Author

Topic: Spam from @AlexPromotion | About 800 accounts nuked | Thanks Mods! (Read 752 times)

legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Thanks... They are now resting in peace except - https://bitcointalksearch.org/user/conpavodpanc-1678045 ...
You can nuke him too. My file:///tmp/patrol/download_profiles/1678045.html shows the same spam, I guess it got deleted before he got nuked.
global moderator
Activity: 2324
Merit: 1179
While my guitar gently weeps!!!
Thanks... They are now resting in peace except - https://bitcointalksearch.org/user/conpavodpanc-1678045 ...
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Yup, and it's hard to find them when they are not in the patrol page anymore...
This will help, I found 175 more accounts to nuke:
inregunti
buidamtener
stucinetna
plicmibisra
muscboupedi
gregathmoro
rosunglibi
fentisongsua
evfipukipp
sanheamamu
sieclosunmes
intuticon
huustelsifa
bracerfoobi
podcpocpeche
hilcogenca
pubditamu
deiplorinco
actweakreiryn
phentneppakur
lintobure
travechthogbo
nasdilectles
elpaimapam
genlinslenlang
inesdiaba
promconsooti
lyncpaticul
ratermirot
kudisvitho
lanconetpta
kitmolene
zieterstiter
vocysene
diebrocafar
zerdfebeco
critexdilan
propfethinre
forlinogi
boepaithana
valrbrasinov
quistopomsur
reibatinghar
nesrialikar
wafamilhind
diasiweakke
chestblutdardpanp
itdugoodscom
biolaluvi
conpavodpanc
brelalibva
nfuldaisperok
heuplatnaki
tretmorere
diostalselbni
westbegmortbeech
varegthouta
inmeaviltomw
duppalapea
olcallere
fusstounraro
provabelphin
kecocugar
eratimen
forkakitne
diugioscamav
raucuchoopto
toppwylreto
verthankhasdia
skelgormtotar
resvingdustrem
knowivbolpay
stichloziro
festzenose
chetemroma
zenttopullri
karlichinoc
aranversamp
tokothingma
crosicorpo
faldefortrics
piopammocum
tuvalposig
bitubugtha
dysfericen
providmurpa
sandmistlifilt
remutasu
piaricharbatht
schicamteso
beaupodhoti
sichihampkas
proxcalgoro
fecdauturnding
pecalamo
longgopove
gonarthbackbi
theorapennhe
warbtumama
addilibar
chiffborkompno
eltadiftou
jhandownresbe
stephmontbrasal
grafartura
quinechartnest
raipridmapar
clasasenur
stikinacmei
deripalne
tiberquiplan
trijhardflatin
tiahizbimos
iczonwyebe
nutciomenbarn
houcicorest
kaihopgaipris
tedarliver
vietenpogu
asliheadti
buydupningnonp
deticliaprog
kamplirapsa
crazenabas
setermeyre
alsirafwork
noitrapjeanle
pickgibrlvilbath
dumbpipaci
phopalinlo
meseamanvi
warafagla
thumblescgige
treadviechena
iczuvescho
kranenfolet
logovavi
dalkoresi
simduckflorel
inulinhea
diepreaddisre
terfsuppbookpta
terpcasbezip
idsumaju
lamocorpse
vueprojbackna
arhuraha
paikhanasag
leogreenheartcen
allooooperback
avetasway
prolmeschconri
andepkede
iniggipi
nobcompbodi
pandielota
flicorucstor
avmimopo
vabcondkingres
haharival
diololecla
fijodilca
abfothiro
manegpexi
dismotofra
plememsides
lendisadif
profibschachzo
frositphone
reaclesssubsring
wollchandfitro
unanemin
estagvollkil
hongfestifec
nsurytcaso

These are all accounts from cesmimero to kwormatcure that (still) spam AlexPromotion. I'll keep monitoring for new spam.

Thanks for nuking so many of them!
global moderator
Activity: 2324
Merit: 1179
While my guitar gently weeps!!!
I've seen up to 12 spam-posts per account now, I assume that means not many people bother to report them.
Snip...

Yup, and it's hard to find them when they are not in the patrol page anymore...
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I've seen up to 12 spam-posts per account now, I assume that means not many people bother to report them.

