/meta/ - meta

General sitewide meta


New Thread[×]
Name
Email
Subject
Message
Files Max 5 files50MB total
Tegaki
Password
[New Thread]

Page: [1] [2] [3] | [Catalog] [Banners] [Logs]
e88683 No.374 [Open]
a86333d90dc7fbcabc9aff3ab77442d917604ebe1f33b3af1640b3cf1ff1144a.webp
[Hide] (21.6KB, 640x480)
This is a thread to give some background on the illegal porn spam with links. I've seen some false guesses and claims going around on various boards so I figured it's time I made a dedicated thread to explain it.

I have been a janny, mod or admin on a few imageboards for the past 10 years, and casually post on many, including anon.cafe for the last 4 (although less so recently). Those who use a few different sites at once, especially slower/understaffed boards, will soon begin to notice patterns. Posts which look out of place. Identical posts which look out of place on two different sites. Drop a quote from it into a search engine and it's on twenty different imageboards!
It turns out there are a few spammers on imageboards, who go down a list of boards reposting the same post. A few years ago I made a bot to regularly check for new threads on imageboards and highlight any duplicates, documenting imageboard spam to find patterns and learn how to combat it.
There are a few different main categories of this spam. One is imageboard spam (or sometimes forums or D#scord chats), many of you will have seen recent posts from two news imageboards, just posting a link to their site and leaving. Political spam is also big (almost always either generic /pol/ tripe, Christian evangelism or actual schizophrenic psychosis), and it's worth noting that politics spam was especially big around 2020 so there will probably be a heap later this year. This is easy to spot on hobby boards, although it often blends in unnoticed on politics boards and random (/b/) boards, where they're often taken seriously, and sometimes those spammers choose to just repost only on the dozen /pol/ boards online. There are some other smaller classes of spam, but we're here to talk about the biggest spam category by far:

The CP spam is commercial spam. That's why they have links in them.
They hit any imageboard they can find. Even test sites with no users.
Different CP site owners have been doing this for at least 10 years, and probably ever since the internet went public.

This isn't news to people who have been around for a while, but for fresh users on political sites it's easy to jump to the conclusion that its one person (some cryptic 'pedoposter' character), or their designated scapegoat or feds trying to take their site down. But this was happening before /pol/ was even a board on 4chan, and it was happening on even harmless niche hobby imageboards (which is where I started jannying ten years ago, to help delete the hourly CP spam until the admin programmed a hacky countermeasure). And they don't just target imageboards. This is commercial spam. They target any blog comment section or unsecured forum they can discover. You can verify this yourself by checking where the same ad link appears in a search engine. There are commercial/freeware tools made by organized crime companies for discovering and spamming unsecured forums, which brag about being able to break most captchas (and even 10 years ago you could pay $1 per 1000 Google reCAPTCHA solves by real humans in poorer countries, all plugged into your bot via an API).

But there's an important point. The current ones aren't bot posting. These are humans, fresh custom-made captchas don't stop them. Simple post filters don't stop them ('post blocked, please try again' won't stop someone who is financially motivated). Anything that wouldn't stop you, won't stop them. And I say 'them' for good reason, you can verify both through basic linguistic forensics (typing styles, filename choices, filter evasion techniques, etc.) and by fingerprinting their user-agents that the same link is being posted by multiple spammers. Specifically, the current one with a child model on a purple background has the same link being posted by three distinct people, all from East Siberia and far North East Asia. They each have a list of target sites (some use imageboard lists like (historically) cc0's list or AllChans, others use custom-made spam lists with all kinds of websites on them, this can sometimes be confirmed by checking their HTTP referrers) and they go down the list, one by one, often clearly in alphabetical order, posting their garbage. They usually post on the first board they see, usually the first alphabetically or the most active/bumped board (which is why anons here correctly pointed out /comfy/ and /k/ were disproportionately targeted on anon.cafe), although they may also just have a certain arbitrary board saved (like lainchan's /zzz/, apparently), maybe because it got listed in a search first. I've seen cases where an imageboard has just locked their /a/ board due to constant spam and most of it disappeared (/a/ is first in alphabetical order, so on their homepage it was the first a spammer would click, so this wouldn't work on lynxchan/jschan's boardlist where they're ordered by activity).

