Bitcoin Forum
October 17, 2018, 04:34:51 AM *
News: Make sure you are not using versions of Bitcoin Core other than 0.17.0 [Torrent], 0.16.3, 0.15.2, or 0.14.3. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: Bounty stats by rank+possible security issue  (Read 294 times)
hotforblockchain
Member
**
Offline Offline

Activity: 98
Merit: 20

DECOIN.io


View Profile
August 29, 2018, 10:44:53 PM
Merited by Welsh (5), mazdafunsun (4), Piggy (1), iasenko (1), coinlocket$ (1), DdmrDdmr (1)
 #1

Hi!
The idea.
Since there is a lot talk about bounty campaigns and who are participating in them but I haven't seen any data collected about this, I decide to research them a bit more, my initial goal was to collect data from bounty campaign sheets and give some quantitative analysis.
What I actually did
I did collect data  from 11 Signature bounty campaigns and about users who participate in them, collected the regular stuff shown in these sheets. I tried to collect data from different managers who accept Jr.Members because it is becoming clear that most Juniors are here only to spam and use this forum for a quick buck. I filtered those users who were accepted in these campaigns and  looked and the rank distribution, you can see this data below.





This shows that there is a lot of Jr.Members participating in these bounties, on average there are 40% Jr.Members in signature campaigns.

Unfortunately Twitter campaigns and Facebook campaigns do not register the rank of the member so i could not research them.

This all was nothing special or surprising, but one thing was alarming.

While i was going trough these campaigns I noticed one alarming thing, some of the managers are doing a poor job of protecting data. With data I mean emails of users, I found that 2 of 11 bounty campaigns did not protect sheets and emails of users can be easily copied.  This is alarming because emails in wrong hands could lead to hacked accounts, could this be the reason why there are so many hacked accounts constantly?

I do think that these managers should be warned and in case they dont listen - marked as untrusted members, i would not want to trust my data with someone who dont lock their spreadsheet.

You get merit points when someone likes your post enough to give you some. And for every 2 merit points you receive, you can send 1 merit point to someone else!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1539750891
Hero Member
*
Offline Offline

Posts: 1539750891

View Profile Personal Message (Offline)

Ignore
1539750891
Reply with quote  #2

1539750891
Report to moderator
1539750891
Hero Member
*
Offline Offline

Posts: 1539750891

View Profile Personal Message (Offline)

Ignore
1539750891
Reply with quote  #2

1539750891
Report to moderator
1539750891
Hero Member
*
Offline Offline

Posts: 1539750891

View Profile Personal Message (Offline)

Ignore
1539750891
Reply with quote  #2

1539750891
Report to moderator
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1162
Merit: 1111


View Profile
August 29, 2018, 11:02:05 PM
 #2

This is a well known issue and someone was actively previously contacing managers and posting information publicly in order to get them to comply and remove users' emails from their spreadsheet.

It is interesting to see the number of higher ranked members in those campaigns, it would be interesting to see how their post quality is actually reflected by being in those ampaigns if they're joining bounty campaigns instead of more permenant campaigns with a fixed pay (as I undersatnd it, the people in campaigns enter some sort of pool and get a "share" of the entire pool based on the number of entries they have in it).

The Pharmacist
Legendary
*
Offline Offline

Activity: 1302
Merit: 1765



View Profile
August 29, 2018, 11:06:19 PM
 #3

Wow, I didn't even realize how many participants there were for all those bounties.  Betcha about 40% of those are alt accounts across the different bounties, and probably within single ones as well.

No surprise that Jr. Members make up the bulk of them.  Decent, bitcoin-paying campaigns are generally shunning noobs at this point, which I think is an excellent thing.  The only way they can make money with their spamming is through these shady token bounties, and all it takes is 2 weeks before a brand new account ranks up to Jr. Member, so they keep creating them in bulk.  It makes me want to vomit, but we all know it's happening.

As far as the security goes, that's on the participants.  If they're silly enough to provide their real e-mail account or any other identifying information, they're just asking to get their identity stolen or have their inbox spammed incessantly.  There's not much this forum is going to do to prevent that.

pugman
Legendary
*
Offline Offline

Activity: 1260
Merit: 1300


Sliding in ya DM's be like


View Profile WWW
August 29, 2018, 11:20:15 PM
 #4

While i was going trough these campaigns I noticed one alarming thing, some of the managers are doing a poor job of protecting data. With data I mean emails of users, I found that 2 of 11 bounty campaigns did not protect sheets and emails of users can be easily copied.  This is alarming because emails in wrong hands could lead to hacked accounts, could this be the reason why there are so many hacked accounts constantly?

I do think that these managers should be warned and in case they dont listen - marked as untrusted members, i would not want to trust my data with someone who dont lock their spreadsheet.
Most of those emails are specifically made for bounty purposes. So even if they get hacked, they won't find anything useful in it. But still the campaign manager shitcoin manager should do his damn job well. I wouldn't be surprised if its ran by a kid/s.