I've downloaded the post history for all accounts created from cesmimero to kwormatcure.
Most of the spam-accounts have posted January 13 already (unless the post got deleted). Unless he has many "unused" accounts left, I hope I can cover almost all of them now, but I'm afraid it's only the tip of the iceberg: it's 3595 accounts from cesmimero to kwormatcure, all created within the same day.

The new list is still processing (it's very inefficient scripting, I didn't optimize it at all), but it also overlaps the previous list that rickbig41 is now nuking. To be continued...

here's more....
I had them all listed already, but I get that it's easy to miss a few while nuking such a long list.
global moderator
Activity: 2324
Merit: 1179
While my guitar gently weeps!!!
I'm on it... Thank you...
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Yep.. Nuked and still nuking... Thanks LoyceV...
Good work! The spam continues with new accounts though. Do you (or another Mod) mind nuking a "few" more?
These accounts are still all created on January 13. Some were on my previous list but weren't nuked yet, most are new (on my radar).

Please nuke:
nrennigaty
amifseerap
leulisursi
clicicovtio
fudddorari
inbomhifo
naereibulcoi
dondigeca
tingnistiduc
stepoutaceh
zilringnapin
provkabrotas
kitmolene
raiwritadros
imteasrehi
valrbrasinov
raicheccessga
racebofi
ffeckewolfdun
biolaluvi
maconnale
serpogeri
hiafratokcon
nornareka
depudinut
festzenose
agusinin
eniminva
bunrajeka
berchecknore
adiralov
biaberdesgkamp
surtydurrio
imafanos
pavenasi
bicederen
arzakolep
mauwresunroy
stephmontbrasal
grafartura
crawdewise
topsrakinsa
casrasornipp
raipridmapar
clasasenur
tiberquiplan
nutciomenbarn
quilasvega
vietenpogu
silknigndarti
slazisamclean
taibloomeden
idsumaju
stocatsoka
hotkiddsarma
andepkede
iniggipi
pandielota
kpotounanam
profibschachzo
quefranfighpa
treadfichsare
tracbarbotfdi
ziakactiti
hairimembme
franlipsbeper
reaclesssubsring
lingnijajets
wollchandfitro
hobbbratedcan
olsifiwith
bioconcida
faipresunit
aroutterpo
unanemin
niratibfo
swanwebsony
inocpekon
mcarytarin
glosavelga
chrissaseno
estagvollkil
waylescampdist
madivewi
ortancomprass
hongfestifec
partcasothe
nsurytcaso
heurexzadu
inzaubermi
zimelifor
borgandfullta
atabmite
bokuhbpesi
teubrochwafich
polmiadescli
oravtreatap
ualprimbarlia
racmafemam
siebaconpa
ygonconte
carcheleghound
hausithoro
bitwatchpurbvi
isinenves

I think it's time to bring newbie jail back in some capacity. I've previously suggested that all new users are essentially shadowbanned and their posts don't show up to anybody but themselves until a moderator checks their account for abuse and then whitelists them (or nukes them). This would put a stop to all bots and stuff like ref spam and people asking them same questions about activity/ranks and other such stupid threads time after time.
I agree, and I'd be happy to do my share in approving/rejecting new users too. Unfortunately, all I can do for now is make very long lists to be nuked.
legendary
Activity: 2968
Merit: 3061
Join the world-leading crypto sportsbook NOW!
I think it's time to bring newbie jail back in some capacity. I've previously suggested that all new users are essentially shadowbanned and their posts don't show up to anybody but themselves until a moderator checks their account for abuse and then whitelists them (or nukes them). This would put a stop to all bots and stuff like ref spam and people asking them same questions about activity/ranks and other such stupid threads time after time.
global moderator
Activity: 2324
Merit: 1179
While my guitar gently weeps!!!
Yep.. Nuked and still nuking... Thanks LoyceV...
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Checking some of the accounts on my list in modlog, I noticed many of them have posts deleted (by Mods). As far as I know, all Mods can nuke Newbies, so why aren't they nuked on sight instead of deleting their posts? The spambot just continues posting the same posts again, until the account gets banned.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I'll test something: every 5 minutes I download patrol, if AlexPromo is still posting I'll script all usernames out of there and give you a nice list to nuke.
I'll let this run for a couple of days.
Downloading patrol actually paid off: Alex started a new spam round. So far I found 447 accounts.
I've only checked a few manually, it could be someone who quotes the spam gets listed too, but it's unlikely as all accounts are registered on January 13.
He's currently still posting new spam with these accounts. The total number of accounts doesn't go up. After nuking all, he may need to create new accounts before he can spam again.

