/meta/ - meta

partial_alphabetical_ordering_(newest_to_oldest,_so_read_bottom_to_top).webp
[Hide] (25.2KB, 372x502)

spammer_details.webp
[Hide] (39.8KB, 954x1396)

Directly replying to this post: >>>/comfy/8329

/k/, like /comfy/, was hit because it was more active and therefore prominent on the front page. Someone above said the spammers were persistent on (some) /b/, which is also typically a high traffic board, so this is no surprise.
It's also why on Trashchan, only /comfy/ has been getting spam recently and not the other boards, while it used to hit /nep/ (or sometimes /meta/).
If you've seen the spam text, it's clear they have a tenuous grasp of English if any. They're (mostly) far off Siberians who just try to make a post, retrying for a while if blocked, then move to the next site. It's business to them, they want to tempt pedos into going to their site and (I'm guessing) pay them crypto for porn access.
Why else would they be hitting literally-who anime sites with 0 active users? There is zero value for anyone to take such a site down, and if the feds wanted to do it, they'd just do it through technical or legal means instead of posting CP. Legally speaking, site owners just have to delete it in a timely manner once they become aware of it on their site, otherwise every public site in the world with file uploads would be de-facto illegal. If feds or [pick an arbitrary scapegoat of your choice] were trying to use it as shock imagery, they wouldn't just post one pic once every day or two which gets quickly deleted and they'd either have better anti-tracking infosec (I doubt it lol) or be traceable to a 5EYES country instead of Siberia. They wouldn't be posting short-links that expire/die after a few days. They'd be pretending to blend in, hey fellow anonymouses. Or, most likely, they'd just not take the site down and try to incite fedposting and trolling.

>>375
>It's also why on Trashchan, only /comfy/ has been getting spam recently and not the other boards
It happened 3 times on /retro/ so far, but those might have been the days when we had more activity

Thanks for the clear explanation, I bookmark your monitoring site out of curiosity and maybe it will help fighting those pedospammers.
So this is it ? Just some money greedy mafias ? I must say they are pretty anoying.
I remember some years ago they used some creepy CGI little girls with the link directly written on the picture.

I swear I've seen a post somewhere else about your monitoring system. Really informative.

>>374 (OP) 
>>375
I'd been wondering what the deal with that spam was for a while now, good write-up anon, let's hope an effective solution can be found.

>>376
Maybe so. There's also no reason they have to click the top board, or only one, so it could just be an exception to the trend.

>>377
>So this is it ? Just some money greedy mafias ?
Pretty much, either that or a site owner trying to find new members with untargeted spam. I suspect the first.
I have posted about my site before on other boards, if I've been in a thread and someone's asked about the spam, and a couple of anons have discovered and talked about it.

>I remember some years ago they used some creepy CGI little girls with the link directly written on the picture.
I don't remember seeing CGI ones (that said, I try to avoid looking at any). Some I remember were ones with the link on the picture in pink comic-sans, and another one which was a simple pic of the old pedobear meme with the link.

>>378
Sure thing, although it's important to be aware that when one group goes away, another will probably come up, or if it's not porn spam it will be pharma spam, passport forgery spam or imageboard-advertising spam (imageboard ad spammers are usually the most persistent and good at evading spam filters).
My point being, it will always be a cat-and-mouse game of defense and attack. Defending an open forum using automatic filters will always be a challenge. Fortunately, most of the current spammers aren't technically skilled or particularly creative to get past more technical filters. That said, one of them knows to re-encode images and change filenames to mess up simple file hash blocking.

chicken_nigger.png
[Hide] (304.5KB, 460x517)

>>374 (OP) 
Thank you for writing this up, OP. I'd had some small IRC scraps and the like here or there suggesting your OP but I've never had the time/energy to sift through 10 bibles worth of text to find a handful of off-comments about this issue other than remembering a lot of the spam IPs seemed to be Russian/North-Asian in nature. After some niggerfaggot accused me of being a CP spammer and tried getting me permabanned from a different board over an unrelated scuffle, this post and its related content are exonerating so I can proudly call that anon a nigger and thank you for providing such a useful tool.

>>374 (OP) 
I agree, the schizo theories about feds doing the occasional CP spam make no sense because that's not how you false-flag a site to death. They'd make bots and feign organic pedo activity on the board and then use that as a pretext for takedown, not make a garbled obvious spam post every few hours.
It's a spam issue and needs to be handled as such.

