Hive @ Spam prevention

[TheLordOfChaos201]

While collecting user names on another site to mass spam people with invites to my club, I realised something

The @ function here on the hive is actually a security fault, not so much that it could damage the hive but it could possible slow it down if I collect 100% of the active users names and then spam them all in one go with the @-username function

Now there is also a positive to this feature, I can also spam people Christmas Blessings, so on behalf of the Hive(and no I did not get permission) I wish you all a Merry Christmas and Christmas eve


@BlackEnvyX
@you171525
@MagicCampaign
@Aeroluna
@Wa666r
@Wareditor
@Thiiago
@00110000
@ThinhHo
@Atasha JG
@ConjurusRex
@MasterBlaster
@paladinjst
@Mechanical Man
@D.3.A.D.
@Screamernail
@HenrkIII
@YetAnotherYoutuber
@istvan921
@Mochi King
@aeman
@Verb8im
@Boriss
@Yoga WP
@nightelfbuilder
@Hjorleif
@Athur12A2
@pyf
@Neruvatar
@TheHerb
@Nero32
@Hayate
@SINERPik
@Erindeir
@Svetli
@KILLCIDE
@Morris
@Lil Emo Prince
@map designer
@Adney
@TheLordOfChaos201
@Championfighter25
@DwarfBoy
@Alxen345
@Mr.Goblin
@Pinzu
@Ralle
@mafe
@raminnio
@cezar221
@Direfury
@gogeta55
@LyunAvine
@Retera
@Kyrbi0
@pick-a-chew
@JLeonard
@Yugata
@Ulfsire

Let's hope I don't get banned for Christmas ^_^, TheLordOfChaos201 The hive's self appointed number one Knuckle Head Hive Bug Puncher

 

[HappyTauren]

THW forces you to wait 30 seconds before posting another post, meaning you can only do this every 30 seconds. And even then, all it does (server side) is create a notification for the user, and place it in a database. XenForo has a default post character limitation of 10000 characters, which I doubt Ralle has changed. If a username has 8 characters on average, that's 1000 tags at most per post (because you need at least one whitespace character between them, as well as a @ sign. If you use the absolute minimum of 3 letters, that's still 5 characters, so the limit is 2000. The number might seem high, but it really isn't. THW's database can deal with way more stuff than that, it doesn't even scratch it. XenForo has some bugs and abuses, but this isn't one of them, and there are plugins and hotfixes for most of those anyways.

It is likely that uploading a map puts more strain on THW's server than what you described, but I don't know the exact numbers since I don't know how the maps get parsed. You could probably upload a huge model with a bazillion generated by code, with a ton of dummy animations and vertices and stuff, and it'd put more strain on THW's server, and it still wouldn't be enough to cause any significant slowdown.

Also, you didn't tag me for a Christmas message, should I assume you don't want me to have a MerryChristmas™? That's rude.

 

[TheLordOfChaos201]

@HappyTauren, sorry for not tagging you. I only tagged those who were currently online^-^

I suppose spamming users won't slow the hive down but it will annoy a lot of users. plus you have to remember all those users log on and check all the mentions... which I think will actually improve hive?

I guess a very poor argument oh but I did notice something. you can't add a hashtag list of over 500. I'm not sure if that is intentional or just too much for the hive to handle.

I suppose the only harm is if someone makes 100 bot accounts and each posts 1000 usertags every 30 seconds

and finally Merry Christmas and Christmas eve to you^-^

 

[HappyTauren]

I guess a very poor argument oh but I did notice something. you can't add a hashtag list of over 500. I'm not sure if that is intentional or just too much for the hive to handle.

I didn't factor in the tag limit, I assumed it'd be in the thousands. So yeah, I guess even > 500 is impossible.

I suppose the only harm is if someone makes 100 bot accounts and each posts 1000 usertags every 30 seconds

This still wouldn't do anything, since writes/reads to/from a database are really fast. But as you said, it could annoy a lot of people.

All this being said, reducing the maximum number of tags to 100 would help against this a bit, but if someone (for example) wants to credit more than 100 people in their project, it'd be impossible to post it in a thread. So yeah, I don't think the limit should be reduced on the basis that someone can abuse it, because you can "abuse" things in other ways that are equally as annoying, but users who spam and abuse will just be brought to justice with the BanHammer.

and finally Merry Christmas and Christmas eve to you^-^

It was a tongue-in-cheek joke. But happy holidays to you, as well.

 

[pyf]

[...] I wish you all a Merry Christmas and Christmas eve [...] @pyf [...]

Merry Christmas too.

[...] I wish you all a Merry Christmas and Christmas eve [...] @TheLordOfChaos201 [...]

So you are wishing a Merry Christmas to... yourself too?

 

[TheLordOfChaos201]

Merry Christmas too.

So you are wishing a Merry Christmas to... yourself too?

hey can't I wish my multipersonalities a happy Christmas too?

 

[chobibo]

I'm hurt, you didn't greet me.

 

[Rui]

Working on the other XenForo I'm a moderator at, I believe tagging more than a few will cause the server to not submit any notifications. I tested it with over 50 people and many reported not receiving anything. It might be something configurable.

 

[HappyTauren]

Oh well, seems like XenForo has more safety nets than I thought.

 

[TheLordOfChaos201]

Working on the other XenForo I'm a moderator at, I believe tagging more than a few will cause the server to not submit any notifications. I tested it with over 50 people and many reported not receiving anything. It might be something configurable.

really!

that takes all the fun out of it. ok I'll keep looking for possible errors. what do you know about the tag system?

I was trying to send 350 000 different tags to the tag system but it never allows you to send. I eventually found it only sends under 500 tags. my question is, would it slow the server in any way?

perhaps if I were to run my data miner on live script? that would mean my computer alone would be accessing the site 300 times a second?

or maybe I could..... what is the limit on thread submissions? how would that screw the hive? or how about sending a blank file to the hive, I know sending a 0 bytes file can screw up some servers and cause crashes.

or how about if I just send a virus I know for a fact that the hive automatically repacks zip files searching for malicious content. if I however created a virus, and being that this virus will not be in any data bases (undetectable) it could auto unpack server side and blow up the current version of the hive!

ok I'll begin work on that. in the mean time I'll send a simple windows only virus. if the repack system is windows, boom!

that will help the hive right

 

[chobibo]

Or you'll just get yourself banned4lyf.

 

[TheLordOfChaos201]

Or you'll just get yourself banned4lyf.

don't be silly, if the hive is destroyed no one can ever get banned for life ever again ^-^

 

[chobibo]

[citation needed]

 

[Rheiko]

I'm hurt, you didn't greet me.

you ain't alone, buddy.

 

[MagicCampaign]

Merry Christmas

 

[Naze]

Alright, I deleted his post and he just got a warning for posting malicious software. Thread cleaned.

 

[chobibo]

And so, Nerevar fulfills his destiny.

 

[Chaosy]

I suppose it can be abused to some extent, but it is probably just an annoyance at worst.

There could be a hardcoded limited for the number of tagged users in a post. I doubt no one will ever tag more than 25 users for example. Not in a meaningful way.

 

[TheLordOfChaos201]

I suppose it can be abused to some extent, but it is probably just an annoyance at worst.

There could be a hardcoded limited for the number of tagged users in a post. I doubt no one will ever tag more than 25 users for example. Not in a meaningful way.

the other possibility is sending personal messages to hive. with every 20 or so pm's a thousand hivers can be spammed

it would be annoying but ultimately harmless