Nuke please (I choose clickable over code-tags):
cesmimero
forfaiconlei
odgridfilmtool
bodenetu
handlatercoa
lopwebpkitkey
manicksutha
laratusen
clatrezcode
fighcounrebur
flachbanktacun
raimerinheart
spelenracti
oropholyz
contrerecon
ithpiddaibo
vilvoivearas
kadmasiri
provgourkuti
dufrerihot
marrearati
poiterpaype
neradcontbarw
rahizamonth
trelkeysonssour
suppdurbarkhe
lamiswojspros
pudenivers
simpcedroataf
coimanvaho
fuzcompblacyl
ebysenllan
predisobaz
neupoiseaga
parestmafoot
viripede
blenalamal
conkeeteke
tingmilucall
terpbekinut
stabamines
cyporfernster
jenylpostca
turhodgfenback
tiofencahot
boablitocor
flaveremga
asarsercent
ryacroupparboy
gortonoda
kingsurpthingadf
founvepapa
ismornedes
respculpdeled
stilexapse
buyslurexsi
adstepineth
storiljanrest
crisadverri
tisrlothiro
ragateker
rompframachan
stopacenos
raltiiforthcost
clubbinomil
doispinopra
vocysene
nierisfipen
temblerdicoun
talcdealpankfa
preemrounddoughtu
arschedanka
momanapro
fenptokevul
webrabudde
caltichalso
carddefoval
haksidega
grafheelftinet
boepaithana
porpasidiff
patgolfwhepert
schoolxentfilta
boysewertlu
ocavtikows
clevocunin
ourakreta
cockpesysre
blotinanach
uaranorad
diasiweakke
ffeckewolfdun
biolaluvi
maconnale
statefpaho
conliafronet
tuselisouff
utahdoubwobb
gitraavicback
leicredkeylear
heuplatnaki
secdanecsuck
pretconwepou
bioflanarbraz
verrinahyd
rossifastman
siheamatnews
hostluraman
roygrisgenmett
varegthouta
exinunun
serpogeri
inmeaviltomw
vabitsema
pueransberquo
canmobagho
olcallere
bancazusthe
purlittceca
fiygregyror
resvingdustrem
punkdoherburg
prorgemecond
aterlital
premlefupel
rakuatofu
vercpresverte
reseponu
mindbumoces
mysqmojacon
zenttopullri
mainitaro
tinecobyc
jouatingrisi
flumquidreadom
aminortys
untomidsfest
tokothingma
faisoftperco
neufihodde
retacheanes
stapoginun
oproggasuc
nifiracpart
bitubugtha
limicharcltim
dischfollitea
ohununnu
rihomeding
concheamosea
proxcalgoro
rotinordta
naitsadexke
inbruxponri
esensulxa
tettertresve
fulldelocan
erelkharun
dirorandsist
stinpawerverb
dicathoter
providthochee
lainorthcarhoy
mirhautravti
whifflighwapsu
sonirepfo
tiochemtena
diageopanet
clinarinlu
cockcompkepi
bicederen
gaicleariqten
presrasurpsusb
riabrugnowsy
quospirenpros
ketpmipita
grafartura
riatoherjeff
quinechartnest
conspartcenxing
hemsiolaju
phowordogour
idcicade
sichesiscount
casrasornipp
raipridmapar
clasasenur
raslipuncgrap
catilora
riadescunan
ketrocamo
tiberquiplan
sosandrido
abenabel
ralegiti
laysigeshist
ecmavagurg
abedinvi
denwootode
workdedisa
anitcihan
thyisindabol
otbermachi
kingnadavi
exoperzar
theidowelvi
smaremcredem
bichadowso
cycdeftmana
ulticpaibes
tedarliver
slovonacun
gisnarasep
azmarmainia
inligualo
nyasteerconba
writfilroment
stamapaler
acisibta
consetachuc
gentregrali
erenextio
greenhofcongpup
ourigrasu
quejutactba
looksmamofes