>>379
>Fortunately, most of the current spammers aren't technically skilled or particularly creative to get past more technical filters.
There's a thought, if these spammers are doing it for the money, then they're going to be optimizing the process as much as possible right? A spammer being paid to do this will go to a board, make their thread and then leave for the next target as soon as they have reason to believe they succeeded. What if the filters worked on a kind of fakeout system? Instead of blocking a post, it's given an expiration timer, allowing the spammer to see their handy work and be long gone by the time the thread is automodded. Since the posts tend to follow a certain format (at least for a little while), a filter could potentially be effective for the lifetime of a campaign, assuming they don't catch on and design more elaborate measures.

SEO_gaming_software.png
[Hide] (192.2KB, 780x789)

>>382
>What if the filters worked on a kind of fakeout system?
This is a variant on the tried-and-tested shadowban tactic, and I think it would work. If they have JS enabled (and the current spammers do) you can just make their post appear on their own computer and never even get uploaded.
Like you say, if they catch on then they can take countermeasures, but these ones aren't high-tier, merely persistent.
>There's a thought, if these spammers are doing it for the money, then they're going to be optimizing the process as much as possible right?
There are a couple of different theories behind who is making the posts. They might be the staff of some small website of CP traders doing their own self-promotion (my guess). They could be part of an organized/'professional' crime system which would give them more resources to make it efficient. Some anons suggest they could even be hired third-party posters, like a clickfarm.
But yes, they're going to dozens, if not hundreds of sites in a row, so they'd be crazy not to make the process more efficient. We know they use lists of sites and we know some are changing image hashes every few posts by re-rendering images, although we also know they're slow enough on each site that it's not fully automated. I don't suspect they're using purpose-built spamming software, or even know it exists. One site admin tipped me that they'd received a test post from someone using XRumer, picrel, but it may well have been some generic web spam knocking on doors to see which ones fall over. Spamming tools exist, and we should be aware of their capabilities.

d946a81a3cc2764492e1e32528f537e869f32f2558f6eac942218eb7accdf7c8.jpg
[Hide] (123.8KB, 700x840)

>>384
>automatically bypass captcha
But can it bypass picrel?

sample.png
[Hide] (377.8KB, 463x525)

>>386
There's this, which was actually proposed once to be integrated into jschan, but then it never happened (probably because it's pretty much useless if you have any board besides /a/)
https://github.com/bakape/captchouli
Back to being effective, you want something that's easily solvable by humans but not by computers. Having a unique captcha system can be a solution, because probably no one will bother to figure out how to crack a captcha system used by a single obscure site. (Unless you have an extremely butthurt enemy)

>>385
I'm not a newfriend but I never was interested in anime so I hate those anime captchas because I can't even tell who are these characters (cant' even determine if their male or female).
It wouldn't bother me on places dedicated to anime discussions but when it come on general topic places I just hate it.

>>389
I was referring to the advert(?) in >>384, not a suggestion to implement a captcha like that. I'm not sure whether it exist at all or it's just a joke someone made in paint in 2 minutes

fug.jpg
[Hide] (37.5KB, 659x676)

>>385
Heh, but you did just remind me of something. I came across an anime captcha on an imageboard (I forget which one, hopefully someone can help me out) where you had to select all the pictures of, idk, Konata Izumi. Now, I generally don't watch anime but it wasn't hard for me to look up the character name and find images to compare to, and hypothetically a bot, if taught about the format in advance (currently unlikely, I naïvely assume) can parse the question to find the criteria 'Konata Izumi' and then run an image recognition tool to see which images match the known symbol 'Konata Izumi'. Hell, I wouldn't be surprised if some anime weeb programmer has already trained a dataset to detect trap characters as a joke. But really, gluing all this together is unlikely to have happened or happen unless that kind of captcha becomes popular, even if it's hypothetically possible to do so.

However, my point is, if you have an imageboard/etc. where gatekeeping is acceptable (e.g. an anime forum can reasonably block people with no understanding of anime, not much of value is lost) then using a test of knowledge like 'which of these characters are girls' would probably be an effective test, so long as it's not a question which can be automatically searched online to find the answer easily (e.g. which studio produced [anime]?).

>>388 [replied to this before I deleted and reposted]
That might be the one, thanks!
>probably because it's pretty much useless if you have any board besides /a/
Surely it wouldn't be hard to change the images, tags and questions to suit another board's topic, but obviously it's not appropriate for some boards where you don't want to block new users.
>Back to being effective, you want something that's easily solvable by humans but not by computers.
This would be very effective against those professional anti-captcha tools like XEvil, but not against the CP spam which is performed by humans. A [generic] anti-bot captcha won't stop a human, by design.

