Chat Bot

Am I right to be concerned about the possibility of Chat Bots on this site?

There are a few concerning posts and, as I don't know much about these things, I'm not sure if I'm worrying over nothing here? Can they cause harm to individuals in any way on this type of chat site? 

If I'm being ridiculous, someone please tell me so! (I will be more relieved than offended.)

  • I have noticed that recently some threads have been copied almost completely one to one and opened as new ones by other people?

    Thank you, for letting us know. Otherwise, I would be replying to them. I already replied to one.

    Why is that?

    It does not make any sense.

    Why would people do that?

  • Why is that?

    It does not make any sense.

    Why would people do that?

    see if you can think of a possible reason which results in money for the person doing it?

  • I cannot think of any possible reason which results in money for the person doing it.

    Am I stupid?

  • Concerning that last Post with the four quotes, there...

    Thanks, DongFeng5 for the reply. I tried about 5 times to edit this Post, to erase the Quotes to shorten it... but I cannot! Another thing to note, maybe: always leave spaces between multiple Quotes...?


  • Never mind, it wouldn't work for long anyway. All the bot author has to do is add an extra space between two of the words in the pasted content, and the hash value will be something different, defeating the check. The NAS would have to look at this class of software instead:

    That's a better fit for the problem at hand, and should give a score on how similar a new thread submission or reply is to an existing one that could have been automatically mined by some executable code.

  • 1. The NAS create their own daemon to peruse each thread OP and subsequent reply on the site, generating hashes of the bits which are NOT a quote of other users' content, then they store them in a SEPARATE database.
    2. When a new thread or reply is created, it initially goes into a holding area where the NAS automated tools can scrutinise it but the rest of us can't yet see it.
    3. An automated tool calculates a hash of the new content, then compares it against the existing database of hashes, resolving collisions as required.
    4. Any content where a duplicate is being submitted will be flagged for human moderator approval, alongside a copy of the original content which hashed to the same value.

    ...The "Quote"function does not always work correctly, and so I had to quote four times in order to re-quote all of that. I do so in the hope (...) that NAS (WebPM, probably) notices it and reads it.

  • Glad Tidings... I am still looking, and I see this. (I am not good at chat, though). Thanks... I am a bit calmer, now!

  • Suggested title: Potential security risks of using the NAS forum at home or one's place of employment.

  • Mr.Missile/CarCompany (!)... 

    I was going to type some replies to this Thread... but then you come here and fairly explode a grand amount of perspicacity. 

    I do not not know what to say...! But do you recall the ASCII Thread which I began  a while back? All of what you and Cassandro (and "Ellie") say... is fairly screaming out for this New Thread!! WebPM even once joined your good self in conversation, yet I interrupted it, suggesting a new Thread there as well - do you recall that?


    (If I have to start it, then suggest titles, please...?)

  • In this sense, one may perhaps view an online autistic community as a fertile plain in which to grow a botnet capable of subsequent DoS attacks on multiple third parties.

    Large corporates are now more wary of phishing attacks and have trained their staff better accordingly, but -- oh hang on a minute -- none of you actually use this site from your place of work (or on the machine you use for work at home or banking), do you?!?!?

    If any of you answered, "Erm... yes...?", that's probably the explanation. Persons unknown have twigged that autistic folk may be at times vulnerable and naïve. That makes us easier pickings for phishing and -- worst of all -- a very "social-engineer-able way-in" to many companies which happen to employ autistic staff. Far easier to get someone autistic to click this harmless link when they are relying on these forums for support, rather than hope that unsolicited emails offering n0rp videos might still be successful despite the multi-level email filtering that is employed by most companies.

    Luckily -- so far, at least -- the fact that several of us (Disallowed Cynosure, Cassandro and others) have near-photographic memories is probably getting the better of many of the most ham-fisted attempts. Unfortunately, the authors will learn empirically from their failed attempts and evolve their unwelcome creations. And at least some of us may well have already been unwittingly pwned by the better attempts.

    Somehow, we shall need to collectively tilt the playing-field for them so that they leave us alone and go after softer targets instead...

    How about this lousy idea which won't work for long:

    1. The NAS create their own daemon to peruse each thread OP and subsequent reply on the site, generating hashes of the bits which are NOT a quote of other users' content, then they store them in a SEPARATE database.

    2. When a new thread or reply is created, it initially goes into a holding area where the NAS automated tools can scrutinise it but the rest of us can't yet see it.