teitersrete
ancataphi
sosopersoft
konroaneret
misptimuco
consubsrofen
proctorjecyn
liatersico
wemaverte
lassthearwhibe
worlsalrasi
ferettige
normediste
driplosgabi
erenjuero
recurtecil
diotolanso
jacktasempde
rexihohi
slughipmaca
bupetiwhi
fusslicancou
bartcarlhuckcap
railassema
sasbikagor
henspassducke
writbecatni
headnarthcafi
fehenslichrunt
laumuditi
adflutevsub
buihosmompcom
faitensaro
scenazanov
mbolrechunga
mangsidesi
guibobbgaphil
bineconbo
lighsidapop
fullmowebsfroth
bactiotuvi
babdekato
vocomquimul
ithelpaihu
mileakelgcrer
bloopnewsmesu
rearbansteva
kyvinese
nseranlynmo
emmonneuha
raffpillata
skimanerprech
maynogongsmok
envamughsi
recnoyranhost
stanchandrolce
ventiotanmeo
resthedina
bernportnaver
tetixofa
oternetri
treamcepcampche
ilabinra
bokettpygnesl
saufonrakas
windrifelsjek
breakcanlico
enounimfue
sudholelo
bioblacinduc
onracilmelt
photohisna
silettifer
creashellrena
sacmeltcleaneb
fihoufuncpi
sorjuedeter
datspapepfai
trimirkeetas
tieperplearca
deostabinco
kivultymen
dersraltheotran
stifoozmonfe
sandconrila
riacamvewa
tiilislire
mietaloolis
siguaporgai
baupotire
sormedecvern
slumcharlenont
trudartomderw
hipgemewhipp
ciemasroxis
rojebancu
frolconsbribom
bedcaicoote
klesofchabor
kiehuigetbei
bernservtiri
flexabbibee
decoremag
avecagni
myegourilon
ogcudanews
garepoca
arencali
westxandescnewl
lopyperdai
courtliwarde
teaunoripo
kininomul
viowidmaba
fermwarpema
knicgoldbote
tofwiversjam
winsrescdersgo
avquovinra
licomlinet
aronperpa
humidistu
miacokadol
husdyfizent
beschsecompgwen
tyventgrowti
gatytabke
loadarnidisf
tingramite
leiriformea
perscerana
pfehemclinbo
ticomteco
asypapex
dacagapen
parfigenhi
aginprimcu
gaiprememsap
abaqaban
mitsovesli
geobalaxels
lachuckknocper
cuetetiboul
quaiblissamphigh
gelareti
erprimgendi
laslidandprog
peorebambnten
tiodelota
cabnepearbull
tolongcompge
erafschocre
mumbbladunys
rickdidownpenn
taphihanga
razzperrrowcau
encorassle
tersiromo
crafunanan
pregunsligit
kahandsate
wedvichana
raiplenarrei
epleerestda
tingdisberfhoo
pippiticu
ceteburlens
orupener
taucrowicin
globwithscontgrav
isradizi
jennatitpo
thirsnorelo
libenewpbur
weilanrirec
darkgygeti
rahearpupa
viofitzrenma
trepimpyru
tempburtbergo
liansadranbai
sogrevican
signtituhyd
mostsencatib
slediltiport
roewreakinun
hanheyfiram
besdetonec
puimontperdia
storpatuasa
diasafidis
siconnasa
enterveters
puffnolewach
bertvantforve
wyouhaimyostal
ciohonehac
ducmiliva
gravinason
whistgrizzeoter
gielagmawedd
hotnorthrabuzz
fulgesttese
waitingningpe
saleckingval
hirslinheysun
flamatavje
diefidingfo
itspooreasit
rietratvesnue
beckziranpurp
humphxesiti
gueperodti
hedbiolaci
turtlazdownjin
tiopsychnonsli
atcaconsge
bersdemeness
grehdownlane
mokampowom
kwormatcure
administrator
Activity: 5222
Merit: 13032
But all this is still assuming that JS is enabled right?