>>390
It exist, I stumble upon those anime captchas like >>388 on some boards. I didn't even bother looking on a search engine because what I had to say was not that important.
So sure these captchas are very good for gatekeeped communities, implying the users have the related knowledge.

>>390
Someone did make it, based on the joke.

>>391 *
>Surely it wouldn't be hard to change the images, tags and questions to suit another board's topic
Ah, it's booru-backed, and maybe hardcoded to danbooru (although shouldn't be hard to adapt to a free shitty booru.org collection, or just make your own similar captcha)

>>392
For me, I wouldn't even be there if I didn't have something important to say :^)
But if I see a Google captcha or even an Hcaptcha, 99% of the time I just leave.

(Oops, forgot capcode)

>>391
>Surely it wouldn't be hard to change the images, tags and questions to suit another board's topic
Actually, no. If you look at the code, it uses a library to detect anime faces in images (using some OpenCV magic way before the AI craze) . It won't work with other things without huge work, and generating the images is what is complicated here, not selecting 9 random images from an image set and sending it to the user.

>>392
>users have the related knowledge
That is something that won't work here, since this is a generic IB, so you're limited to common knowledge. And if you limit yourself to common knowledge, manual spammers will have no problem solving your captchas, but can be still useful against bots. Places like smugloli could maybe get away with a capcha with that, but even they have a few not anime-related boards.

750d6b4a829e530894dfb983bfeec987a7f3950ebcd8bfea6b5d0dfef51591dd.png
[Hide] (719.2KB, 950x380)

>>394
I should have linked that OpenCV project here: https://github.com/nagadomi/lbpcascade_animeface/
What could work, is to dust off my stable diffusion install, come up with a few prompts, and generate a bunch of images. I'm pretty sure hcaptcha does something like this, their weird images are clearly AI generated. But then of course you're back at generating something that img2txt can't reverse.

Hi, just going around advertising a new board
https://endchan.net/dump/catalog.html
It's a slow board for dumping and long term storage archiving. 
Do you have any specific topic you would want to have more informations about?

---

update:
> By way of explanation...

The first part of this post, is the post that was moved into the /comfy/meta thread, which kicked off the discussion on Charles Petzold there. This post and the following 11 posts are therefore originally from /comfy/ . This is why the crosslinks aren't working within these posts.
>t. /comfy/ staff

>>8290
Is Endchan sketchy? I know a lot of people seem to not like it, but I don't know much about it.

>>8307
AS far as I understand it's more for technical reasons people don't like Endchan.
I used to post on a a board that was hosted there in the past and never felt anything negtive, but I don't know much about it.

As >>8290 posted in the /meta/ thread and wasn't a retard, I let the post for now. It's not really comfy but I think it may be for some interest for some Anons.

>>8317
Okay, thanks for the response. It seems like a good idea for a board, but I didn't know if there was anything potentially nefarious about the site itself with the way I've seen people shit on it.

>>8307
I visited it today, assuming nothing much I went to the overboard and ended up seeing links to CP, so in my humble opinion, stay far from it

>>8323
CP is spammed everywhere tbh (even on /comfy/ sometimes, yes). The problem is mostly the staff's reaction. Whether they react promptly or leave the thing for a long time. If the latter, I'd stay away.
At this point, all chans and imageboards are victims of this, unfortunately.

It's up to anon to sort things out and the staff to remain vigilant.

>>8324
>even on /comfy/ sometimes, yes
Actually, looking at the logs, from the last 10 posts deleted for cp, 9 were on /comfy/. I don't know why pedoposter likes this board, but he should fuck off.

>>8325
>I don't know why pedoposter likes this board
I have the feeling they just don't like any board. I don't think they target specifically /comfy/ but just spam their shit everywhere randomly. Sure they are the scourge of the chan culture and I wonder who is behind this and why did they do that. I hater them so much.

>>8324
Makes sense, wish the pedo got caught

>>8327
He’s a persistent asshole over on /b/

Coming late to this conversation. I may say that the most CP spam on Anoncafe was -- by far -- directed against /k/ . IMO clearly a glownigger gayop designed to take anon.cafe down. IDF/JIDF and other highly-glowing entities, hate /k/ 's. /comfy/ had it's share of spam there as well, but roughly-speaking it was about the same as a few other Anoncafe boards. As someone also involved over at Alogs (/robowaifu/), I can say that the exact same type of spam was directed against that site as against the Cafe (and practically at just the same times). Clearly some GH glownigger troons working to destroy both sites in a coordinated fashion, I'd say.

