Re: [gentoo-dev] [RFC] Anti-spam for goose

On Sun, 24 May 2020 13:05:35 + Peter Stuge wrote: > The bar only needs to be raised high enough. Sure. A lot of this is just "think about what could happen in the worst case imaginable". Its very unlikely our worst cases will happen. But we should at least have the ability to easily add

Re: [gentoo-dev] [RFC] Anti-spam for goose

Kent Fredric wrote: > > While services such as reCAPTCHA are (as said) massively intrusive, there > > are other, much less intrusive and even terminal-compatible ways to > > construct > > a CAPTCHA. Hello game developers, you have 80x23 "pixels" to render a puzzle > > for a human above the

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Fri, 22 May 2020 21:58:54 +0200 Michał Górny wrote: > Let's put it like this. This thing starts working. Package X is > broken, and we see that almost nobody is using it. We remove that > package. Now somebody is angry. He submits a lot of fake data to > render the service useless so

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Fri, 22 May 2020 22:13:11 + Peter Stuge wrote: > While services such as reCAPTCHA are (as said) massively intrusive, there > are other, much less intrusive and even terminal-compatible ways to construct > a CAPTCHA. Hello game developers, you have 80x23 "pixels" to render a puzzle > for a

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Fri, 22 May 2020 12:53:03 -0700 Brian Dolbec wrote: > We cannot exclude overlays which will have cat/pkg not in the main > gentoo repo. So, we should not excludea submission that includes a few > of these. They would just become irrelevant outliers to our > processesing of the data. In

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Sat, 2020-05-23 at 09:54 +0200, Fabian Groffen wrote: > On 22-05-2020 21:58:54 +0200, Michał Górny wrote: > > Let's put it like this. This thing starts working. Package X is > > broken, and we see that almost nobody is using it. We remove that > > package. Now somebody is angry. He submits

Re: [gentoo-dev] [RFC] Anti-spam for goose

On 22-05-2020 21:58:54 +0200, Michał Górny wrote: > Let's put it like this. This thing starts working. Package X is > broken, and we see that almost nobody is using it. We remove that > package. Now somebody is angry. He submits a lot of fake data to > render the service useless so that we

Re: [gentoo-dev] [RFC] Anti-spam for goose

Stop motivated attackers or keep low barrier to entry; pick any one. :) Michał Górny wrote: > CAPTCHA > == > A traditional way of dealing with spam -- require every new system > identifier to be confirmed by solving a CAPTCHA (or a few identifiers > for one CAPTCHA). > >

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Fri, May 22, 2020 at 12:53:03PM -0700, Brian Dolbec wrote: > We cannot exclude overlays which will have cat/pkg not in the main > gentoo repo. So, we should not excludea submission that includes a few > of these. To avoid this problem, even if imperfectly, it should be possible to track what

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Sat, 2020-05-23 at 07:20 +1200, Kent Fredric wrote: > On Thu, 21 May 2020 10:47:07 +0200 > Michał Górny wrote: > > > Other ideas > > === > > Do you have any other ideas on how we could resolve this? > > And a question I'd like to revisit, because nobody responded to it: > > - What

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Sat, 23 May 2020 07:20:22 +1200 Kent Fredric wrote: > On Thu, 21 May 2020 10:47:07 +0200 > Michał Górny wrote: > > > Other ideas > > === > > Do you have any other ideas on how we could resolve this? > > And a question I'd like to revisit, because nobody responded to it: > > -

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, 21 May 2020 10:47:07 +0200 Michał Górny wrote: > Other ideas > === > Do you have any other ideas on how we could resolve this? And a question I'd like to revisit, because nobody responded to it: - What are the incentives a would-be spammer has to spam this service. Services

Re: [gentoo-dev] [RFC] Anti-spam for goose

Am Fr., 22. Mai 2020 um 15:40 Uhr schrieb Gordon Pettey < petteyg...@gmail.com>: > On Fri, May 22, 2020 at 1:18 AM waebbl wrote: > >> Am Do., 21. Mai 2020 um 22:14 Uhr schrieb Viktar Patotski < >> xp.vit@gmail.com>: >> >>> I believe that we are all have forgotten about Donald Knuth:

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Fri, May 22, 2020 at 1:18 AM waebbl wrote: > Am Do., 21. Mai 2020 um 22:14 Uhr schrieb Viktar Patotski < > xp.vit@gmail.com>: > >> I believe that we are all have forgotten about Donald Knuth: Premature >> optimisation is the root of all evill. >> > I won't consider spam protection to be a

Re: [gentoo-dev] [RFC] Anti-spam for goose

Am Do., 21. Mai 2020 um 22:14 Uhr schrieb Viktar Patotski < xp.vit@gmail.com>: I believe that we are all have forgotten about Donald Knuth: Premature > optimisation is the root of all evill. > I won't consider spam protection to be a optimisation. Instead, the occurence of spam is IMO a