It's also important to keep in mind that CP sites come and go, and along with it, different spammers. There have been particularly nasty ones in the past which posted full nudes, link in the image only so the post couldn't be text filtered, random filename, and either no text or text copied from other posts. Phash techniques could be a useful approach there, and the Junkuchan admin has mentioned in the Cloudflare thread that phash filtering has worked well for them.
Message too long. View the full text
263 replies and 34 files omitted. View the full thread
0ee9c6 No.1430 
>>1424
Look at the images in the 2nd post. You can identify them by targeting the javascript timezone + screen size, plus searching for the presence of certain languages in the accept_language http header. From my records, the most repetitive spammers are the following:

timezone: Asia/Vladivostok
accept_language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7
screen size: 1280x1024
devicepixelratio: 1.100000023841858 (10% zoom in Chrome)
Windows, Chrome
---

timezone: Asia/Tashkent
accept_language: varies, but always starts with "ru"
screen: 1280x1024
devicepixelratio: 1
Windows, Chrome
Message too long. View the full text
Replies: >>1432
0ee9c6 No.1431 
Note, I'd be interested in anyone sharing any more fingerprints for known spammers.
Or maybe that would be counter productive, because they could just use any public info to get around any blocks?

Of course they also post very repetitive patterns that you can use to identify them...
Replies: >>1432
a66c76 No.1432 
>>1430
Thanks. Has there been any success stopping them with perceptual hash based filtering, either homegrown or via cloudflare? This seems like a very annoying problem to fight since they don't really spam individual sites, they seem to do hit and runs at random.

>We mostly only got spam from chan aggregators, and only very, VERY few legitimate users
We found a genuine old user almost immediately after we went up on allchans... but also a day after is when we got our first and only CP ad. In any case the damage is done.

>>1431
I've got some basic HTTP header plus posting method fingerprinting set up, but I'm still waiting for another post. It's been nearly a week, have they been active on other sites in the meantime?
Replies: >>1433
0ee9c6 No.1433 
>>1432
>Has there been any success stopping them with perceptual hash based filtering, either homegrown or via cloudflare?
I've tried, but it's not a valid strategy because it is reactive and they just switch images.
More importantly, the only single spammer where I had to use this was the Asia/Vladivostok one, and you can very easily block that with the info I posted. In fact you don't even have to, because they always use the same referers: allchans or the anime-bb.ru one, once they also used chan.city.

>they seem to do hit and runs at random
They hit and run whatever sites offer the least resistance. They used to hit us multiple times a day. Then I blocked them reliably and now they only really come back once every two weeks on average.

>I've got some basic HTTP header plus posting method fingerprinting set up, but I'm still waiting for another post.
What was the info you got? I could check if it matches anything we got.
Replies: >>1434
9aa6e1 No.1434 
>>1433
>What was the info you got? I could check if it matches anything we got.
Nothing yet, I set it up afterwards. I wanted to validate the fingerprint data myself but they haven't posted again. I haven't set up JS fingerprinting yet, but it's not really what I'm interested in. I want to see if they prefer noscript posting for a few reasons (I run homurachan, a meguca instance) and if they'll graduate to a Tor/Mullvad browser fingerprint once I start blocking them.
## Admin 2946b3 No.64 [Open]
This is something I meant to write since some time, but now the impending doom of anon.cafe finally made me actually do this.