But it's easy enough to deal with, so NP. The deck is stacked and basically all the cards are in our hands as staff. So we only have to exercise just a wee bit of due-diligence against these miscreants, and all their plots and connivings go right into the dust (where they themselves also rightly belong as well, heh.  :^)

---

@BO
My apologies for the /pol/-tier post, but IMO this topic is directly & unavoidably -related. Please rm it, if you feel it spoils the comf here.  :)

redirect.webp
[Hide] (24.6KB, 637x411)

The uncomfy posts from a couple of days ago deserve a reply, although it is a topic better continued over here: >>>/meta/374

>>374 (OP) 
>>375
>I have seen malicious CP posting only once, where a /pol/ user raided a site with child nude modelling photos posted from purchased VPS servers (this was done during a mass raid after the victim imageboard was linked in an active 4chan /pol/ thread. This was back in 2021 or 2022).
Years ago, CP threads would stay up over a day on 4cuck (despite being reported numerous times, at least). There certainly wasn't any financial interests going on there.

I would observe your thread seems more of an attempt to smear the based Russians, than a legit appraisal of this situation. I doubt even a single sheqel ruble has changed hands with the literally thousands of these type posts that have occurred against the webring over the past 4+ yrs. Implying glowniggers have no VPNs that appear to be coming from the territories of their enemies.

Occam's razor (given the blatantly obvious & publicly well-documented many such cases of it by now) suggests instead that it is a persistent and concerted effort by US Federal Government & Israeli Zionist Government agents, specifically intended to corrupt the webring (indeed all altchans apart from the controlled-opposition 4cuck), and possibly create an easy opportunity of 'low-hanging fruit' to take down any site that has lax/nonexistent moderation. I'd estimate the count to be in the hundreds today of rando sites that have been black-bagged this exact way by now. 
>Ask our friend Tom what he thinks about such posts.

Simple as.

For the time being I also tweaked my cp post detection rules a bit, along with some suggestions from https://xj9k.neocities.org/posts/cp2/, we'll see whether it helps.
>>384
>If they have JS enabled (and the current spammers do) you can just make their post appear on their own computer and never even get uploaded.
The problem is most of the times they make a new thread instead of replying. Which means you'd have to fake a whole new page from javascript (along with changing the url in the address bar), with thumbnail generation. Not impossible, but probably much more work than it's worth.

>>415
>The problem is most of the times they make a new thread instead of replying. Which means you'd have to fake a whole new page from javascript (along with changing the url in the address bar), with thumbnail generation. Not impossible, but probably much more work than it's worth.
An easier alternative would be a delayed auto delete. Instead of rejecting or immediately deleting the post, it's marked and then deleted after a couple of minutes. The spammer sees that his post went through and moves on. With the number of websites they spam, any more verification would take them far too much time.

>>406
I apologize to chobitsu in advance but your experience doesn't align with mine. Maybe I am seeing a different attacker but there is a lot of such spam coming from European and American data centers (the Netherlands, Germany and East Coasts of the USA seem to be popular) from 10 PM to 12 AM GMT on ibs regardless of their political biases. They post both on gun-loving places and on troon pages with the same frequency, so I doubt that politics are at play. They go after Japanese, Spanish and Turkish ibs as well. 

More accurate description for them would be hunting anything that looks remotely like a standard ib. Chans with quirky or outright weird interfaces that look nothing like an ib do not seem to get affected nearly as much by the same waves.

A simple (but inconvenient) measure would be not to show any images publicly for new threads for a period of time, to at least prevent hosting visual coconut pancakes.  

>>388
They are indeed butthurt enemies. And also humans. And a well trained image recognition ML model might still be able to solve that with ease.

inigo_montoya.webp
[Hide] (3.6KB, 298x240)

>>408
>Occam's razor suggests [spam with links in it isn't trying to get people to visit the link]
You don't seem to understand what Occam's razor is.

hrefer607.png
[Hide] (38.3KB, 484x555)

>>419
>More accurate description for them would be hunting anything that looks remotely like a standard ib.
I assume there are two different discovery methods: checking existing lists of IBs and forums (like the ones in OP), and using search engines to discover potentially vulnerable sites ('Google dorking'), like searching for open post forms in HTML or searching known software names. Picrel is a spammer tool used for doing this.
Because of that,
>Chans with quirky or outright weird interfaces that look nothing like an ib do not seem to get affected nearly as much by the same waves.
, this makes sense. They wouldn't be easily discovered, because you often can't just search known patterns to discover them from a search engine.

>>419
With all due respect, Anon, I think you may have missed my point. The primary issue behind what's going on here isn't money -- (whether it's Pavel in Vladivostok, or Dong Chen in Shanghai) -- the primary issue is corruption. As in moral/spiritual corruption (whether by Chaim in Tel Aviv, or Ralph in Reston, VA).

