All forums marked as unread
|
Joined: Aug 2009
Likes: 7
|
OP
Joined: Aug 2009
Likes: 7 |
This morning, all FTM forums except Frequently Asked Mac Questions and Mac FAQ Discussion appeared as if I had never read them. I tried logging out/in but that didn't help. Deleting the FTM cookie and the Safari cache and then re=logging in was unsuccessful. I had installed AdBlock yesterday so I disabled it but that didn't solve the problem.
Other sites seem unaffected so I assume that something is wonky with FTM.
Last edited by jchuzi; 05/08/14 09:42 AM.
Jon
macOS 11.7.10, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P600, Photoshop CC, Lightroom CC, MS Office 365
|
|
Re: All forums marked as unread
|
Joined: Aug 2009
Likes: 15
|
Joined: Aug 2009
Likes: 15 |
You missed it!
I don't know if it was a denial of services attack or what, but we got hit with a bit more than 1,050 spam posts (Oakley Sunglasses) in a coupl'a hours...every forum, which is why FTM looked like you had never read anything. (They came up faster than I could refresh my browser page.)
The new Great Equalizer is the SEND button.
In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
|
|
Re: All forums marked as unread
|
Joined: Aug 2009
Likes: 7
|
OP
Joined: Aug 2009
Likes: 7 |
Thanks, Artie. All seems well right now.
Jon
macOS 11.7.10, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P600, Photoshop CC, Lightroom CC, MS Office 365
|
|
Re: All forums marked as unread
|
Joined: Aug 2009
Likes: 4
|
Joined: Aug 2009
Likes: 4 |
Having been one of those who notified the moderators of the spam bombing, I hope that one or more will chime in about what happened and whether it can be avoided in future. They did a nice job of cleaning it up in the past couple hours. It certainly seems as though FTM forums were specifically targeted.
|
|
Re: All forums marked as unread
|
Joined: Aug 2009
Likes: 7
|
OP
Joined: Aug 2009
Likes: 7 |
Maybe FTM should feel complimented? After all, the spammers must think that we have such a wide audience that it's worth their while.
Jon
macOS 11.7.10, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P600, Photoshop CC, Lightroom CC, MS Office 365
|
|
Re: All forums marked as unread
|
Joined: Aug 2009
Likes: 14
|
Joined: Aug 2009
Likes: 14 |
I don't know if it was a denial of services attack or what, but we got hit with a bit more than 1,050 spam posts (Oakley Sunglasses) in a coupl'a hours... I saw it when I opened the site much earlier this morning and thought: "What the……?" To the folks who cleaned up that mess in such short order, "Well done!"
ryck
"What Were Once Vices Are Now Habits" The Doobie Brothers
iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4 OS Ventura 13.6.3 Canon Pixma TR 8520 Printer Epson Perfection V500 Photo Scanner c/w VueScan software TM on 1TB LaCie USB-C
|
|
Re: All forums marked as unread
|
Joined: Aug 2009
Likes: 1
|
Joined: Aug 2009
Likes: 1 |
Looking at the server logs, it doesn't seem to be a denial of service or a particularly targeted attack--just run of the mill bot spam with a misconfigured bot. (Most spam bots are programmed not to hit one target more than a certain number of times to avoid tripping automatic protection; this one was probably just badly configured by the spammer.)
|
|
Re: All forums marked as unread
|
Joined: Aug 2009
Likes: 15
|
Joined: Aug 2009
Likes: 15 |
> (Most spam bots are programmed not to hit one target more than a certain number of times to avoid tripping automatic protection; this one was probably just badly configured by the spammer.)
Isn't UBB.threads's lack of automatic protection also bad configuration?
The new Great Equalizer is the SEND button.
In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
|
|
Re: All forums marked as unread
|
Joined: Aug 2009
Likes: 1
|
Joined: Aug 2009
Likes: 1 |
UBB.threads, sadly, lacks automatic flood control and other defenses. Its only defense is a database of known bad IP addresses and forum poster names, and that's not a very effective defense at all when faced with botnets.
I've done some more research, and discovered the spam flood is primarily linking to poorly secured servers in Italy and Switzerland which have been hacked. These hacked servers contain links and redirectors to an Amazon affiliate ID, "as_acph_ap_fallhbag_910_on" (probably automatically generated and possibly one of many). The purpose of the spam run appears to be to generate revenue by Amazon affiliate linking.
I've notified Amazon's security team of thie abuse by this affiliate ID, and notified the Web hosts of the network of compromised servers that they have security issues. With luck, Amazon will shut down the affiliate account--removing the economic incentive to spam appears to be the most effective way to deal with it.
|
|
Re: All forums marked as unread
|
Joined: Aug 2009
Likes: 15
|
Joined: Aug 2009
Likes: 15 |
It looked to me like the spam could only be taken down in blocks of 25 posts, and that, combined with its lack defenses, marks UBB.threads as seriously deficient.
Allowing 1,000 posts to go up is bad enough, but not facilitating their removal is compounding the injury.
The new Great Equalizer is the SEND button.
In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
|
|
Re: All forums marked as unread
|
Joined: Aug 2009
Likes: 1
|
Joined: Aug 2009
Likes: 1 |
I'm not disagreeing with you. There are some shortcomings to this software, among them being that it seems to be increasingly poorly supported as time goes on. I'd like to see more robust antispam defenses, Facebook integration (I know not everyone likes Facebook, but the fact is, allowing people to log in with Facebook increases participation tremendously), and better management tools.
|
|
Re: All forums marked as unread
|
Joined: Aug 2009
Likes: 1
|
Joined: Aug 2009
Likes: 1 |
Quick update: I just heard back from Amazon's security team. They revoked the Amazon affiliate account of our spammer, so he won't be making any money from his run on FTM.
|
|
Re: All forums marked as unread
|
Joined: Aug 2009
Likes: 15
|
Joined: Aug 2009
Likes: 15 |
Just to add a bit of curious perspective to this incident, the spammer first hit at around 2:30AM and left only five posts; he/she/it then came back at around 4:30AM, and that's when the floodgates opened.
The new Great Equalizer is the SEND button.
In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
|
|
|
|