Originally this site was born as a tech demo after the demise of zchan, to modify jschan so it can run on multiple servers, for load balancing and maybe better ddos resistance. But the code never got merged upstream, so this site still runs a fork of jschan, originally on 3 servers, now on only two (and both of them at buyvm, so it's not much redundancy). On the other hand, zzzchan (probably the biggest imageboard running jschan) went with the original jschan and only using HTTP reverse proxies, so maybe this is overkill, after all. But anyway, whatever started as a tech demo pretty much stayed.
Which brings me to the current state of this site, it's pretty dead. There's /nep/, which is a copy of the old 8chan's /nep/, but at this point it pretty much functions only as an archive, it barely has any traffic. There's /quest/, it had some activity in the past, but now it has like 1 posts per week, one half-dead quest and a couple of dead ones. And /finance/, it also had some traffic initially, but now it's also pretty dead. I also have two BOs who never log in, so I have to delete the spam posted to their boards. (It's not that bad, filters catch most of the spam, and since the site is so dead, I can just open the global recent posts page, and delete any spam. I guess a dead site has some advantage too.)
In the past I didn't have any instructions on how to get a new board, because, to be honest, I didn't want to attract a lot of attention. I have better shit to do than dealing with courts and getting raided just because some anon said something on my site, or dealing with butthurt faggots ddosing my site. This site is not under cuckflare, and I'd very much like to keep it that way. On the other hand my gatekeeping was probably a bit too aggressive, even though I didn't do much (I think I only rejected one board). I guess just assuming that anons would randomly come here was a mistake. I'm also very bad at being proactive, if it's not already obvious.

So with that out of the way, I'd like to open an official board request thread. This is a free service, I reserve the right to reject any application or to shut down the service any time; don't expect 99.999999% uptime, blah blah blah. But unless you're one of those boards that are known to attract a lot of drama/shitstorm/lolcows/school shootings/etc, it's probably okay. I'd like to keep this site nice and comfy rather than having high PPH, there are better admins out there when it comes to dealing with that shit.
Required info:
>URI e.g. /uri/
>name of the board
>a short description/rationale
What is this board and why do you think I won't reject it, not the description that goes onto the board listing.
>planned rules
Include that global rules apply.
>what BO experience you have
Last edited by admin
Message too long. View the full text
332 replies and 40 files omitted. View the full thread
## Admin c7407f No.1267 
>>1262
I'm just going to repeat what I said in >>1041, we already have enough dead vidya boards, so I need something more than just trust me bro this will work this time.
606154 No.1350 
>>1266
>Use the shittiest one of them all
No. Shill elsewhere
38c5b6 No.1426 
If /l/ is dead, I'll claim it. I don't know if I'm the only one who posts there or not.
Replies: >>1427
## Admin 1fdc41 No.1427 
>>1426
BO logged in the last 24 hours, so no, it's not up for grabs.
Replies: >>1428
38c5b6 No.1428 
>>1427
Huh.

HEY /l/ BOARD ADMIN:  POST ON YOUR DAMN BOARD WITH ME!
dc2651 No.1425 [Open]
Cakechan just got a server taken down by a failed ransomware attack. They weren't hacked themselves, it was their host. When the ransomware install failed they made a copy of the whole site's public data and then wiped the server. Apparently other sites were attacked at the same time.

Posting this as a fyi to the Admin as well as possibly to any BOs
Please make backups in case we're hit at some point.
Fallback and bunker plans might be a good idea too.
f17b7d No.859 [Open]
5a3ade501591c089e3f03f9b6d3f7b755f27ff8b826770b299571a6d30c2b1e7.png
[Hide] (257.3KB, 597x770)
Merry Christmas, Trashmin!
I don't think I've thanked you properly before.
Thank you for letting anon.cafe's legacy live on.