No surprise that Jr. Members make up the bulk of them.  Decent, bitcoin-paying campaigns are generally shunning noobs at this point, which I think is an excellent thing.  The only way they can make money with their spamming is through these shady token bounties, and all it takes is 2 weeks before a brand new account ranks up to Jr. Member, so they keep creating them in bulk.  It makes me want to vomit, but we all know it's happening.
I don't think there's any bitcoin paying campaign that accepts shitposters. Bitcoin paying campaigns are mostly dry, only a few of them are there.

Jr. Members shouldn't be allowed to participate in bounties. They need to deserve that privilege than just freely abusing it. But then again, theymos doesn't listen to me, he doesn't like me either.   Undecided Cry

coinlocket$
Sr. Member
****
Offline Offline

Activity: 336
Merit: 383


View Profile WWW
August 29, 2018, 11:28:47 PM
 #5

~

Unfortunately Twitter campaigns and Facebook campaigns do not register the rank of the member so i could not research them.

This all was nothing special or surprising, but one thing was alarming.

While i was going trough these campaigns I noticed one alarming thing, some of the managers are doing a poor job of protecting data. With data I mean emails of users, I found that 2 of 11 bounty campaigns did not protect sheets and emails of users can be easily copied.  This is alarming because emails in wrong hands could lead to hacked accounts, could this be the reason why there are so many hacked accounts constantly?

I do think that these managers should be warned and in case they dont listen - marked as untrusted members, i would not want to trust my data with someone who dont lock their spreadsheet.

In my experience as cheaters hunter I can assume for facebook and twitter on some campaings a percentuage around 80-90% of jr members + newbies, yes most of them are abusers, but noone cares, manager, CEO of ICO, the bigger is the number more the spam it will be and more the manager will earn. (even if multiaccounts)
In the past I've found users with over 100+ accounts so in my opinion this 80% can be a real thing.
You can also ask to someone to Scrap those data it will be a easy thing, but I have no skill to do so.

My tipping address 12XUa8iczkvz2mdu4yBRDDeUB9nBfGFBaj Smiley
Thirdspace
Hero Member
*****
Offline Offline

Activity: 770
Merit: 598


Mixing reinvented for your privacy | chipmixer.com


View Profile
August 29, 2018, 11:58:37 PM
 #6

While i was going trough these campaigns I noticed one alarming thing, some of the managers are doing a poor job of protecting data. With data I mean emails of users, I found that 2 of 11 bounty campaigns did not protect sheets and emails of users can be easily copied.  This is alarming because emails in wrong hands could lead to hacked accounts, could this be the reason why there are so many hacked accounts constantly?

I do think that these managers should be warned and in case they dont listen - marked as untrusted members, i would not want to trust my data with someone who dont lock their spreadsheet.
those campaigns/projects (that pay in token) might be actually the one misusing the data
they could sell your email address to marketer (spammer) and/or use it for other reasons
it's recommended to use disposable address for bounties and airdrops
I don't even understand why they need personal info and email address in the first place

rab2005
Newbie
*
Offline Offline

Activity: 11
Merit: 0


View Profile
August 30, 2018, 12:07:18 AM
 #7

There are more than a point
- Jr member accounts for spam and campaign
It is natural to develop with many of them to become knowledgeable and spread the idea of ​​their priorities.
In addition to making money this is a reality and we have to deal with it and that the old members help them in this way.

The other point is the low-level posts for high-ranking
I think this needs a pause.
The management of the forum asks new members for a good level of participation in order to gain points of merit
And then raise their ranks.
On the other hand, very high rank holders are posting weak posts.

As part of the solution.
If the administration has been able to issue a decision to reduce rewards  for high-ranking
this may involve the return of those to their senses.


Sorry, because my English is weak
I am trying to learn now Cool
athanz88
Sr. Member
****
Offline Offline

Activity: 420
Merit: 350


View Profile
August 30, 2018, 02:45:25 AM
 #8

It is true that money attracts people and we have seen the accuracy of the sayings in this forum. People will do anything to gain money, even with a bad way.

While i was going trough these campaigns I noticed one alarming thing, some of the managers are doing a poor job of protecting data. With data I mean emails of users, I found that 2 of 11 bounty campaigns did not protect sheets and emails of users can be easily copied.  This is alarming because emails in wrong hands could lead to hacked accounts, could this be the reason why there are so many hacked accounts constantly?

