Language Selection

English French German Italian Portuguese Spanish

Opening Up Communications (Updatedx5)

Filed under
Site News

Script kiddies can't get their way

Diversity

Summary: Script kiddies made it impractical to manage comments and forum posts; we are trying to tackle this issue today

IN ANOTHER attempt to restore user registrations, this time on the new server which has just been configured for mail, we are enabling anyone to quickly self-register (takes less than a minute and requires no verification), then immediately post comments, forum posts, etc.

For well over a year it has been hard to leave feedback in this site and it's all the fault of script kiddies. This site is ranked 40126th for traffic in Netcraft (without us using the toolbar, which helps one game the numbers, extrapolated from a relatively tiny sample set), so it's a shame that people can hardly leave a comment. We occasionally hear from people who want to but can't (simply cannot register), so hopefully we can resolve this issue. New software has been set up to mitigate the problem of spam, so hopefully this latest attempt to open up communications is here to stay.

Update #1: Spammers are hitting the front page with story submissions from newly-created accounts. This gives us no choice but to stop story submissions by arbitrary registered users.

Update #2: Comment spam gets past our filters, but for the time being it seems manageable with standard moderation.

Update #3: Now it's blog posts that get exploited by spammers (faster than we can cope with). And yet another feature is killed by them.

Update #4: Forum posts are now being targeted, with about 50 spam threads started last night alone. Maybe we should explore some kind of CAPTCHA mechanism for signup and posting rather than suspend abilities one by one.

Update #5: Spam in the forums is now too much to bear (nearly 100 per day), so the spammers killed that too.

More in Tux Machines

Leftovers: Software

  • OpenVZ 7.0 Becomes A Complete Linux Distribution, Based On VzLinux
    OpenVZ, a long-standing Linux virtualization technology and similar to LXC and Solaris Containers, is out with their major 7.0 release. OpenVZ 7.0 has focused on merging the OpenVZ and Virtuozzo code-bases along with replacing their own hypervisor with that of Linux's KVM. Under OpenVZ 7.0, it has become a complete Linux distribution based upon VzLinux.
  • OpenVZ 7.0 released
    I’m pleased to announce the release of OpenVZ 7.0. The new release focuses on merging OpenVZ and Virtuozzo source codebase, replacing our own hypervisor with KVM.
  • Announcing git-cinnabar 0.4.0 beta 2
    Git-cinnabar is a git remote helper to interact with mercurial repositories. It allows to clone, pull and push from/to mercurial remote repositories, using git.
  • FreeIPA Lightweight CA internals
    In the preceding post, I explained the use cases for the FreeIPA lightweight sub-CAs feature, how to manage CAs and use them to issue certificates, and current limitations. In this post I detail some of the internals of how the feature works, including how signing keys are distributed to replicas, and how sub-CA certificate renewal works. I conclude with a brief retrospective on delivering the feature.
  • Lightweight Sub-CAs in FreeIPA 4.4
    Last year FreeIPA 4.2 brought us some great new certificate management features, including custom certificate profiles and user certificates. The upcoming FreeIPA 4.4 release builds upon this groundwork and introduces lightweight sub-CAs, a feature that lets admins to mint new CAs under the main FreeIPA CA and allows certificates for different purposes to be issued in different certificate domains. In this post I will review the use cases and demonstrate the process of creating, managing and issuing certificates from sub-CAs. (A follow-up post will detail some of the mechanisms that operate behind the scenes to make the feature work.)
  • RcppArmadillo 0.7.200.2.0
    The second Armadillo release of the 7.* series came out a few weeks ago: version 7.200.2. And RcppArmadillo version 0.7.200.2.0 is now on CRAN and uploaded to Debian. This followed the usual thorough reverse-dependecy checking of by now over 240 packages using it. For once, I let it simmer a little preparing only a package update via the GitHub repo without preparing a CRAN upload to lower the update frequency a little. Seeing that Conrad has started to release 7.300.0 tarballs, the time for a (final) 7.200.2 upload was now right. Just like the previous, it now requires a recent enough compiler. As g++ is so common, we explicitly test for version 4.6 or newer. So if you happen to be on an older RHEL or CentOS release, you may need to get yourself a more modern compiler. R on Windows is now at 4.9.3 which is decent (yet stable) choice; the 4.8 series of g++ will also do. For reference, the current LTS of Ubuntu is at 5.4.0, and we have g++ 6.1 available in Debian testing.

Red Hat and Fedora

Leftovers: Debian

  • Debian LGBTIQA+
    I have a long overdue blog entry about what happened in recent times. People that follow my tweets did catch some things. Most noteworthy there was the Trans*Inter*Congress in Munich at the start of May. It was an absolute blast. I met so many nice and great people, talked and experienced so many great things there that I'm still having a great motivational push from it every time I think back. It was also the time when I realized that I in fact do have body dysphoria even though I thought I'm fine with my body in general: Being tall is a huge issue for me. Realizing that I have a huge issue (yes, pun intended) with my length was quite relieving, even though it doesn't make it go away. It's something that makes passing and transitioning for me harder. I'm well aware that there are tall women, and that there are dedicated shops for lengthy women, but that's not the only thing that I have trouble with. What bothers me most is what people read into tall people: that they are always someone they can lean on for comfort, that tall people are always considered to be self confident and standing up for themselves (another pun, I know ... my bad).
  • [GSOC] Week 8&9 Report
    This particular week has been tiresome as I did catch a cold ;). I did come back from Cape Town where debconf taking place. My arrival at Montreal was in the middle of the week, so this week is not plenty of news…
  • Debian on Jetson TK1
    I became interested in running Debian on NVIDIA's Tegra platform recently. NVIDIA is doing a great job getting support for Tegra upstream (u-boot, kernel, X.org and other projects). As part of ensuring good Debian support for Tegra, I wanted to install Debian on a Jetson TK1, a development board from NVIDIA based on the Tegra K1 chip (Tegra 124), a 32-bit ARM chip.
  • RC bugs 2016/01-29

Android Leftovers