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Fri, 2020-05-22 at 06:42 +0200, Michał Górny wrote: > On Thu, 2020-05-21 at 22:13 +0200, Viktar Patotski wrote: > > We don't have "spam" yet, but we are already trying to protect. There might > > be cases when some systems will be posting stats more often than we want, > > but probably that

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, 2020-05-21 at 22:13 +0200, Viktar Patotski wrote: > We don't have "spam" yet, but we are already trying to protect. There might > be cases when some systems will be posting stats more often than we want, > but probably that will not harm us. Or this will be done by our main users > who

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, 2020-05-21 at 22:07 +0200, Toralf Förster wrote: > On 5/21/20 11:43 AM, Michał Górny wrote: > > On Thu, 2020-05-21 at 11:17 +0200, Toralf Förster wrote: > > > On 5/21/20 10:47 AM, Michał Górny wrote: > > > > TL;DR: I'm looking for opinions on how to protect goose from spam, > > > > i.e.

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, May 21, 2020 at 1:13 PM Viktar Patotski wrote: > Hi all, > > I believe that we are all have forgotten about Donald Knuth: Premature > optimisation is the root of all evill. > > We don't have "spam" yet, but we are already trying to protect. There > might be cases when some systems will

Re: [gentoo-dev] [RFC] Anti-spam for goose

Hi all, I believe that we are all have forgotten about Donald Knuth: Premature optimisation is the root of all evill. We don't have "spam" yet, but we are already trying to protect. There might be cases when some systems will be posting stats more often than we want, but probably that will not

Re: [gentoo-dev] [RFC] Anti-spam for goose

On 5/21/20 11:43 AM, Michał Górny wrote: > On Thu, 2020-05-21 at 11:17 +0200, Toralf Förster wrote: >> On 5/21/20 10:47 AM, Michał Górny wrote: >>> TL;DR: I'm looking for opinions on how to protect goose from spam, >>> i.e. mass fake submissions. >>> >> >> I'd combine IP-limits with proof-of-work.

Re: [gentoo-dev] [RFC] Anti-spam for goose

Hi Michał, On 2020/05/21 13:02, Michał Górny wrote: > On Thu, 2020-05-21 at 12:45 +0200, Jaco Kroon wrote: >> Even for v4, as an attacker ... well, as I'm sitting here right now I've >> got direct access to almost a /20 (4096 addresses). I know a number of >> people with larger scopes than that.

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Fri, 2020-05-22 at 01:09 +1200, Kent Fredric wrote: > On Thu, 21 May 2020 14:25:00 +0200 > Ulrich Mueller wrote: > > > That's why I said salted hash. > > Even a salted hash becomes a trivial joke when the input data you're > hashing has a *total* entropy of only 32bits. > If anyone cares

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Fri, 22 May 2020 01:38:02 +1200 Kent Fredric wrote: > So instead of the ID being generated locally, you'd send a request > asking for an ID, it would send you the challenge math, you'd send the > answer, and then you'd get your ID. Additionally, you could even allow the client to pass a

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, 21 May 2020 15:16:12 +0200 Michał Górny wrote: > Isn't the whole point of salted hash to use unique salts? You'd thinik so, but I've seen too many piece of code where the salt was a hardcoded string right there in the hash generation. md5sum( "SeKrIt\0" + pass ) So I've learned to

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, 21 May 2020 10:47:07 +0200 Michał Górny wrote: > An alternative of using a proof-of-work algorithm was suggested to me > yesterday. The idea is that every submission has to be accompanied with > the result of some cumbersome calculation that can't be trivially run > in parallel or

Re: [gentoo-dev] [RFC] Anti-spam for goose

Require browser-based interaction to use the service. Do something funky with AJAX so the page can't be properly used with curl or anything so that manual effort is required to get the UUID to submit as. Only allow registered UUIDs, and only allow one submission per day per UUID. Sure, somebody

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Fri, 2020-05-22 at 01:09 +1200, Kent Fredric wrote: > On Thu, 21 May 2020 14:25:00 +0200 > Ulrich Mueller wrote: > > > That's why I said salted hash. > > Even a salted hash becomes a trivial joke when the input data you're > hashing has a *total* entropy of only 32bits. > > You at very

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, 21 May 2020 14:25:00 +0200 Ulrich Mueller wrote: > That's why I said salted hash. Even a salted hash becomes a trivial joke when the input data you're hashing has a *total* entropy of only 32bits. You at very least need a unique salt per hash, or you only have to expose the salt to

Re: [gentoo-dev] [RFC] Anti-spam for goose

> On Thu, 21 May 2020, Robert Bridge wrote: > There are only 4 billion to reverse, not that hard really with a > rainbow table... That's why I said salted hash. signature.asc Description: PGP signature

