Wandering Thoughts archives

2009-12-31

LookForPush

Look at your pull-based system for things that push

Here is a corollary on how push technology breeds spam: even if you have carefully built a pull based system that is thus insulated from spam, you need to carefully take a fresh look at it to see if you have any features that do (implicit) push actions that could be exploited by clever spammers. You'll probably have some push features (because they're useful for your users), in which case you need a plan for dealing with spam through them.

To be clear here, by 'push features' I do not mean things like 'invite your friends' email (that's a whole different issue); I mean any feature that lets user A put something in front of user B without user B explicitly asking for it. Internal private messaging is an obvious push feature but there are lots of others.

Twitter makes an interesting example for this. In theory Twitter is all about pull; you decide who to follow and who not to follow, and that's it. Except that there are at least two push features, and spammers exploit them both:

  • people are notified when you start following them. So you follow somebody and either hope that they'll reflexively follow you back (in which case you start spamming) or look at your profile and perhaps your website.

  • people can be notified if you reply to one of their messages (or to them in general). So, well, you reply to messages with spam or (possibly vaguely relevant) marketing messages.

Both of these features are clearly useful to real users, which is presumably why they exist, but spammers have figured out how to exploit them just as we'd expect.

LookForPush written at 01:04:10; Add Comment

2009-12-07

WhitelistsArePoison

Why whitelists (and blacklists) are long-term poison for online systems

Every so often, well intentioned people propose that we can deal with the problems of various sorts of abuse in online forums and systems by having people build whitelists or blacklists (often with some sort of automated web of trust system). While this sounds great, it's a bad idea.

One of the old lessons from Usenet is that resorting to individual whitelists or blacklists to make a forum usable is ultimately destructive to the forum itself, because it more or less totally kills off the supply of good newcomers to the forum. Newcomers to your forum have no such list, so they experience the place in its full raw and unfiltered form. Almost invariably, this has one of two effects; either the newcomer is driven away entirely by the noise and chaos, or they become corrupted by what they rationally perceive as the local culture and turn themselves into yet another one of the trolls and vandals that are adding to the noise.

(Note that it does no good to send your filter to new participants in the forum; many people will take one look at the sewer and go away without posting anything or registering or whatever.)

Usenet unfortunately not just taught this lesson but illustrated this process quite graphically. Many newsgroups followed a predictable descent into noise; various sorts of problem people started the downhill slide, current participants moved to killfiles to preserve what they could, good newcomers stopped showing up, and over time more and more of the good oldbies left without any new blood to take their place. The result has been wasteland after wasteland (and people sadly pining for the 'good old days', which may or may not have ever existed).

As a corollary, this generalizes to any scheme where you must have some magic knowledge in order to make it work, such as webs of trust in cryptography. Somehow you have to bootstrap new people with the special knowledge that they need. If you rely on lucky contact with people, many people will drop through the cracks. If you rely on a central starter seed, in practice you might as well have an entirely central system by default because that's what you're going to wind up with. (And that default central system will be just as vulnerable to capture as ever.)

So are whitelists and blacklists pointless? Not at all, of course. They are a decent way of saving what you can from an existing system that is already going to heck. But you can't pretend that they are going to save the system itself; by the time you need such lists, the overall system is probably doomed, barring some heroic measure to change the entire culture and drive the noise out.

(Depressing applications to email are left as an exercise for the reader.)

(Disclaimer: since I learned this from Usenet, it is in no way original to me.)

WhitelistsArePoison written at 00:52:45; Add Comment

(Previous month | Next month)
By day for December 2009: 7 31; before December; after December.

These are my WanderingThoughts
(About the blog)

Full index of entries
Recent comments

This is part of CSpace, and is written by ChrisSiebenmann.
Twitter: @thatcks

* * *

Categories: links, linux, programming, python, snark, solaris, spam, sysadmin, tech, unix, web

This is a DWiki.
GettingAround
(Help)

Search:
Page tools: See As Normal.
Search:
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.