THIS IS A STATIC MIRROR OF USERSCRIPTS.ORG - LOGINS DO NOT WORK

Spam and malware

in Userscripts.org discussion
Subscribe to Spam and malware 3530 posts, 606 voices



Jesse Andrews Admin

I've been deleting user accounts that are spam (removed several thousand so far).

If you find more, post them here, and we will remove them!

 
Peter Bunyan Scriptwright

http://userscripts.org/people/17703
http://userscripts.org/people/16750

Any user from http://userscripts.org/users?page=309 onwards.

You need to start blocking people with certain URLs - anything.trustguide.org should be blocked, for a start.
More's to come.

 
Arvid Scriptwright

http://userscripts.org/users?q=ringtones&commit...
http://userscripts.org/users?q=www&commit=Search
http://userscripts.org/users?commit=Search&q=%40

 
Jesse Andrews Admin

we were thinking about putting a rel="nofollow" on anyone that hasn't commited a script/comment/forum post. but probably shouldn't say that aloud since now they would know how to get around that.

 
Jesse Andrews Admin

deleted the ring tones, trustguides, and the www(s).

Regarding the users that have no username, this is because of a migration issue which is in trac here: http://userscripts.devjavu.com/projects/userscr...

 
Jesse Andrews Admin

http://userscripts.org/users/12853;scripts is probably all spam (and that user)

 
Arvid Scriptwright

Nah, it's just one of them myspace homepages scripts. And a clueless user too.

 
Jesse Andrews Admin

we need to do something about those type of scripts... make it hard to find useful ones

 
Arvid Scriptwright

You should probably do a database search, something likes this:

var possiblySpammers = allUsers.filter(function(v, i, a) {
    if (v.website.match(/\.com\/[a-z]{4}\/[a-z]{4}\.html$/))
      return true;
    else
      return false;
});

(i don't know how express myself in ruby, but i hope you get the point.)

It would catch a lot of spammers like these.

Also, how come this works but not this (capital L in lionel)?

 
Jesse Andrews Admin

the Lionel wasn't working because we weren't downcasing the input, just what we were checking against. Fixed:

http://userscripts.devjavu.com/projects/userscr...

 
Britt Selvit... Admin

Also important to note is that we are doing soft deletes. So if we delete a false positive, when they log in they will be present with the ability to restore their account.

 
MuadDib Scriptwright

I usually add checks like for adding of url/sig during registration, then remove the ability to do those during registration (where applicable). That way, if they try to submit those, it's automated. Thus, spam bot etc, and then ban the ip/email.

 
jordidg Scriptwright

http://userscripts.org/users/22577

 
Vinnie Tesla Scriptwright

Looks like there's a new batch of a few dozen "ringtones" spam addresses. You probably want to clear them out.

 
CoJaBo User

This should not be allowed: http://userscripts.org/scripts/show/5836

 
CoJaBo User

http://userscripts.org/scripts/show/5846
http://userscripts.org/scripts/show/5839
http://userscripts.org/scripts/show/5838

 
Arvid Scriptwright

Well, I think pornographic scripts should be allowed, but they should be marked as such.

 
Henrik N Admin

I think scripts that help users in their pornographic endeavours should certainly be allowed (to the extent that they're not illegal), but those scripts do seem like malware. That, we don't want.

 
CoJaBo User

The script is just to drive traffic to a porn site. I really don't thing that should be allowed.
It would be REALLY BAD for a site to suddenly display ads for a porn site that might easily be mistaken for site's own ads. The user might not realize that the ads are being added by userscripts, and that would reflect badly on the site.

 
Henrik N Admin

Yeah. Seemed like the scripts are definitely malware, sneaking porn adds into what seems like themes. Deleted them.

 
Henrik N Admin

Are these valid? Seem to sneak in links to some MySpace discussion group: http://userscripts.org/users/12853;scripts

 
CoJaBo User

Looks like those also insert banner ads, but they seem mostly harmless, just looks like its promoting a group rather than driving hits for revenue.
However, many sites might not take kindly to 3rd-party advertisements being inserted...

 
Henrik N Admin

CoJaBo: Many sites probably don't take kindly to users modifying their sites at all ;) My concern here is scripts that do arguably bad things that the user didn't expect. Scripts containing porn and/or ads should be fine, but if the point of the script seems to be to sneak your own ads in without the user knowing, I'm not so sure we should allow it.

 
LouCypher Scriptwright

I think us.o should also remove scripts that have bad titles and bad descriptions like this: http://userscripts.org/scripts/show/8004

 
Henrik N Admin

LouCypher: Hm, yes, that metadata is not very useful. I edited the script to use the info in the @[email protected]