The well-known timing attack which allows you to completely deanonymize the user if you control the guard and the server (or server's ISP) does not require JS. For example, if the NSA wanted to know everyone who visits antiwar.com regularly, they'd observe antiwar.com's ISP and set up Tor non-exit relays such that you have a 5-10% chance of choosing one of the NSA's relays as a guard every time you start Tor. Over time they'd build a complete list of all IPs for Tor users who visit antiwar.com. It's almost trivial. I'd be surprised if the NSA is not doing this already, possibly for large sections of the entire Internet (especially centralized things like Cloudflare).

VPN/HTTP proxy: a little lock on a diary
Tor: A Master lock. (Note: look up lockpicking videos for Master locks.)

There is currently no anonymity technology which is secure in the way that Bitcoin is secure (against different attacks). Anonymity research is weak, and implementation is even worse. For example, there's something from academia called Riffle which fixes some of Tor's many problems, but nobody's bothered implementing it in a usable form even years after it was published.
hero member
Activity: 1638
Merit: 756
Bobby Fischer was right

On a MITM attack, you can do even better. If you control both Mid and the server, then you know C, D, E, and the Guard identity. A+B is then trivial to calculate. There are only about 6000 Tor nodes, so if you only run one Tor non-exit node, you have something like a 1/6000 chance every 10 minutes to fingerprint the user this way. (That's a really rough estimate; the odds are better because you can exploit Tor behaviors like its IP-space diversity requirements, but worse because selection is not random, and is also based on things like seniority and bandwidth.) Additionally, if a user happens to choose your node as a guard when he starts his Tor session (so a smallish chance ~per day rather than per 10 minutes), then you can completely deanonymize him (ie. get his IP address) when he visits the site; this is a well-known attack which the NSA & friends are probably doing all the time on a very large scale.
But all this is still assuming that JS is enabled right?
Even on the main torproject website some huge headline warns people about JS.
Who in their right mind uses TOR with this enabled? I guess its even off by default now (but I might be wrong).
Yet thanks for this short guide, a little off topic though  Tongue

Also reported few accounts with this massage. Guess its gone... for now.
How about experimental shutdown for new accounts? No more newbies? (account dealing inducing)

edit: O. and BTW staff member is wearing scam(ish) signature @ #11
       100% proven, at least for me.
administrator
Activity: 5222
Merit: 13032
I've never heard of this either. Tor and VPNs are meant to protect you against this sort of stuff and I doubt even the CIA can find this info if you're smart enough (though I believe VPNs can accidentally leak your IP in some ways). What you might be thinking of is browser fingerprinting though which can be very useful to catch alts and just using a proxy won't help you (and I think this should be on the new forum). You might use a different IP for your accounts but you almost certainly won't be using a unique PC or browser for each of your alts and accounts could be collated and searched by them and cross referenced with other data etc. 

A year or two ago I was researching fingerprinting techniques that'd work against pretty much anyone with JavaScript enabled, and I found several promising leads on that front. But then it occurred to me that I don't really want bitcointalk.org to be known as the #1 forum on the leading edge of de-anonymization technology, so I stopped pursuing it seriously...

IMO The most interesting idea I had was that you could probably fingerprint based on latency even via Tor using long-term data collection. A Tor connection looks like:

Code:
User --- ISP --- Guard --- Mid --- Exit --- Server
      A       B         C       D        E

The latencies of connections A, B, and A+B are good fingerprint values; ISPs should have statistically-significant differences in latency to the server if the latency can be determined with enough accuracy. Latency will also uniquely vary over time; ie. latency will go up slightly when your ISP is busy, the schedule of which will be distinguishing. Additionally, Tor selects a handful of guards when it starts and then uses only those, so if you can figure out the complete list of guards, this fingerprints a long-term Tor session across sites and logins.

Connection E can be directly measured, as can A+B+C+D+E if JS is enabled. That alone may be enough for fingerprinting A+B if you collect data over a long period of time. You'd roughly model the random latency distribution of C+D across the entire Tor network (which is not that large and is predictable in several non-obvious ways); then since you have a whole bunch of A+B+C+D+E and E measurements, you can get a good idea of A+B.

