You are viewing a single comment's thread from:

RE: Honey Pots are coming! Get ready to help fight spam and earn doing so!

in #steemit7 years ago

We will be rolling out a system to attempt to trap and identify spammers on steemit!

You mean in your project or do you mean “Honeypots are coming to condenser?”

Bots do not post/upvote via the interface as such honeypots on Steemit/condenser are merely a UX failure rather than a well-designed solution. And if they were, they would just go via any interface app.

Sort:  

I am not quite sure what you mean by condenser but our system will be to catch bots that solely exist to spam comments and/or up vote in a spam like method. We are looking for feedback for exactly how we will be rolling this system out.

The interface? I presume you mean steemit.com. All posts are stored on the blockchain as are all votes and comments. Our honey pot posts will very easily tell human beings either not to comment or not to post on that post. If someone does comment or post on them, it is obvious it was a bot not a human being, which is how a honeypot works. Easy for a human to avoid but a trap for a bot.

So you will be rolling out a system which operates on Blockchain level? Or just on Steemit.com (which is the condenser app/interface to the Steem Blockchain).

If the former, how will you operate without a HF because if a bot/spammer submits to a node your system isn’t implemented on it has lost its use already. If your system will operate (solely) on steemit, then it needs to go in the condenser interface which is the front-end on steemit.

I understand what a honeypot is, I just fail to see on what level your honeypot will function: Blockchain or front-end interface.

Or maybe, what you actually mean, is that it will operate within the realm of shadowbot [only]?

It will operate on the blockchain looking specifically at posts we generate automatically. If I make a post and say "DO NOT COMMENT ON THIS POST" and you see 10 comments "Nice post" "Wow awesome". those are spam bots just trying to earn rewards from commenting useless crap! I don't see how it is hard to monitor the blockchain for a post the system created and see if someone violates the post's instructions IE DO NOT COMMENT ON THIS POST.. Condenser app has no bearing on how this will work and is just an interface (wallet) to the blockchain.

Alright then. I’m going to follow this, I’m too interested to see how that will function. Especially without integration by all witness, this is a decentralised ledger after all.

The witnesses have nothing to do with creating a post and monitoring if someone commented on it. The process is the same as embedding an email like DONOTSENDTOTHIS.STEEMIT.DEC03.2017@shadowbot.us anywhere on the internet you can then monitoring WHO sends to it ;)

Send an email there and you get on my email blacklist. I didn't need a witness to do that.. Watch i'll get emails to that account now and they'll get blacklisted..

If you have any input we are still designing this out and need the feedback! Thanks for sharing!

To clarify this is NOT something condensor OR steemit is doing, this is something WE are making that we hope will help identify spammers and get some lists going that we may be able to use in the future. We are not going to initially use the list to do anything other than share it with others to use as they see fit.

I get it now. I was thinking the honeypot would be at a different level. But basically, you are going to set traps by adding more noise to the noise.

What do you think will be the conversion rate? How many of those comments will actually be found by bots. Without using catching techniques such as tag abuse and specific keywords.

Not sure it is still in experiment mode really came out of an idea a few of us had about addressing the bots that are the most annoying, no vote and leave comments seconds after at the top trying to get up votes with something like "Wow so nice post!".

This will be an ongoing evolving idea, but the idea could help us at least identify people who are abusing the system. This will also tie into our internal reporting system which we are also developing internally. The hope is that IF we can build something even halfway useful others may join in and build on top to expand the idea to really help the community!

Every member of ShadowBot will be able to generate these traps which will hopefully allow us to identify some of the abusers of steemit!

Thanks for the input really hope you stick around, you seem very knowledgeable and we really appreciate all the input!

IF it turns out to be a great idea, it may land up being something witnesses want to integrate upstream in the future. But I feel just like email, this is going to have to be a protocol built on top. Like DKIM, SPF and DMARC combined with blacklists, we will have to build lists initially until the protocols either are changed OR the systems (condensor) built on top support them.

I agree with a protocol, which is why I asked where the honeypot would be integrated. But it should be between submission to and the ledger. So on witness, on blockchain, level.

Which means a HF.

Otherwise I fear that this is a very well-meant initiative but the conversion (statistical chance of positives) is too low. And of course the MO is defeat automated comments by means of an automated comment/message but that shouldn’t necessarily be mutually exclusive.

But as said, I’m going to keep an eye on this because I’m very curious about this.

Yes see my comment about @bigdeej's discovery for how we can store CUSTOM_JSON for ANYTHING we want on the blockchain without any change to witness code: https://steemd.com/tx/ca52211257da3f47980e38dc50246fe174eb196f

We feel in the beginning the posts can be fairly simple. But as we progress bots will begin to attempt to detect these types of posts. Part of the system will be tied into our reporting system which allows users to report posts/comments without having to use their VP to down vote. This also creates a flat voting system whereby each account gets the same weight (SP does not matter). This should help prevent abuse in the long run as we tie in our spam filtering. We have a very well trained spam filter for email we believe we can slightly modify the input for to pipe in comments and posts from steemit. Again this is all in the testing/experimenting phase, but the idea seems plausible!

Also we found we can store CUSTOM_JSON on the blockchain so we can actually publish these lists and results to the blockchain without any modification to any witness code. @bigdeeej proved this last week when he stored the current Bitcoin price on the steemit blockchain inside a custom_json request: https://steemd.com/tx/ca52211257da3f47980e38dc50246fe174eb196f