I hope you have a good one.
77 replies and 5 files omitted. View the full thread
## Admin a19c4e No.1419 
>>1418
Oh, I see. I checked some random sites from the list of jschan instances, it works on half of them and doesn't on the other. Probably something in the upstream jschan broke it, I'll try to look into it.
Replies: >>1420
## Admin a19c4e No.1420 
>>1419
I checked it in kiwi browser because it has a devtools, of course the popup works there.
I seriously don't understand how can people use phones for anything.
## Admin 6deebb No.1421 
Well, looks like Tom broke this functionality on purpose:
https://gitgud.io/fatchan/jschan/-/blob/c0d50eb168501d7e0ac8fd9c516901c6dbfc5270/gulp/res/css/style.css#L1653
https://gitgud.io/fatchan/jschan/-/commit/82b4fbc967c71dce22bf5f49b6ed550a1205fcbf
Or disco
https://gitgud.io/fatchan/jschan/-/issues/569
Replies: >>1422 >>1423
## Global Staff aa767c No.1422 
>>1421
Nice detective work.
cb0670 No.1423 
>>1421
>broke this functionality on purpose
Jesus, at least they could have made it into an option. Looks like I'll have to open an issue on their repo and see where it goes. Thank you so much for the quick investigation and response.
>I seriously don't understand how can people use phones for anything.
It's quite the downgrade from desktop but you get used to it after a while when you have no other choice. I always hated phoneposters until I became one due to my job, that's life I guess.
4368ff No.214 [Open]
Hey Admin, I'm trying to set my custom CSS on /comfy/ but it says
'''
Bad Request
Custom CSS strict mode is enabled and does not allow the following: "@", "url("
'''

I believe it's because I link the background image in it, despites I uploaded it in the "Assets" settings of the board.
https://trashchan.xyz/asset/comfy/6c6f248c291c7e2674e510c6cdd3f33fb2564164176ab322109fe8788c9abcbb.png
and here is the line of the CSS file :
'''
background-image: url(/asset/comfy/6c6f248c291c7e2674e510c6cdd3f33fb2564164176ab322109fe8788c9abcbb.png);
,,,

It works well when I test my CSS in the "on the fly" settings though so I believe it may be a permission problem that prevent me to put anURL in my CSS. Please halp !
194 replies and 26 files omitted. View the full thread
## Admin 3892d1 No.1385 
>>1379
Weird, looks like jschan changed something there, I didn't notice it.
>>1382
Yeah, I've updated jschan (and some software behind it) after Christmas.
Replies: >>1386
a51449 No.1386 
>>1385
Noice, thanks for the work Trashmin.
77449b No.1387 
I haven't investigated this thoroughly yet, but at first glance it seems the 'media hovering' feature has stopped working? Maybe it doesn't work on all pages the same?
Replies: >>1388
38f1a0 No.1388 
>>1387
Nvm, my apologies. I had a new instance of the browser going, and neglected to re-set the 'hover' setting. Clearly my fault, but now I'm wondering if there's a simple way to persist this setting for Trashchan?
Replies: >>1390
## Admin 786a51 No.1390 
>>1388
You have an export/import button in the settings, but if your browser deletes your cookies/local storage/whatever, you'll have to reapply it manually every time.
6ab1bb No.12 [Open]
What's wrong with your webring? Doesn't seem to crawl, lots of sites are missing.
34 replies and 4 files omitted. View the full thread
## Admin 895e9a No.1348 
>>1347
Done (but as I see smug already added you)
Replies: >>1349
546291 No.1349 
>>1348
just wanted to be sure i was on at least 2 sites following lines, thanks again
1860ef No.1351 
5 years of webring and it's still so quiet. I guess the original 8chan died and never recovered...
Replies: >>1352
579d47 No.1352 
>>1351
>8chan died
<died
There was never a clearer kike gayop. It was ((( killed b/c reasons ))).

But ehh the webring has proven at the very least that Anons are resilient, regardless. All thanks to the various Admins who keep things afloat! Honor to Trashmin in our cases!  :)
4302e2 No.1353 
>hotwheels coverted to christianity
>moved directly to California and New York
>believes Q is real and is trying to find out who Q is
Hotwheels became a christian blueanon commie. What a surprise.
8c060e No.1286 [Open]
Hey guys, I've have been falsely accused of "bringing conflicts from other boards" when I don't believe it isn't the case. It happened earlier today and a couple of days ago; could anybody look into this?

