Spammer radhi

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Spammer radhi

Rui Barradas
This happened two or three weeks ago and it's happening again.
Spammers are using Nabble to attack R-Help. The psts are signed radhi
and the posts' titles are taken from previous posts and therefore seem
authentic but all messages end with "click here". I suggest you don't.
And don't rply to this "radhi"

And again on a weekend.

Rui Barradas

______________________________________________
[hidden email] mailing list
https://stat.ethz.ch/mailman/listinfo/r-help
PLEASE do read the posting guide http://www.R-project.org/posting-guide.html
and provide commented, minimal, self-contained, reproducible code.
Reply | Threaded
Open this post in threaded view
|

Re: Spammer radhi

Duncan Murdoch-2
On 23/12/2012 1:46 PM, Rui Barradas wrote:
> This happened two or three weeks ago and it's happening again.
> Spammers are using Nabble to attack R-Help. The psts are signed radhi
> and the posts' titles are taken from previous posts and therefore seem
> authentic but all messages end with "click here". I suggest you don't.
> And don't rply to this "radhi"

A simple solution to the Nabble problem is to filter on the "Message-ID"
and "References" header.  If either of them contains the string
"nabble.com", then the message was either posted from Nabble or is a
reply to a message that was posted from Nabble. Delete both types, and
Nabble ceases to be a problem.

Duncan Murdoch

______________________________________________
[hidden email] mailing list
https://stat.ethz.ch/mailman/listinfo/r-help
PLEASE do read the posting guide http://www.R-project.org/posting-guide.html
and provide commented, minimal, self-contained, reproducible code.
Reply | Threaded
Open this post in threaded view
|

Re: Spammer radhi

Martin Maechler
>>>>> Duncan Murdoch <[hidden email]>
>>>>>     on Sun, 23 Dec 2012 13:59:08 -0500 writes:

    > On 23/12/2012 1:46 PM, Rui Barradas wrote:
    >> This happened two or three weeks ago and it's happening
    >> again.  Spammers are using Nabble to attack R-Help.

indeed.  What a bad way to misuse Christmas holidays..

    >> The psts are signed radhi and the posts' titles are taken
    >> from previous posts and therefore seem authentic but all
    >> messages end with "click here". I suggest you don't.  And
    >> don't rply to this "radhi"

    > A simple solution to the Nabble problem is to filter on
    > the "Message-ID" and "References" header.  If either of
    > them contains the string "nabble.com", then the message
    > was either posted from Nabble or is a reply to a message
    > that was posted from Nabble. Delete both types, and Nabble
    > ceases to be a problem.

    > Duncan Murdoch

Indeed.
... and we could do this on the R-help server side already.

After the last attack, we already took quite some effort to
still use our spam filter results and combine with the fact that
a posting came from Nabble,  and then directly *rejected* the
message when it was looked ``possibly like spam'' and was from
Nabble.
As the new attack seems to have been smarter even, we must
consider to become even harder, and completely disallow posting
from Nabble.
This would be somewhat a problem: I had been told that some
people use Nabble in order to be able to reply to messages "in
the correct thread" (which is good), which they cannot easily otherwise.

At the moment, I tighten the filters but do not yet
completely stop Nabble.

Martin Maechler, ETH Zurich

______________________________________________
[hidden email] mailing list
https://stat.ethz.ch/mailman/listinfo/r-help
PLEASE do read the posting guide http://www.R-project.org/posting-guide.html
and provide commented, minimal, self-contained, reproducible code.
Reply | Threaded
Open this post in threaded view
|

Re: Spammer radhi

Arun.stat
In reply to this post by Rui Barradas
Can the Statisticians here develop some good Statistical tool to stop this
Spamming keeping Type-I error almost zero?

Thanks and regards,
_____________________________________________________

Arun Kumar Saha, FRM
QUANTITATIVE RISK AND HEDGE CONSULTING SPECIALIST
Visit me at: http://in.linkedin.com/in/ArunFRM
_____________________________________________________

        [[alternative HTML version deleted]]

______________________________________________
[hidden email] mailing list
https://stat.ethz.ch/mailman/listinfo/r-help
PLEASE do read the posting guide http://www.R-project.org/posting-guide.html
and provide commented, minimal, self-contained, reproducible code.
Reply | Threaded
Open this post in threaded view
|

Re: Spammer radhi

bbolker
Arun Kumar Saha <arun.kumar.saha <at> gmail.com> writes:

>
> Can the Statisticians here develop some good Statistical tool to stop this
> Spamming keeping Type-I error almost zero?

  As Bruce Schneier (surely among others) has pointed out, the difference
between security against natural risks (analogous to most statistical
problems) and security against attackers is that the attackers adapt
to avoid countermeasures. In the terminology of Hurlbert (1984), a classic
in ecological statistics, this is the difference between "non-demonic"
and "demonic" interventions; the tools of statistics are generally intended
to guard against non-demonic intervention only.

   Ben Bolker

______________________________________________
[hidden email] mailing list
https://stat.ethz.ch/mailman/listinfo/r-help
PLEASE do read the posting guide http://www.R-project.org/posting-guide.html
and provide commented, minimal, self-contained, reproducible code.
Reply | Threaded
Open this post in threaded view
|

Re: Spammer radhi

Rui Barradas
Hello,

I believe that today's spam filters already use statistical tools,
namely, non-parametric bayesian methods. This would mean that they can
adapt to known attacks but are useless against new ones.

Merry Christmas,

Rui Barradas
Em 24-12-2012 15:57, Ben Bolker escreveu:

> Arun Kumar Saha <arun.kumar.saha <at> gmail.com> writes:
>
>> Can the Statisticians here develop some good Statistical tool to stop this
>> Spamming keeping Type-I error almost zero?
>    As Bruce Schneier (surely among others) has pointed out, the difference
> between security against natural risks (analogous to most statistical
> problems) and security against attackers is that the attackers adapt
> to avoid countermeasures. In the terminology of Hurlbert (1984), a classic
> in ecological statistics, this is the difference between "non-demonic"
> and "demonic" interventions; the tools of statistics are generally intended
> to guard against non-demonic intervention only.
>
>     Ben Bolker
>
> ______________________________________________
> [hidden email] mailing list
> https://stat.ethz.ch/mailman/listinfo/r-help
> PLEASE do read the posting guide http://www.R-project.org/posting-guide.html
> and provide commented, minimal, self-contained, reproducible code.

______________________________________________
[hidden email] mailing list
https://stat.ethz.ch/mailman/listinfo/r-help
PLEASE do read the posting guide http://www.R-project.org/posting-guide.html
and provide commented, minimal, self-contained, reproducible code.