[racket] planet bug reporting system: taken over by spam

From: Ray Racine (ray.racine at gmail.com)
Date: Sat Mar 16 12:18:40 EDT 2013

Hyperloglog with a sliding window on the IP or src/dest connection ports.
http://algo.inria.fr/flajolet/Publications/FlFuGaMe07.pdf
Page 140, Cool but simple algo to implement.  Could be added to the Racket
HTTP Server as a DOS capability.


On Sat, Mar 16, 2013 at 10:15 AM, Robby Findler <robby at eecs.northwestern.edu
> wrote:

> Woah! I should have checked: I think they were all coming from the same ip
> address. I've blocked that IP address and lets see what happens.
>
> Thanks.
>
> Robby
>
>
> On Sat, Mar 16, 2013 at 9:04 AM, Laurent <laurent.orseau at gmail.com> wrote:
>
>> I don't how much of this is done right now, or is feasible, but just in
>> case here are some suggestions:
>> - Don't allow more than 5-10 bug reports in one hour from the same IP,
>> with possible ban (+ visual warning)
>> - Use something like SpamAssassin, tuned toward bug-reporting
>> - Restrict bug reporting to registered users only (but this is probably a
>> bad policy)
>> - Make the user pay $1 for each bug report (+ optionally introduce random
>> bugs in Racket), and pay me back 50% for the idea.
>>
>> Laurent
>>
>>
>> On Sat, Mar 16, 2013 at 2:39 PM, Robby Findler <
>> robby at eecs.northwestern.edu> wrote:
>>
>>> Hi all: I'm sorry to say that I've just disabled planet's bug reporting
>>> system. Over the last 24 hours, we've gotten about 2,000 spam bug reports.
>>> (They are all gone now.)
>>>
>>> I'm also sorry to report that I deleted bug number 509 by accident (it
>>> was not spam).
>>>
>>> The bug report system was using recaptcha (still is there, actually if
>>> you want to see: http://planet.racket-lang.org/trac/newticket) but
>>> apparently that's now been broken.
>>>
>>> I'm not sure what's the right approach to take in fixing this, so if
>>> people have suggestions I'm all ears and motivated in a way that I wasn't
>>> last time this came up on the list.
>>>
>>> Robby
>>>
>>>
>>> ____________________
>>>   Racket Users list:
>>>   http://lists.racket-lang.org/users
>>>
>>>
>>
>
> ____________________
>   Racket Users list:
>   http://lists.racket-lang.org/users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.racket-lang.org/users/archive/attachments/20130316/dab6d66d/attachment.html>

Posted on the users mailing list.