You are viewing a single comment's thread from:
RE: Case 12: @rtdcs is growing a gang of sock-puppets
Do we know how people are creating lots of accounts? Do they get past the Steemit team or use Anonsteem.
We need someone with a lot more SP to deal with this sort of thing.
Unfortunately, they are going through steem, likely with temporary phone numbers for the sms-verification.
As in almost all my cases, they are simply exploiting the steemit sign-up process with fake credentials. And that's also how they get their initial voting power, delegated by @steem!
Using anonsteem would require an actual investment, cheapskates like these take the free route!
I guessed they were not paying for it. Steemit need to filter out fake phone numbers
Unfortunately, that's probably almost as impossible as filtering out fake emails.
Does Steem use browser fingerprint with a machine learning component. It's very hard to keep a truly clean session and spammer patterns can be found quite quickly.
Looking at how much the steemit.com sign-up process is being exploited, I sometimes doubt that there's anything being checked at all!
Guy, are you still active here?
I need your expertise.
I know it's hard, but other sites have dealt with this too. I do wonder if all accounts should have to be paid for. Even a few dollars would deter such behaviour. I know that's an obstacle to poorer people, but Steemit could get overrun with such 'sock-puppets'. I just don't have the answers for this.
I'll probably discuss this with folk at Steemfest. It's an important topic
I think the proposed change in HF20 does have some potential by creating new accounts with zero voting power but a minimum allocated bandwidth without available stake instead.
At least this does take the incentive out of mass creating new accounts, but I am certain it also opens up some new exploits of its own!
I think there is plenty alternatives to charging people. The would deter most new users.
Perhaps we need an account that we all delegate to that can quash these thieves? Or delegate to Steemcleaners?
No need for us plankton and minnows to delegate anything to steemcleaners.
It is already strong enough to quash these thieves with no action from us except informing it.
You can do this from the Steem API or CLI using your account keys, I created one like that for testing SteemConnect. Every account shows which account created it though, if I remember correctly, so I presume that's how this case was identified?
EDIT: Wrong though apparently ;)
I've seen that there is an Anon setup for new accounts, for people in countries that can't do it the usual way, so someone could step up as many as they wanted this way I assume.
You have to pay for that service. 10 Steem at the moment I think. Not a great way to build a bot army. We need Steemit to detect fake accounts better, but it's not easy to do
6 Steem currently.
I agree there does need to be a better way to detect fake accounts, but those intending to break rules or cheat a system are usually pretty good at what they do.
I would imagine you could do it with a VPN and a few fake Google email addresses. People do this sort of thing for Facebook accounts all the time to create "like farms". I can't imagine it would be much more difficult for Steemit. Once you have the accounts the Steemit API would make manipulating the account actions easy.