CP spamming is part of an insidious plot to destroy young men -- and particularly young White men. If you think there's any real money actually changing hands by this concerted effort against alt-chans, then 'I have a bridge to sell you', as the old jewish adage goes.  :D

And this isn't a joke to these people either... they mean to utterly destroy you (as in death). Their goal is utter dominance, and porn & vice of all sorts is simply a vehicle. I won't go into it  further out of respect and honor for the Lord, Trashmin, Trashchan, and the several nice boards here. But this point is enough.

>tl;dr
THIS IS ABSOLUTELY POLITICAL, AND UTTERLY EVIL.
>

>>421
Ackshually, as an amateur scientist (in Astronomy), I believe I do Anon. But maybe there's something else I'm missing here. Why not share your view on it, and we'll see if we can find some agreement?

>>415
Seems to me, it's probably helping a bit, Trashmin. Thanks!  :)

1448073463607.jpg
[Hide] (33.7KB, 480x360)

Don't bite it any further, Chobitsu.

I'm inclined to believe all the arguments both of you gives are valid.

>a simple shaddy corporate advertising their devious content on places known for their potential niche of devious users.
Makes totally sense for me. Also it can just be some honeypots from some glowing agency.

>some state entity trying to destroy the places they can't control trough indirect attacks by demoralizing the users toi use them.
Regarding the current state of the world it would be totally understanding.

Also a thread was made recently on Lainchan regarding the same issue and some good arguments were posted there: if feds (or another x letters agency) would try to destroy these places, why wouldn't they use more frontal attack tactics, given that they have this power. I tend to believe if it was a glowjob, the tactic used would be different: more agressive spamming without links or not even CP but more targeted spam regarding the niche they try to destroy.

Anyway, both of you may be right on the subject and I don't think one hypothesis systematically rejects the other.

>>434
>if feds (or another x letters agency) would try to destroy these places, why wouldn't they use more frontal attack tactics, given that they have this power.
This is what makes the glowies theory less credible to me, after all if they want to kill a site they can just shut it down (eg. Megaupload, The Pirate Bay). The only reasons to use sneaky tactics would be for PR reasons or long-term community dismantling, they don't have to worry about bad PR because the media already has an established narrative for sites like this one and occasional CP spam isn't having any real impact on our robustness as far as I can see.

In terms of Occam's razor the commercial angle makes a lot of sense and OP clearly put lots of time into researching all of this. Spam has predominantly been used for advertising campaigns (think of all the random emails and comments you've seen about vitamins, pills, etc online) in which the goal is to cast the widest net possible and catch as many suckers (who would unironically follow shady links in a barely coherent post/comment/email) as you can. The way these CP posts are structured and distributed is verbatim the kind of thing we've all seen across the internet with varying levels of legality, we're just another link in the chain of thousands of websites with open comment sections.

>>425
>Why not share your view on it, and we'll see if we can find some agreement?
Sure.

The principle of Occam's razor suggests searching for an explanation made from the smallest set of elements. The simplest explanation.
So let's consider the evidence:
<The spam typically contains a sexualized image of a child, and a link, the post text also containing a link (and, depending on the spammer, a description of what content the linked site has). 
<We can see the spammers are posting on any site they can get their hands on, regardless of the site content, imageboard or not, indiscriminately going down lists like AllChans and designated spam lists. An anon pointed out they saw the posts on Japanese, Spanish and Turkish imageboards and OP has pointed out they also post on random non-imageboard sites.

As I understand it, the explanation you're putting forward relies on the following assumptions:
>an entity (Zionists and/or the CIA) wants to kill young white men by corrupting their spirit/morals
>alternate imageboards are full of young white men, so the entity concertedly targets these imageboards
>the entity tries to corrupt the users by making a CSAM post with links to a website, a couple of times per week
>the entity is also doing this to shutdown the same imageboards it is using to corrupt the young white men who post there
>the entity skillfully disguises their operatives' browser settings as spammers an enemy country although many admins such as Junkochan's had success blocking the posts with basic countermeasures, so they evidently lack technical skill

Contrast with OP's theory:
>pedophiles own a pay-to-access porn website (or scam site)
>they spam a link to it on any website they can, to try and get visitors, in an attempt to get money

Occam's razor recommends the OP's theory based on its smaller number of elements.

It only assumes pedos who want money (most people want money) are promoting their illegal porn business (pay-to-access porn businesses evidently exist and need to self-promote) by posting links on any open forums they can find (legitimate marketing methods like buying ads obviously aren't an option, criminal service spammers like ID forgery and pharma drug spam are a well-established phenomena on forums). There's no plot needed to explain this theory, just terrible idiots acting rationally.