Re: [gentoo-dev] [RFC] Anti-spam for goose

There are only 4 billion to reverse, not that hard really with a rainbow table... On Thu, 21 May 2020 at 13:08, Michał Górny wrote: > On Thu, 2020-05-21 at 13:57 +0200, Ulrich Mueller wrote: > > > > > > > On Thu, 21 May 2020, Robert Bridge wrote: > > > On Thu, 21 May 2020 at 09:47, Michał Górny

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, 2020-05-21 at 13:57 +0200, Ulrich Mueller wrote: > > > > > > On Thu, 21 May 2020, Robert Bridge wrote: > > On Thu, 21 May 2020 at 09:47, Michał Górny wrote: > > > Option 1: IP-based limiting > > > === > > > > > Preface this with IANAL, check with your own legal

Re: [gentoo-dev] [RFC] Anti-spam for goose

> On Thu, 21 May 2020, Robert Bridge wrote: > On Thu, 21 May 2020 at 09:47, Michał Górny wrote: >> >> Option 1: IP-based limiting >> === >> > Preface this with IANAL, check with your own legal counsel... > While IP address based methods might be attractive

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, 2020-05-21 at 12:33 +0100, Robert Bridge wrote: > On Thu, 21 May 2020 at 09:47, Michał Górny wrote: > > > Option 1: IP-based limiting > > === > > > > Preface this with IANAL, check with your own legal counsel... > > While IP address based methods might be

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, 21 May 2020 at 09:47, Michał Górny wrote: > > Option 1: IP-based limiting > === > Preface this with IANAL, check with your own legal counsel... While IP address based methods might be attractive technically, do remember that an IP address is considered

Re: [gentoo-dev] [RFC] Anti-spam for goose

Hi, On 21-05-2020 10:47:07 +0200, Michał Górny wrote: > Hi, > > TL;DR: I'm looking for opinions on how to protect goose from spam, > i.e. mass fake submissions. > > > Problem > === > Goose currently lacks proper limiting of submitted data. The only > limiter currently in place is based on

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, 2020-05-21 at 12:45 +0200, Jaco Kroon wrote: > Even for v4, as an attacker ... well, as I'm sitting here right now I've > got direct access to almost a /20 (4096 addresses). I know a number of > people with larger scopes than that. Use bot-nets and the scope goes up > even more. See how

Re: [gentoo-dev] [RFC] Anti-spam for goose

Hi, On 2020/05/21 11:48, Tomas Mozes wrote: > > > On Thu, May 21, 2020 at 10:47 AM Michał Górny > wrote: > > Hi, > > TL;DR: I'm looking for opinions on how to protect goose from spam, > i.e. mass fake submissions. > Option 1: IP-based limiting >

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, May 21, 2020 at 12:10 PM Michał Górny wrote: > On Thu, 2020-05-21 at 11:48 +0200, Tomas Mozes wrote: > > On Thu, May 21, 2020 at 10:47 AM Michał Górny wrote: > > > > > Hi, > > > > > > TL;DR: I'm looking for opinions on how to protect goose from spam, > > > i.e. mass fake submissions. >

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, 2020-05-21 at 11:48 +0200, Tomas Mozes wrote: > On Thu, May 21, 2020 at 10:47 AM Michał Górny wrote: > > > Hi, > > > > TL;DR: I'm looking for opinions on how to protect goose from spam, > > i.e. mass fake submissions. > > > > > > Problem > > === > > Goose currently lacks proper

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, May 21, 2020 at 10:47 AM Michał Górny wrote: > Hi, > > TL;DR: I'm looking for opinions on how to protect goose from spam, > i.e. mass fake submissions. > > > Problem > === > Goose currently lacks proper limiting of submitted data. The only > limiter currently in place is based on

Re: [gentoo-dev] [RFC] Anti-spam for goose

On Thu, 2020-05-21 at 11:17 +0200, Toralf Förster wrote: > On 5/21/20 10:47 AM, Michał Górny wrote: > > TL;DR: I'm looking for opinions on how to protect goose from spam, > > i.e. mass fake submissions. > > > > I'd combine IP-limits with proof-of-work. > CAPTCHA should be the very last option

Re: [gentoo-dev] [RFC] Anti-spam for goose

On 5/21/20 10:47 AM, Michał Górny wrote: > TL;DR: I'm looking for opinions on how to protect goose from spam, > i.e. mass fake submissions. > I'd combine IP-limits with proof-of-work. CAPTCHA should be the very last option IMO. -- Toralf PGP 23217DA7 9B888F45 signature.asc Description:

[gentoo-dev] [RFC] Anti-spam for goose

Hi, TL;DR: I'm looking for opinions on how to protect goose from spam, i.e. mass fake submissions. Problem === Goose currently lacks proper limiting of submitted data. The only limiter currently in place is based on unique submitter id that is randomly generated at setup time and in full