Thanks in advance.
6fc75f No.1065 [Open]
mr admin, the onion (trashchan2rvdng5zm7346sfxrrkjwvqzolw4lfdyldcsdpmsyj4dkid.onion) site appears to be down, with error code 0xF0 (Onion site not found)
24 replies omitted. View the full thread
511af2 No.1244 
What OS/Browser do you use, trashmin?
Replies: >>1245
## Admin eb4d36 No.1245 
>>1244
Loonix (without systemd) with meme moon and ungoogled chromium.
Probably the only way to stand out more of normalfags world would be to use something like lynx on openbsd, but I doubt even discord's login form would load without executing gigabytes of javashit code.
Replies: >>1246
a5d964 No.1246 
>>1245
>based furry moon knower
Replies: >>1247
## Admin eb4d36 No.1247 
>>1246
You know there's something really wrong with the web ecosystem when the most usable browser is made by some random furry...
Replies: >>1248
5b5098 No.1248
1757324184609991.png
[Hide] (711.9KB, 735x896)
>>1247
LOL

Exactly so! The kikes mean this to be so intentionally of course. I find it hilarious at the current ((( poostorm ))) going on over Trump's H1B order. That was all part of their plan behind shite'g up the web as well. Otherwise, we'd all be doing everything in C & C++ still today, simply b/c of the energy savings involved that way.
>tl;dr
<pic-related
8b306b No.15 [Open]
all_of_the_none_of_the_money.jpg
[Hide] (1.1MB, 1200x1538+0+0)
ClipboardImage.png
[Hide] (318.5KB, 1816x1228+0+0)
Anons on /k/ are discussing a board to discuss economics/finance. Some are saying to call it /finance/ or /stonks/ while others are saying to keep it named /biz/. They were discussing asking trashchan if you would be interested in hosting it so I figured I would make a thread to gauge interest. I'm partial to /stonks/ because worrying about "not trying to attract the wrong crowd" is retarded.
21 replies and 2 files omitted. View the full thread
## Admin 4249ac No.1098 
>>1097
A few extra white hair each month
Replies: >>1099 >>1113
75bca8 No.1099 
>>1098
NTA. Lol, true.  :D
f549b5 No.1113
maxresdefault_(2).jpg
[Hide] (91.4KB, 1280x720)
>>1098
No, thanks.
4f5ddb No.1223 
>>1093
What does the role entail?
Replies: >>1224
## Admin f25d78 No.1224 
>>1223
At minimum coming up with board rules (but since the board already exists, you can just use the existing rules) and moderating. The rest (flags, banners, custom css, etc) are nice but not strictly necessary, and generally anons are happy to help with.
d0791a No.1119 [Open]
__neptune_noire_blanc_nepgear_vert_and_14_more_neptune_and_2_more_drawn_by_tsunako__c788eed66809c410051f04bc33c00bd7.jpg
[Hide] (2.9MB, 6969x4026)
Hello, is this the right place for this?
I am a 4Chin refugee who loves Neptunia and Compile Heart games and was an active poster in /nepgen/. With 4Chan down, I am trying to revive the old /nep/ board as a place for Nepfags and /nepgen/ refugees like me (or what's left of us). But one thing concerns me. It is a very old board that was basically abandoned. Does it have any protection against spammers and bad actors? Or does someone need to step up and become the board's new moderator?
4 replies and 2 files omitted. View the full thread
a76371 No.1144 
>>1143
If he doesn't respond then Trashmin should transfer the board over to you.
d0791a No.1145
media_GXXxAdtWAAA5lFO.jpg
[Hide] (3.2MB, 3901x4096)
It's been over three weeks now. I'd like to get an answer on this, please.
Replies: >>1146
## Admin e7b3b4 No.1146 
>>1145
Yes, sorry for the late reply, the original BO returned in the meantime.
Replies: >>1147
454daf No.1147
chibi_blanc_by_mashiroheart_dawwn9n.png
[Hide] (318.2KB, 874x1240)
>>1146
So he just returned and I didn't realize it?
Replies: >>1148
## Admin e7b3b4 No.1148 
>>1147
Not sure if he did anything other than logging in, hopefully he will do something soon
Page: [1] [2] [3] | [Catalog] [Banners] [Logs]
Show Post Actions

Actions:

Captcha:

- news - rules - faq -
jschan 1.7.3