You might be able to do even better by taking into account these facts: Tor changes to a new random Mid and Exit every 10 minutes, but it only affects new TCP connections. So you can usually control the timing exactly by opening TCP connections via JS. And it chooses a random Guard only from a small set, with that set being chosen only at the start of the long-term Tor session. So you might be able to get the guard identities (or a fingerprint of the guard identities) and info about the latencies by collecting latency data every 10 minutes via JS and looking at the clusters formed by the handful of different guards.

On a MITM attack, you can do even better. If you control both Mid and the server, then you know C, D, E, and the Guard identity. A+B is then trivial to calculate. There are only about 6000 Tor nodes, so if you only run one Tor non-exit node, you have something like a 1/6000 chance every 10 minutes to fingerprint the user this way. (That's a really rough estimate; the odds are better because you can exploit Tor behaviors like its IP-space diversity requirements, but worse because selection is not random, and is also based on things like seniority and bandwidth.) Additionally, if a user happens to choose your node as a guard when he starts his Tor session (so a smallish chance ~per day rather than per 10 minutes), then you can completely deanonymize him (ie. get his IP address) when he visits the site; this is a well-known attack which the NSA & friends are probably doing all the time on a very large scale.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I spent my session today nuking more than 50 of them and I know there are many more accounts to be nuked. I will probably look into this matter again tonight.
Last time I searched on Google, there were 200+ hits, now it's 600+.

Humans can't win a fight against a spambot. I'll test something: every 5 minutes I download patrol, if AlexPromo is still posting I'll script all usernames out of there and give you a nice list to nuke.
I'll let this run for a couple of days.
staff
Activity: 1718
Merit: 1206
Yield.App
Sadly this guy's legion of accounts doesn't end up here, LoyceV mentioned that he had reported around 100 users related to Alex promotion , but there is a possibility of Alex promotions and hypebtc to be interconnected, as they both follow some what the same pattern.