I do think that these managers should be warned and in case they dont listen - marked as untrusted members, i would not want to trust my data with someone who dont lock their spreadsheet.
snip

That is not an alarming things and it is not in the hands of the forum moderations tho, in my opinion. If people does not like those rules, then they are free to leave because the choice is in your hands. What is alarming now is that people are still joining on that kind of bounty campaign, and then doing the spamming, and when their email is compromised, they blame the forum. That is the problem right now.


````````````````███████████
```````````█████████████████████
```````█████████████████████████████
`````````█████████████████████████
````````````████████████████████
```████``````````````````````````````████
`████████`````````````````````````███████
`█████████``````██████████````````████████
█████████`````██████████████```````████████
████████`````████████████████``````████████
`████████`````███████████████``````████████
``████████`````████████████```````████████
``███████````````████████``````````███████
```███```````````````````````````````████
````````````███████████████████
`````````██████████████████████████
```````█████████████████████████████
``````````██████████████████████
````````````````██████████
EtherMium██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
Piggy
Hero Member
*****
Offline Offline

Activity: 518
Merit: 912



View Profile WWW
August 30, 2018, 05:37:45 AM
 #9



While i was going trough these campaigns I noticed one alarming thing, some of the managers are doing a poor job of protecting data. With data I mean emails of users, I found that 2 of 11 bounty campaigns did not protect sheets and emails of users can be easily copied.  This is alarming because emails in wrong hands could lead to hacked accounts, could this be the reason why there are so many hacked accounts constantly?

I do think that these managers should be warned and in case they dont listen - marked as untrusted members, i would not want to trust my data with someone who dont lock their spreadsheet.

I don't know about the red trust, but for sure there are a lot of improvised bounty manager which don't know what they are doing, i mainly wonder how they get the job in the first place, probably with very competitive prices?

Bahokiki
Newbie
*
Offline Offline

Activity: 98
Merit: 0


View Profile
August 30, 2018, 08:35:02 AM
 #10

Suggestion to the moderators of bounties (altcoins)

What if we set criteria for jr.members? I mean every bounty must set number of merit that must jr.members have

Example

Jr.members (must have minimum of 5 merits) = 1 stake/week

Jr.members (must have minimum of 3 merits) = 1stake/week

 atleast we lessen the jr.member participants
And by this they will be force to post such quality content to get merit which is very hard to get.

And if they beg for merit, we must report it.
Merit sellers will increase their price and jr.members more likely not to buy hence they will quit or post good contents

Just a suggestion guys
hotforblockchain
Member
**
Offline Offline

Activity: 98
Merit: 20

DECOIN.io


View Profile
August 30, 2018, 09:12:08 AM
 #11

In my experience as cheaters hunter I can assume for facebook and twitter on some campaings a percentuage around 80-90% of jr members + newbies, yes most of them are abusers, but noone cares, manager, CEO of ICO, the bigger is the number more the spam it will be and more the manager will earn. (even if multiaccounts)
In the past I've found users with over 100+ accounts so in my opinion this 80% can be a real thing.
You can also ask to someone to Scrap those data it will be a easy thing, but I have no skill to do so.

Vou. This is staggering number that you have came across. 100+ accounts  Huh Huh You have some good points, they actually dont care as long as their marketing strategy pays off. Possibly the only thing that stops campaign of being shady is reputation and or ethics of manager but his is rare.


That is not an alarming things and it is not in the hands of the forum moderations tho, in my opinion. If people does not like those rules, then they are free to leave because the choice is in your hands. What is alarming now is that people are still joining on that kind of bounty campaign, and then doing the spamming, and when their email is compromised, they blame the forum. That is the problem right now.

Hypothetically. If we assume that these hacks happen because of these managers who cant even do their job right.
Moderators have to constantly work on hacked account cases, right? This takes a lot of their time to research every case individually. Then maybe it makes sense to tackle the problem at its roots rather to deal with consequences?

iasenko
Sr. Member
****
Offline Offline

Activity: 350
Merit: 545


Welcome message > Read the rules & pinned posts!


View Profile WWW
August 30, 2018, 10:15:22 AM
 #12

Great analysis, so the conclusion is that the weakest link here are the bounty managers, actually that's where the main forum SPAM problem lays.  Uncontrolled and unaware of how to manage a campaign, everyone can be a manager, and some projects don't really care who they hire, as long as they can scam a few ether it's fine.

Let's be honest, those guys need to be controlled like c'mon some of them /a big part tho/ don't even care about the participants and scam all over the place. Just latest example is TokenSuite.
This is not job for everyone, even experienced manager like Atriz can made a mistake as he did, but there were consequences, and what about all the newbies posting in Service "hire me as a bounty manager"
Shall we look for a solution or only excuses?

I know theymos is busy, but that's why we are here to be a community and do those things together as we have enough power.

