Changes between Version 13 and Version 14 of org/projects/DontBlockMe


Ignore:
Timestamp:
Apr 19, 2015, 3:21:27 PM (4 years ago)
Author:
cypherpunks
Comment:

copy-edit/rephrase "Best Practices" section

Legend:

Unmodified
Added
Removed
Modified
  • org/projects/DontBlockMe

    v13 v14  
    2727== Best Practices ==
    2828
    29 * Implement Captchas, perhaps one from our list of captcha engines.
    30 * Time based non-permanent IP blocks, perhaps from our firewall / Apache module examples.
    31 * Growing capabilities for users based on their time of membership / completeness / participation / feedback.
    32 * Bitcoin deposits, a few USD worth for a real/good user refunded when user closes account, but costly for repeated forfeiture by spammers, abusers, etc.
    33 * Realistic help/abuse desk policies, effective warnings/strikes to annoying real users
    34 * Implement user-based threshold reporting, ways for users to block other users, etc
    35 * Publish "help pages" that though efforts are made, the Internet is varied and things do happen, perfect community is impossible, "don't freak out".
    36 * Consider OTP's, keyfobs, two-factor for areas such as banking where authentication matters yet user has personal right to location anonymity. Related: implement HTTPS and PFS everywhere by default.
    37 * Decide not on the side of thin lawyer/risk based potential arguments, but on actual real world everyday happenings. Lead the pack, take a stand, be proud. Act to preserve your own independence, and that of your peers, as well.
    38 * No solution is foolproof, blocking Tor will not eliminate your problems (see facts above), must layer defenses deeper.
    39 
     29* Implement CAPTCHAs, perhaps one from our list of captcha engines
     30* Time-based temporary IP blocks, perhaps from our firewall / Apache module examples
     31* Grant users merit-based capabilities (allow them to perform certain actions based on their seniority, participation, or feedback)
     32* For problems with sockpuppets, consider charging users a small registration fee (maybe in the form of Bitcoin deposits) to be given back to them when they close their account: this method will make it very costly for spammers or potential abusers from registering many sockpuppet accounts ''en masse''
     33* Combat trolling: make realistic conduct policies, and enforce them with warnings and penalties
     34* Allow users to report other users who demonstrate bad behavior
     35* Remind people that (though efforts are made) things ''do'' happen. Perfection cannot be achieved.
     36* Consider OTP's, keyfobs, two-factor for areas such as banking where authentication matters yet the user has a personal right to location anonymity. Related: implement HTTPS and PFS everywhere by default.
     37* Rather than acting on the assumption that people will do bad things, react to the situtation at hand. Act to preserve your own independence, and that of your peers, as well.
     38* No solution is foolproof: blocking Tor will not eliminate your problems. Consider deeper, more reliable defenses.
    4039
    4140== RBL removal ==