I spent my session today nuking more than 50 of them and I know there are many more accounts to be nuked. I will probably look into this matter again tonight.
legendary
Activity: 2383
Merit: 1551
dogs are cute.
Quote
Even if the VPN were locked down and no trace of your IP were leaking, this doesn't mean you can commit nefarious acts online without getting found out.  There are log files on every server.  The amount of time logs are kept varies.  With enough resources and legal action, log files from VPNs could be turned over to authorities.  Once they see your real IP, they simply subpoena your ISP and will find out who you are.  Realize that it can be more complicated than the scenario I use above, but my example is to simply help you understand that you're not truly hidden online.
A good VPN doesn't keep logfiles, so there's nothing to subpoena.
Actually, as a matter of fact they do, most of them at the least, they just don't reveal such information to their users.
Aside from technical possibilities, theymos values user's privacy. That alone is a reason not to do this. And in the end I don't expect it'll stop spam anyway, it's the core business for spammers.
I meant that to be done only so that banned users cannot come back but theymos would not want to do such, so what else can one do?
Followed this guy because I thought that I found a pattern (like they signed up 1 account/hour) but it turns out that there is no pattern. Nuked more than 2 dozen of them already.
Sadly this guy's legion of accounts doesn't end up here, LoyceV mentioned that he had reported around 100 users related to Alex promotion , but there is a possibility of Alex promotions and hypebtc to be interconnected, as they both follow some what the same pattern.
staff
Activity: 1718
Merit: 1206
Yield.App
Followed this guy because I thought that I found a pattern (like they signed up 1 account/hour) but it turns out that there is no pattern. Nuked more than 2 dozen of them already.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I'm quoting the admin of whatismyip.com,he had stated this in quora :
Quote
The WebRTC vulnerability could give away your real IP address.  Even if there were no vulnerability, it could come down to how the VPN is set up.  Are they using tunneling?  If not, then everywhere you surf could see your real IP along with the IP of the VPN.  Is the VPN including your IP in their header?
You can of course disable WebRTC.
Quote
Quote
Even if the VPN were locked down and no trace of your IP were leaking, this doesn't mean you can commit nefarious acts online without getting found out.  There are log files on every server.  The amount of time logs are kept varies.  With enough resources and legal action, log files from VPNs could be turned over to authorities.  Once they see your real IP, they simply subpoena your ISP and will find out who you are.  Realize that it can be more complicated than the scenario I use above, but my example is to simply help you understand that you're not truly hidden online.
A good VPN doesn't keep logfiles, so there's nothing to subpoena.
Quote
Obviously not everyone on this forum is a tech savvy bad ass to be as careful and take all measures for revealing your real IP, but I just realized that it just cannot be implemented on this forum, as I began reading more on it, seems to be really hard to implement and theymos alone will almost find it impossible to do such.
Aside from technical possibilities, theymos values user's privacy. That alone is a reason not to do this. And in the end I don't expect it'll stop spam anyway, it's the core business for spammers.
legendary
Activity: 2383
Merit: 1551
dogs are cute.
I've never heard of this either. Tor and VPNs are meant to protect you against this sort of stuff and I doubt even the CIA can find this info if you're smart enough (though I believe VPNs can accidentally leak your IP in some ways). What you might be thinking of is browser fingerprinting though which can be very useful to catch alts and just using a proxy won't help you (and I think this should be on the new forum). You might use a different IP for your accounts but you almost certainly won't be using a unique PC or browser for each of your alts and accounts could be collated and searched by them and cross referenced with other data etc.  
I'm quoting the admin of whatismyip.com,he had stated this in quora :
Quote
The WebRTC vulnerability could give away your real IP address.  Even if there were no vulnerability, it could come down to how the VPN is set up.  Are they using tunneling?  If not, then everywhere you surf could see your real IP along with the IP of the VPN.  Is the VPN including your IP in their header?
Even if the VPN were locked down and no trace of your IP were leaking, this doesn't mean you can commit nefarious acts online without getting found out.  There are log files on every server.  The amount of time logs are kept varies.  With enough resources and legal action, log files from VPNs could be turned over to authorities.  Once they see your real IP, they simply subpoena your ISP and will find out who you are.  Realize that it can be more complicated than the scenario I use above, but my example is to simply help you understand that you're not truly hidden online.
Obviously not everyone on this forum is a tech savvy bad ass to be as careful and take all measures for revealing your real IP, but I just realized that it just cannot be implemented on this forum, as I began reading more on it, seems to be really hard to implement and theymos alone will almost find it impossible to do such.  I reckon even a group of highly qualified front and back end programmers would be able to implement such on this forum.
However, a few websites have cracked down this problem but it's not revealed exactly on how they did such a thing.
legendary
Activity: 2968
Merit: 3061
Join the world-leading crypto sportsbook NOW!
@hilariousetc,can you please request theymos to implement or at least consider this :-
There is this thing which detects your original IP even if you use VPN or anything, so if you're banned, you cannot access your account/s even if you use VPN. Simple as that. If this feature gets implemented, then people won't have to fuss about shit posters.
I had mentioned this in another thread couple of days ago
I don't know what "this thing" is, but a good VPN won't allow any scripts to detect your real IP address, and neither does Tor.
Bitcointalk has units of evil based on IP addresses, it's not perfect but it's something.

I know it's annoying and frustrating but all you can do at the moment is keep reporting them and staff will keep on nuking them.
Don't worry there, I'll keep reporting them Smiley

I've never heard of this either. Tor and VPNs are meant to protect you against this sort of stuff and I doubt even the CIA can find this info if you're smart enough (though I believe VPNs can accidentally leak your IP in some ways). What you might be thinking of is browser fingerprinting though which can be very useful to catch alts and just using a proxy won't help you (and I think this should be on the new forum). You might use a different IP for your accounts but you almost certainly won't be using a unique PC or browser for each of your alts and accounts could be collated and searched by them and cross referenced with other data etc.  
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
@hilariousetc,can you please request theymos to implement or at least consider this :-
There is this thing which detects your original IP even if you use VPN or anything, so if you're banned, you cannot access your account/s even if you use VPN. Simple as that. If this feature gets implemented, then people won't have to fuss about shit posters.
I had mentioned this in another thread couple of days ago
I don't know what "this thing" is, but a good VPN won't allow any scripts to detect your real IP address, and neither does Tor.
Bitcointalk has units of evil based on IP addresses, it's not perfect but it's something.