>>434
>>a simple shaddy corporate advertising their devious content on places known for their potential niche of devious users.
>Makes totally sense for me.
It makes sense and I believe some of the spammers are checking IB lists specifically because of that, and I also think some just see it as 'i can post here without making an account' and nothing deeper.
>Also it can just be some honeypots from some glowing agency.
Sometimes they're the same: feds seize an illegal site and continue running it.
While it is plausible, and I know police and other feds entrap all the time, I think it's unlikely in this case because looking at the context of them not targeting the sites of specific countries. The browsers are unwittingly revealing the current ones as Siberian, but neither Russia nor 5EYES feds have jurisdiction over Turkey, so why spam on a Turkish IB? Why spam on SFW hobby boards with very few users? My impression is the sites are chosen blindly by naive spammers trying to hit as many as possible, rather than some honeypot operation. Spamming those links takes time, and even feds have to worry about time and money.

>some state entity trying to destroy the places they can't control trough indirect attacks by demoralizing the users toi use them.
This hypothesis is understandable from the perspective of people just using political IBs, but it doesn't explain why dead and hobby imageboards are targeted equally. They don't threaten the state, if anything they help keep alienated people placated. There are well-known explicitly political imageboards, both socialist and fascist, which they spam on (so under this hypothesis, the spamming feds don't control them, and these would obviously be high-target), so why don't they just constantly barrage them with it constantly, or even just gore and scat like raiders often do? The imageboards get a few of the spam posts a week at most, which get deleted within minutes. That won't have the desired effect.

>Also a thread was made recently on Lainchan regarding the same issue
The post talking about bots and shill threads on /x/? Yeah I saw that one before, there's a few neat posts in there. And like you said, the big feds have PRISM, TAO/CNO, the power to arrest and all other kinds of direct, effective tactics, so I just don't think they would go in a round-about way. It's not like these are sites like 4chan where thousands of people would notice or care if they went down suspiciously, and feds like Europol suspiciously take down large darknet drug markets anyway, they're not scared to.

Sigh, I wanted to avoid this shitfest, but anyway.
The CP posters I've lately seen were all using random servers/VPNs in Europe, but with an ru Accept-Language header. Yes, it's possible that some three letter agency intentionally changed their chrome's language settings to Russian to badmouth them, but Russia is a big country, they have their share of criminals who care about nothing but money.
As for the corrupting young white man argument:
1. How many users do all these alt chans combined have? 1000? Probably less. Statistically insignificant.
2. If someone has enough IQ to escape facebook, reddit, covid vaxx, etc. and find these sites, do they really expect they'll fall for a lame spam message?
3. If they want to corrupt morals so much, why do they never realize when I delete their post in 30 seconds. They can't even be bothered to check back a few minutes later and see if their message is still there. The only case they retry is when they get a world filter block message.
Spam messages generally have abysmal efficiency, but they cost almost nothing to send, so even if only every 1000th retard falls for it, they're already good.
>>451
>although many admins such as Junkochan's had success blocking the posts with basic countermeasures
Well, I implemented a basic perceptual hashing for images years ago, the number of CP posts with images collapsed immediately. So it's not like they have a huge collection of images, they might not even be CP links and just some scam links, I don't know, I never checked them.
>>455
>They don't threaten the state
Wrong, anyone who is capable of individual, not state approved(TM), thought is a threat.

>>451
Not only are you complicating the principle itself ("All else being equal, the simplest explanation tends to be the right one"), but you are way over-complcating the basic conditions. To wit:
>jews hate White men with a passion, and know that porn destroys (because they themselves already own the smut factories and have shown them to be highly-effective at both degeneration and destructive behaviors -- particularly for young males).
Simple as.

Money-grubbing and all it's many & varied machinations for this domain is entirely-irrelevant in this situation specifically.

>>430
Heh, you're right Anon. I forgot that I was on the Internets for a minute!  :DD

>>458
>Sigh, I wanted to avoid this shitfest, but anyway.
Apologies, Admin. This issue is more important to me than the simple nuisance of dealing with spammers. I'll drop it now, for my part.

>The CP spam is commercial spam.
>These are humans, fresh custom-made captchas don't stop them
Yes, likely not profitable but with some scripts it's easy. Though they use public websites for watermarking so there's a lot of manual action to it. So if you're on top of moderation it's like lol whatever.
>three distinct people
I would agree. 
>Different CP site owners have been doing this for at least 10 years
In the past 3 years there's been a large increase. I doubt CCD0 and the boardlists had any real effect. Not sure I've seen sites they come from. The referers are often blank.