    3. An automated tool calculates a hash of the new content, then compares it against the existing database of hashes, resolving collisions as required.

    4. Any content where a duplicate is being submitted will be flagged for human moderator approval, alongside a copy of the original content which hashed to the same value.

  • I suppose a CopyBot might have been deployed in the hope that it will manage to interactively regurgitate a formulaic "autistic journey"-type thread sufficiently well that it manages to earn enough trust from us to fall for it hook-line-and-sinker when it subsequently says click this harmless link...?

Reply Children
  • Concerning that last Post with the four quotes, there...

    Thanks, DongFeng5 for the reply. I tried about 5 times to edit this Post, to erase the Quotes to shorten it... but I cannot! Another thing to note, maybe: always leave spaces between multiple Quotes...?


  • Never mind, it wouldn't work for long anyway. All the bot author has to do is add an extra space between two of the words in the pasted content, and the hash value will be something different, defeating the check. The NAS would have to look at this class of software instead:

    That's a better fit for the problem at hand, and should give a score on how similar a new thread submission or reply is to an existing one that could have been automatically mined by some executable code.

  • 1. The NAS create their own daemon to peruse each thread OP and subsequent reply on the site, generating hashes of the bits which are NOT a quote of other users' content, then they store them in a SEPARATE database.
    2. When a new thread or reply is created, it initially goes into a holding area where the NAS automated tools can scrutinise it but the rest of us can't yet see it.
    3. An automated tool calculates a hash of the new content, then compares it against the existing database of hashes, resolving collisions as required.
    4. Any content where a duplicate is being submitted will be flagged for human moderator approval, alongside a copy of the original content which hashed to the same value.

    ...The "Quote"function does not always work correctly, and so I had to quote four times in order to re-quote all of that. I do so in the hope (...) that NAS (WebPM, probably) notices it and reads it.

  • Glad Tidings... I am still looking, and I see this. (I am not good at chat, though). Thanks... I am a bit calmer, now!

  • Suggested title: Potential security risks of using the NAS forum at home or one's place of employment.

  • Mr.Missile/CarCompany (!)... 

    I was going to type some replies to this Thread... but then you come here and fairly explode a grand amount of perspicacity. 

    I do not not know what to say...! But do you recall the ASCII Thread which I began  a while back? All of what you and Cassandro (and "Ellie") say... is fairly screaming out for this New Thread!! WebPM even once joined your good self in conversation, yet I interrupted it, suggesting a new Thread there as well - do you recall that?


    (If I have to start it, then suggest titles, please...?)

  • In this sense, one may perhaps view an online autistic community as a fertile plain in which to grow a botnet capable of subsequent DoS attacks on multiple third parties.

    Large corporates are now more wary of phishing attacks and have trained their staff better accordingly, but -- oh hang on a minute -- none of you actually use this site from your place of work (or on the machine you use for work at home or banking), do you?!?!?

    If any of you answered, "Erm... yes...?", that's probably the explanation. Persons unknown have twigged that autistic folk may be at times vulnerable and naïve. That makes us easier pickings for phishing and -- worst of all -- a very "social-engineer-able way-in" to many companies which happen to employ autistic staff. Far easier to get someone autistic to click this harmless link when they are relying on these forums for support, rather than hope that unsolicited emails offering n0rp videos might still be successful despite the multi-level email filtering that is employed by most companies.

    Luckily -- so far, at least -- the fact that several of us (Disallowed Cynosure, Cassandro and others) have near-photographic memories is probably getting the better of many of the most ham-fisted attempts. Unfortunately, the authors will learn empirically from their failed attempts and evolve their unwelcome creations. And at least some of us may well have already been unwittingly pwned by the better attempts.

    Somehow, we shall need to collectively tilt the playing-field for them so that they leave us alone and go after softer targets instead...

    How about this lousy idea which won't work for long:

    1. The NAS create their own daemon to peruse each thread OP and subsequent reply on the site, generating hashes of the bits which are NOT a quote of other users' content, then they store them in a SEPARATE database.

    2. When a new thread or reply is created, it initially goes into a holding area where the NAS automated tools can scrutinise it but the rest of us can't yet see it.

    3. An automated tool calculates a hash of the new content, then compares it against the existing database of hashes, resolving collisions as required.

    4. Any content where a duplicate is being submitted will be flagged for human moderator approval, alongside a copy of the original content which hashed to the same value.