass deletions.
Finding a broken thread (404 but still in the catalog) on endchan.net but posting a reply via Magrathea fixes the thread.


WT was DoS-ed again this morning (UTC). This one is sure. Perhaps it's still ongoing and WT might go down during the day.






thumbnail of wrongthink.net - [wrongthink.net].png
thumbnail of wrongthink.net - [wrongthink.net].png
wrongthink.net -... png
(34.3 KB, 1920x953)
Hello, frens. I noticed /noods/ was made. This is all I'm getting when I try to create a board though. For when it comes back, could we get some instructions on what exactly to put in the fields? Not sure if https://wrongthink.net/boardname/ goes into URi or without https://

Yeah, I think board creation is disabled.
/noods/ was made a quite back.
The URI is the identifier such as
> noods

It doesn't need the whole thing.


Post(s) action:


Moderation Help
Scope:
Duration: Days

Ban Type:


48 replies | 11 file
New Reply on thread #245
Max 20 files0 B total