Good tracking site. If you listed the shorteners it would be good for URL scraping either by my mods or scripts.

Here is what Kissu has done to combat this. 
I've added a way that scans posts for regex matches on link shorteners.
Admins can add new sites to the screening filter. If you're afraid that your CPU can't handle a few thousand regex patterns you've scraped off of github, you can eliminate most spam with
"/(^|\b)[a-z0-9\-_]+url\.[a-z]{2,4}\/[a-z0-9]{4,8}($|\b)/i",
"/(^|\b)url[a-z0-9\-_]+\.[a-z]{2,4}\/[a-z0-9]{4,8}($|\b)/i"
Blocking any url like tiny.com/asdf3ff
And of course we have exception filters and such.

If it were a bigger issue we have some options of OCR that can be explored, but moderation and regex does enough. We also use perceptual hashing through a utiltiy called blockhash https://github.com/commonsmachinery/blockhash

The perceptual hashing thing has to be implemented through yourself though, comparing hashes with a database you create yourself while moderating.

Correction on my major regex
"/(?: |
|^)(?:https?:\/\/)?(?:www\.)?[a-z0-9\-_]{1,4}\.[a-z]{1,}\/[a-z0-9]+\/?(?: |
|$)/i",
"/(?: |
|^)(?:https?:\/\/)?(?:www\.)?[a-z0-9\-_]*tiny[a-z0-9\-_]*\.[a-z]{1,}\/[a-z0-9]{5,100}\/?(?: |
|$)/i",
"/(^|\b)[a-z0-9\-_]+url\.[a-z]{2,4}\/[a-z0-9]{4,8}($|\b)/i",
"/(^|\b)url[a-z0-9\-_]+\.[a-z]{2,4}\/[a-z0-9]{4,8}($|\b)/i"
  

OP.. My righthandman agrees that it's a cool site and we'd like to use it more. If you were to do [redacted] on the URL paths and not the domains themselves it would be quite useful and safe way for us to gather up URLs that spammers will use.

The biggest argument against it being commercial, in my eyes, is that the images I see on spam posts vary dramatically from the ones people post when they're doing it for fun/attention (when there's no link and an obvious ongoing reaction to it).  It's common sense to use your best content to draw people in when you market something and it doesn't make sense to post the same nudie jpg over and over when hardcore webms would do a better job drawing in customers.  Admittedly, it would start to make sense if they don't actually have any CP to sell and are just trying to scam people into buying into the download site before acting like the links have been taken down.  No idea if that could be profitable enough to be worth the time, but the legal risk and barrier of entry of that would a lot lower than actually producing, or even collecting, stuff to sell.

On the other hand, while the idea of a conspiracy to corrupt white men with porn is completely schizo, an attempt to keep people on mainstream sites by making it seem unsafe to go exploring is slightly less insane.  There's also the possibility of feds casting a wide net and taking it easy, especially if they have preexisting tools for spam.  We know they use fake sites offering illegal services, so throwing around spambots in "at-risk" populations isn't too big a leap.

Regardless of the source, it's certainly a harmful practice to us that targets uneducated users for something bad and makes running and growing these places more difficult than it should be.

>>466
The typical setup I've seen for clearnet CP spammers involves two groups of people, the website operator and the actual spammers. The website operator runs a file sharing site. Some of the files on the site require a premium account or some other monetization mechanism to download. If you share files on the site, and someone buys a premium account to download your files, you get paid part of the money.

The spammers' links often lead to a web page full of descriptions of child pornography videos accompanied by links to the file sharing site. But on the file sharing site itself, it says nothing about what the files are. With this arrangement, the site owner, who's taking the suckers' money and is therefore in an easier position to get caught, gets plausible deniability. And the suckers don't have to buy cryptocurrency.

It's a very old scheme; as far back as 2009, 4chan, which did not have a captcha at the time, was being flooded with this sort of spam, using the file sharing site "Sharecash" which was monetized by the suckers filling out surveys that tried to get you to buy stuff and sold your information to spammers. There was a Portuguese teenager who sold e-books about his methods; after getting doxxed because he put his real email in the e-books, he defended himself by pointing out that the images he had been claiming were CP were really taken from legal porn sites that catered to pedos by making the adult participants look younger.

>>461
Maybe if you didn't rot your brain with /pol/ shit you'd realize that all this schizo ranting solves nothing. Just implement a better fucking regex to stop these russian spammers, which target all boards equally, political or not.

>>465
The original idea, years ago, was to plug in into an imageboard (e.g. vichan) and automatically generate filters, but it was far too experimental and liable to hit false positives at the time.
With a bit of work, it would be possible to do what you said and have an updating list of URLs or shorteners used by known CP spammers (although eventually I suspect they will probably just do what previous spammers did and just have the link in the image and not in the text). It would just have to be checked every five or ten minutes.

>>466
>Admittedly, it would start to make sense if they don't actually have any CP to sell and are just trying to scam people into buying into the download site before acting like the links have been taken down.
That's a good point. There's a real chance it's a straight-up scam instead of pedos selling to pedos, so they just look up 'child modelling' images, or in some other cases I've seen in link spam, anime images or the pedobear meme.

>>468
Thanks for the info. This is the same type of sleazy money-making strategy I remember seeing with some game mods, with those survey sites or delayed downloads filled with ads, makes sense. I'm guessing that e-book is long-gone, would have been an interesting read.

>>472
The more steps a spammer has to take the better. I have a commission to deliver on a bot which does OCR and link following for my site using his hardware. But I can't really justify the time investment and setting it up on a VPS if the spammers aren't going to put in either so it's backlogged.

plus they don't even really bother with kissu anymore anyways. There are adjacent sites with zero moderation that they prefer. As my mod says... the best defence against a bear is to run faster than the guy next to you

>>474
That's exactly it. These are opportunists going for low hanging fruit. Don't be the opportunity.

>>472
I've still got a copy of the e-book. Here's a redacted version (redacted so the mods here don't have to worry about whether the images are CP or not or whether the dead links lead to CP, and because the spammer was a minor at the time of his offense).

https://files.catbox.moe/fgzalh.pdf

9d1d5695eb6c821991c7285a3e727d6ed7bd9df0225d762a78b4d9d10ce265b9.jpg
[Hide] (54.2KB, 640x480)

>>476
Thanks Anon! Much appreciated, this could have some unexpected insights.

>>415
Well, I guess it took about 10 days for the spammer to figure it out. Back to manually deleting his posts I guess. I don't want to go with the url regex in >>464 yet, for me it feels like too many false positives (and I don't think that regex would have matched the last domain he used anyway). Getting a constantly updated list of link shorteners seems like a lot of work.

>>490
Blocking urls won't work, they switch to a new url shortener daily, and it would interfere with normal posters. What you can do however is checking server side if the posted links redirect to anywhere or not. The spammers use the same few pastebin clones (usually telegra.ph or vara.jp), sometimes even the exact same links. That's a relatively accurate way of catching them since NOBODY used those links on my site, especially not behind url shorteners.

Also a lot of the spam comes from allchans.org. Not just the porn ones but the other annoying ones too.

>>490
/comfy/ BO here, I see you delete cp regularly these days, I keep an eye on the board but looks like you're faster than me.
I configured world filters but as I don't have time to see the latest used on the posts you deleted I don't know what they use to update the list accordingly.
I monitor https://xj9k.neocities.org/ to figure out but the latest cp post mentioned here regarding /comfy/ are already in the filter list and date from some times now. So I don't know what I can do more on my side. I don't have many free time to constantly monitoring the board but I come multiple times a day to keep an eye on it.

Anyway, thanks for being this responsive regarding those spams.

for now I guess /ent/ is not that popular to suffer the issue but I keep watching :)

ZZZchan /v/ has some posts from someone using a Russian name with dick picks and one of those has pizza.
That reminds me one of the cafe boards (/l/ I think it was) that had that guy posting dick picks and shortly after it got hit with pizza.
I think the theory that he might be Russian could be true.
Here's the logs from /l/ to corroborate what I mean:
https://anon.cafe/logs.js?boardUri=l

Thank_you.png
[Hide] (88.9KB, 366x536)

Torfag here I just want to say two things: 1. Death to pedos

2. Thank you for not cucking like other imageboards and still allowing torfags to post files, we're not all cp spamming subhumans.  

Hope the CP spam issue will be quickly resolved.

>>682
To be honest, I've barely seen CP spamming from TOR. They all seem to come from random clearnet VPN/proxies.

09569947dec385c91cfa0bddfe14036f5cf028228bdbed502e65213fe1506b3a.png
[Hide] (57.9KB, 762x1017)

>>685
Same here, I get very little spam from Tor, and none from posters utilizing the the onion service. The most persistent spammer(s) seem to use IPs from a handful of commercial ASNs intended for hosting and VPN services.

Wapchan blocked the vast majority of VPNs and datacenters a week ago, and they haven't got hit with the last few waves of CP.