MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > Redefining spam as a security problem
Full Version: Redefining spam as a security problem
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Mariku

2012-02-05, 03:27 AM
Hi all,

I think "spam", which essentially means unwanted people signing up as users in order to abuse your forum for their own ends, is a security problem.

I know it is not typically defined as such, but it is one when you redefine what you consider to be "security".

If "security" only refers to things that can mess up your forum software and / or database, then spam is not a security problem.

If "security" includes the reliability of information and identities on your forum, shill posting and astroturfing can be very real threats to your forum because they dramatically undermine your forum's credibility as a source of information and thus the value the forum has for its users, then unwanted users abusing your forum (=spam) is a security problem.

In my opinion, for any forum that is for more than just entertainment, spam is a very serious security problem, because it directly undermines the core value of your community for your members.

Not aiming to start a nomenclature debate, and maybe my nomenclature is off norm in this as well, but I think shill posting and astroturfing campaigns are way underestimated, and a lot more widely spread than commonly known, even by forum owners.

Just wanted to share my 2c... what do you think?

Cheers,

Matt

linguist

2012-02-05, 08:15 AM
Well, of course it is a security issue. Bypassing a protection system always is.

kavin

2012-02-05, 01:30 PM
(2012-02-05, 08:15 AM)linguist Wrote: [ -> ]Well, of course it is a security issue. Bypassing a protection system always is.

Not really.

If you enable COPPA option, it is meant to check people's age. but does it really succeeds in it? Anyone can enter a fake DOB and bypass it. Spams are just like that.
We have preventive measures, but some spams bypass them. And what if a user (example me) posts with just smileys or simple words like "Hi" in some topics? It is indeed spam, but how can MyBB (or any other software) determine whether its spam or not?

linguist

2012-02-05, 07:50 PM
A (security) protection or checkpoint or "preventive measure" of any kind exists so that certain things or people who/which ought to stay outside *do* stay outside. If they can bypass that, it means there is a security issue.

Mariku

2012-02-06, 12:14 AM
kavin, you have a good point. I'm starting to think that the help of responsible users reporting stuff like that may be quite necessary. Why not make use of the many eyes and brains in the community to help protect their very own community? A good reporting system (with a number of preset report reasons), combined with responsible action of admin and mods, should do the trick.

The response of the admin / moderator needs to be adapted to the "severity" of the issue, of course, and I would only send a friendly pointer to someone who constantly posts "hi" and smilies, while I would take much more serious action against commercial spam or political astroturfing.

Matt
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > Redefining spam as a security problem