I know it's annoying and frustrating but all you can do at the moment is keep reporting them and staff will keep on nuking them.
Don't worry there, I'll keep reporting them Smiley
legendary
Activity: 2383
Merit: 1551
dogs are cute.
I know it's annoying and frustrating but all you can do at the moment is keep reporting them and staff will keep on nuking them. I hope the bot will be back soon and an update has been requested as it's badly needed, especially as these bots are now going to be spamming the forum instead of just PMs, but I don't know what the error is exactly and if it was simple then it probably would have been fixed by now.
@hilariousetc,can you please request theymos to implement or at least consider this :-
There is this thing which detects your original IP even if you use VPN or anything, so if you're banned, you cannot access your account/s even if you use VPN. Simple as that. If this feature gets implemented, then people won't have to fuss about shit posters.
I had mentioned this in another thread couple of days ago, if cloudfare is going to block bots, alternatives must be taken into consideration at the very least. If this is implemented, users won't have to spend so much time on reporting users who copy paste, shitpost, create alt accounts to irritate users via pm, create Ann threads every day with their legion of accounts, and the list goes on and on. So if they are banned once, they are banned forever. Workload on staff would considerably reduce. But I don't know how hard this will be to implement.
legendary
Activity: 2968
Merit: 3061
Join the world-leading crypto sportsbook NOW!
I know it's annoying and frustrating but all you can do at the moment is keep reporting them and staff will keep on nuking them. I hope the bot will be back soon and an update has been requested as it's badly needed, especially as these bots are now going to be spamming the forum instead of just PMs, but I don't know what the error is exactly and if it was simple then it probably would have been fixed by now.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
We had a bot to crawl and nuke these users but it hasn't been working since we changed to cloudflare. Just report them manually for now and they'll be quickly dealt with.
I have reported a lot of them yesterday, the problem is that @AlexPromotion uses many different accounts.
When I search on Google for "@AlexPromotion site:bitcointalk.org", it gives me many new accounts. I've just reported about 100 more. At least this is fast again, the forum performs very well at the moment.

Is there any chance the bot-banning-bot will be working with Cloudflare in the future?
legendary
Activity: 2968
Merit: 3061
Join the world-leading crypto sportsbook NOW!
I've seen many posts like this in the past days:

We offer promotion and traffic from the forum bitcointalk and social networks. ROI for our services is 600-2000%.
We offer:
- Send private messages to  Bitcointalk users (Only to users who visited ANN thread last month)
- Twitter promotion (We will do a tweet with a description of your project and will mark one user on each tweet)
- Telegram real chat users
- Private messages to telegram users (A+ target audience)

This is automatic message. For all terms x conditions write to telegram - @AlexPromotion

Would it be possible to ban based on keywords? A telegram-nickname seems to be quite unique, any Newbie posting it should get an instant-ban. Once such a blacklist is in place, it can easily be extended with new keywords.

We had a bot to crawl and nuke these users but it hasn't been working since we changed to cloudflare. Just report them manually for now and they'll be quickly dealt with.

This is a good idea, since there's a guy pming me and all of my project owners offering bumping services and leaving their Telegram (@hypebtc). I would like that anyone who says that gets banned.

Report them and they will.
hero member
Activity: 1232
Merit: 683
Tontogether | Save Smart & Win Big
This is a good idea, since there's a guy pming me and all of my project owners offering bumping services and leaving their Telegram (@hypebtc). I would like that anyone who says that gets banned.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I've seen many posts like this in the past days:

We offer promotion and traffic from the forum bitcointalk and social networks. ROI for our services is 600-2000%.
We offer:
- Send private messages to  Bitcointalk users (Only to users who visited ANN thread last month)
- Twitter promotion (We will do a tweet with a description of your project and will mark one user on each tweet)
- Telegram real chat users
- Private messages to telegram users (A+ target audience)

This is automatic message. For all terms x conditions write to telegram - @AlexPromotion

Would it be possible to ban based on keywords? A telegram-nickname seems to be quite unique, any Newbie posting it should get an instant-ban. Once such a blacklist is in place, it can easily be extended with new keywords.
Jump to: