| 1 |
The abuse of this kind of system should be taken into account, since it may be quite easy for someone to create a bot (or whatever) capable of feeding the system with fake data, and by consequence destroy its reputation. |
| 2 |
|
| 3 |
However, I agree this issue should not complicate the system setup. There are problems with the approach I've described, in particular for users who maintain more than a couple of Gentoo boxes (it may be inconvenient even for people who run more than one machine, due to the fact it's necessary to have one key per machine). |
| 4 |
|
| 5 |
Debian's popularity-contest uses SMTP as its transport, both to avoid the need for constant internet connection and to have some means to ensure the identity of every contributing machine. I'm not sure SMTP can help on the identification of users at all, and it may complicate the setup even more for users who don't have local MTA spools set (and which want to participate but don't have constant connectivity), so I've discarded it. |
| 6 |
|
| 7 |
Also, using the machine's IP addresses as a measure of abuse (by investigating how many posts occur for a given address) may lead to bad results, since some users have more than one machine under a 1:n NAT. |
| 8 |
|
| 9 |
In the end, it may be better to simply avoid the signup, and use some 'loose' approach, which is to ask the user's e-mail to be used just in the case of abuse detection (of course a 'bad' user could provide a fake e-mail address, but in this case, after the detection of abuse and a unsucessful attempt to contact the user, all his provided data can be set to be automatically rejected by the server-side system). |
| 10 |
|
| 11 |
But it may happen there's a better approach for this whole problem.. Any thoughts? |
| 12 |
|
| 13 |
On Sun, 16 Jun 2002 17:12:52 -0400 |
| 14 |
"Faust Tanasescu" <faust_tanasescu@×××××××.com> wrote: |
| 15 |
|
| 16 |
> >From: Rufiao <rufiao@×××.net> |
| 17 |
> >Reply-To: gentoo-dev@g.o |
| 18 |
> >To: gentoo-dev@g.o |
| 19 |
> >Subject: [gentoo-dev] RFP: System to account users configurations |
| 20 |
> >Date: Sun, 16 Jun 2002 17:16:21 -0300 |
| 21 |
[...] |
| 22 |
> > |
| 23 |
> >In the client side, the procedure to provide data for the system is the |
| 24 |
> >following: |
| 25 |
> > |
| 26 |
> >- User emerge the package, which: |
| 27 |
> > - Sets a crontab entry to let the system run periodically, possibly |
| 28 |
> > requiring user intervention to specify when the system should run |
| 29 |
> > - Points to an URL (in the gentoo.org domain) for signup |
| 30 |
> >- User go to the provided url, which requests the e-mail from the user, and |
| 31 |
> > that the user transcribe a random 4-letters message shown as an image to |
| 32 |
> > a text box. These requirements are used to ensure, as long as possible, |
| 33 |
> > the autenticity of the data and to avoid automated signups |
| 34 |
> |
| 35 |
> Users are required to 1) want to participate to this survey 2) asked when |
| 36 |
> system should run information grab 3) go to URL to subscribe to service 4) |
| 37 |
> get magic key from server 5) set up client system 6) check it runs well. |
| 38 |
> |
| 39 |
> We don't have many users and setup is very complicated to my taste for |
| 40 |
> somethng that brings nothing to me as a gentoo user. And we want people to |
| 41 |
> sue this. the more, the better. |
| 42 |
> I don't know about this, but as a gentoo user, if a system like this were |
| 43 |
> available I would not bother installing it. It is way too lenghty and I get |
| 44 |
> nothing out of it as an individual. |
| 45 |
> |
| 46 |
> I propose making this whole process a lot simpler for the client. What we |
| 47 |
> must keep in mind is that no system is perfect, and to not fall into |
| 48 |
> paranoia. I therefore propose shortening the setup of this survey system to |
| 49 |
> something smaller. |
| 50 |
> |
| 51 |
> 1) user required to emerge package. |
| 52 |
> 2) they are asked when the collect should run |
| 53 |
> |
| 54 |
> and that's it |
| 55 |
> |
| 56 |
> now how to keep people from abusing of this system is a whole new question |
| 57 |
> and I think we should treat it separately. However I'd like to propose |
| 58 |
> something as well. |
| 59 |
> |
| 60 |
> it's the server's duty to protect itself from idiots. When client connects |
| 61 |
> to server to upload it's information file, the server sends the client a |
| 62 |
> unique key that expires after 1 week or couple days.. depends on how often |
| 63 |
> we want input. If client tries to send input again it could remove the key |
| 64 |
> file of course and claim it's new to the service, that's why the submitter's |
| 65 |
> IP address needs to be recorded for first-time users as well. |
| 66 |
> |
| 67 |
> Of course system is not perfect... the idiot could change his IP address of |
| 68 |
> course no problemo ... he could disconnect/reconnectto his ISP or something |
| 69 |
> similar but that would be rael stupid. I don't think that many people would |
| 70 |
> actually attempt that. |
| 71 |
> |
| 72 |
> I think that the person who would attempt this, if it's ever going to |
| 73 |
> happen, it's because our user base has grown very, very large and his impact |
| 74 |
> would be minimal to our system. |
| 75 |
> |
| 76 |
> |
| 77 |
> This is just an idea.. i'm sure there are better... |
Archives