On 19/09/2019 16.54, Christian Imhorst wrote:
Hi,
I think this is a big issue, because if you visit connect.o.o it looks like a big mess and massive insecure. In this state you cannot want that someone should logon to this website and maybe it's a security risk.
Carlos, thank you for your cry to help. I don't think that you have any chance to fight the spam only with two people. I am willing to help but what can we do to clean connect.o.o from the spam and to make the plattform more secure? How can we seperate real users from spam bots? And how can we implement a 2FA?
We cannot leave connect.o.o in this state.
As far as I know, there is currently no spam in that platform. There are some attempts per day, but at least once a day we remove it, it just takes a few minutes. Of course, a spammer may be alive some hours. We do not remove them: instead the default action is "ban". The reasoning is that a removed user comes back, while a banned one has to create a new one with different name. Which means that their names remain visible, and some times the name itself is the spam action. You can click on those names, but no action happens. Examples: KSP Chartered Surveyors Area Dental Clinic IBC Carpentry ... But I'm worried most about real people writing private information there and spammers collecting it. If registration wouldn't be automatic, but had to be human reviewed first... Help is welcomed, but I think it is more important to replace it with something else. I do not participate in that, not my skill set. There was a thread about it months ago, and other people can fill you in on the current state of things. The basic requirement is hold a list of members, that's all. With some features. Not a friendship platform. -- Cheers / Saludos, Carlos E. R. (from openSUSE 15.1 (Legolas))