Piggy
Hero Member
*****
Offline Offline

Activity: 518
Merit: 912



View Profile WWW
August 30, 2018, 10:26:25 AM
 #13

i think all this fall into the same concept/idea heard before: the community should be pointing out managers which are not able to to their job and deal with it without any divine intervention  Smiley Otherwise would have been nice to have to be confirmed as a bounty manager and then given the privileges to actually post a new thread under the relevant boards. Everything would probably be much cleaner and professional.

Welsh
Staff
Legendary
*
Offline Offline

Activity: 1386
Merit: 1374


Away on expedition until 5th of Nov


View Profile
August 30, 2018, 10:29:30 AM
 #14

Wow, I didn't even realize how many participants there were for all those bounties.  Betcha about 40% of those are alt accounts across the different bounties, and probably within single ones as well.
Yeah. I would say even more. Its so painfully obvious sometimes too. Yet, they get away with it, and profit from it. At the moment they are allowed to be lazy, and if on the off chance they get caught they'll just use another one of their hundreds of Jr member accounts.

Looks to me there should probably be a limit of who can post in the bounty section. I've said in the past that I'm not for restrictions, but in this case I think its the best option.

lukeburchill
Member
**
Offline Offline

Activity: 82
Merit: 17


View Profile
August 30, 2018, 10:40:43 AM
 #15

when talking about campaign managers, actually Pugman has given instructions which managers are worthy of being employed.

obviously, this problem is not just the campaign manager and the participants but the campaign owner is also involved in this.
Welsh
Staff
Legendary
*
Offline Offline

Activity: 1386
Merit: 1374


Away on expedition until 5th of Nov


View Profile
August 30, 2018, 10:47:16 AM
 #16

when talking about campaign managers, actually Pugman has given instructions which managers are worthy of being employed.

obviously, this problem is not just the campaign manager and the participants but the campaign owner is also involved in this.

The thing is we all know who the capable managers are, and the best ones for spam control, and all that. However, the teams behind the projects that want the advertisements don't usually care for the forum. They just want their advertisement to have as much exposure as possible. Unfortunately the promise of free money usually gets them what they want. Currently, there's no restrictions on who can become a signature manager, and until that's changed we'll continue having this issue.

jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1162
Merit: 1111


View Profile
August 30, 2018, 10:52:09 AM
 #17

when talking about campaign managers, actually Pugman has given instructions which managers are worthy of being employed.

obviously, this problem is not just the campaign manager and the participants but the campaign owner is also involved in this.

The thing is we all know who the capable managers are, and the best ones for spam control, and all that. However, the teams behind the projects that want the advertisements don't usually care for the forum. They just want their advertisement to have as much exposure as possible. Unfortunately the promise of free money usually gets them what they want. Currently, there's no restrictions on who can become a signature manager, and until that's changed we'll continue having this issue.

I doubt that will change, it seems like it will makethe forum bery centralised unless you say "everyone with more than x good reports can be a campaign manager" or something but then you might have to look into permabanning everyone who doesn't have the accreditation to be a manager which seems slightly mean (although it woudl work)...

Welsh
Staff
Legendary
*
Offline Offline

Activity: 1386
Merit: 1374


Away on expedition until 5th of Nov


View Profile
August 30, 2018, 11:25:08 AM
 #18

I doubt that will change, it seems like it will makethe forum bery centralised unless you say "everyone with more than x good reports can be a campaign manager" or something but then you might have to look into permabanning everyone who doesn't have the accreditation to be a manager which seems slightly mean (although it woudl work)...
Yep. So, maybe we should look at adding rank restrictions in the bounty section. Only the bounty section. The other altcoin sections are probably fine. Most of the spam is coming from those wearing bounty signatures anyway. Well, if we are ignoring the bumping services that have plagued that section.

lukeburchill
Member
**
Offline Offline

Activity: 82
Merit: 17


View Profile
August 30, 2018, 11:43:54 AM
 #19

Quote
the teams behind the projects
I don't know the actual process, whether every manager can know/ask about the team behind the project or just ask how much salary will be earned.

Quote
Yep. So, maybe we should look at adding rank restrictions in the bounty section.
or, at least who should be the manager must be SR above even though this doesn't guarantee but at least they have the fear to keep their pride (banned or in redtrust)

jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1162
Merit: 1111


View Profile
August 30, 2018, 12:20:09 PM
 #20

I doubt that will change, it seems like it will makethe forum bery centralised unless you say "everyone with more than x good reports can be a campaign manager" or something but then you might have to look into permabanning everyone who doesn't have the accreditation to be a manager which seems slightly mean (although it woudl work)...
Yep. So, maybe we should look at adding rank restrictions in the bounty section. Only the bounty section. The other altcoin sections are probably fine. Most of the spam is coming from those wearing bounty signatures anyway. Well, if we are ignoring the bumping services that have plagued that section.

Not to mention the "great project" spam that appears in the altcoin announcements section...

I'd suggest removing signatures, avatars and personal text altogether wouldn't be a bad idea...

Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!