www.phidot.org

[Triciaserow]

Hi,

This is not a analysis & design question but I post it here because I did not have the permission to post on "forum help".

I've had friends in Asia who have been using program MARK as well as other software which is often discussed for population research. I suggested them to post any relevant questions on phidot to get help on analyses and research designs. However, none of them have the access to phidot. They got a message like this: "you are prohibit from accessing this page". They need to rely on friends (like me) who have the access to this forum to post questions for them. Was phidot originally designed this way with limited accessibility? Thanks.

Sincerely,
Tricia

[cooch]

Hi,

This is not a analysis & design question but I post it here because I did not have the permission to post on "forum help".

I've had friends in Asia who have been using program MARK as well as other software which is often discussed for population research. I suggested them to post any relevant questions on phidot to get help on analyses and research designs. However, none of them have the access to phidot. They got a message like this: "you are prohibit from accessing this page". They need to rely on friends (like me) who have the access to this forum to post questions for them. Was phidot originally designed this way with limited accessibility? Thanks.

Sincerely,
Tricia

Very simple. Phidot (and the forum it hosts), has a fairly public presence, which means its subject to never-ending waves of hack attempts, and attempts to register by spammers (who will then use their registered access to the forum in order to spam-bomb everyone else...). Obviously, this is not something anyone wants to happen, and which I am not equipped -- or interested -- to 'fix' if it should happen (say, getting hacked).

Now, over the past year of data collection, 80-90% of all such attempts come from (i) Asia (China by far the most, followed by Viet Nam), and (ii) eastern Europe (especially Russia and ex-Soviet republics). Because the spammer/hacker types use dynamically allocated ip adddresses, I can't simply block them on a person by person (or, machine ip by machine ip) basis. So, whats the solution?

Simple -- block *everyone* from offending parts of the world (you generate a list of all the ip blocks assigned to China, for example, and deny access). In the year since I implemented this, I've had <10 people contact me directly about this being a problem -- for them, ostensibly, trying to access from a part of the world where I've put the block in place. Meaning, the blocks don't impact a lot of people (or, if it does, they're not contacting me -- probably the former). In such cases, I work with the person to see if we can't punch a hole in the firewall to let them through. In every case so far, this has worked fine.

Is this more work? Yes. Is it inconvenient for a few people (including me)? Yes.But it takes far more work to try to keep up with the hackers (especially the 'human wave' attacks from parts of Asia) than it does to accommodate the few people who need access, but are being blocked. It is relatively easy to 'open a door in the firewall' if they're at a major university or research organization, and let people from 'offending' regions access the forum. If they're running off some commercial ISP, with changing ip numbers, a bit more difficult.

So, while I appreciate that this is not always convenient for folks who through no fault of their own reside in a part of the world from whence multiple hack attempts come from (and I do mean lots -- ~150 last night alone, with multiple attempts to access the forum registration page. I cross-checked these against 'spammer blacklists', and almost every one hit.), there is nothing I'm going to do to change the policy. Period.

If people need access, and are being blocked they contact me.

If that isn't satisfactory, then (to be blunt), said dissatisfied souls are more than welcome to start their own forum/maillist. At which point they can deal with the new reality that cyber-attacks are a real, and ever-growing problem.

[Triciaserow]

Hi,

This is not a analysis & design question but I post it here because I did not have the permission to post on "forum help".

I've had friends in Asia who have been using program MARK as well as other software which is often discussed for population research. I suggested them to post any relevant questions on phidot to get help on analyses and research designs. However, none of them have the access to phidot. They got a message like this: "you are prohibit from accessing this page". They need to rely on friends (like me) who have the access to this forum to post questions for them. Was phidot originally designed this way with limited accessibility? Thanks.

Sincerely,
Tricia

Very simple. Phidot (and the forum it hosts), has a fairly public presence, which means its subject to never-ending waves of hack attempts, and attempts to register by spammers (who will then use their access to the forum in order to spam-bomb everyone else on the list). Obviously, this is not something anyone wants to happen, and which I am not equipped -- or interested -- to 'fix' if it should happen (say, getting hacked).

Now, over the past year of data collection, 80-90% f all such attempts come from (i) Asia (China by far the most, followed by Viet Nam), and (ii) eastern Europe. because the spammer/hacker types use dynamically allocated ip adddresses, I can't simply block them on a person by person (or, machine ip by machine ip) basis. So, whats the solution?

Simple -- block *everyone* from offending parts of the world (you generate a list of all the ip blocks assigned to China, for example, and deny access). In the year since I implemented this, I've had <10 people contact me directly about this being a problem -- for them, ostensibly, trying to access from a part of the world where I've put the block in place. Meaning, the blocks don't impact a lot of people (or, if it does, they're not contacting me -- probably the former). In such cases, I work with the person to see if we can't punch a hole in the firewall to let them through. In every case so far, this has worked fine.

is this more work? Yes. Is it inconvenient for a few people (including me)? Yes.But it takes far more work to try to keep up with the hackers (especially the 'human wave' attacks from parts of Asia) than it does to accommodate the few people who need access, but are being blocked. It is especially easy if they're at a major university or research organization. If they're running off some commercial ISP, with changing ip numbers, a bit more difficult.

So, while I appreciate that this is not always convenient for folks who through no fault of their own reside in a part of the world from whence multiple hack attempts come from (and I do mean lots -- ~150 last night alone, with multiple attempts to access the forum registration page. I cross-checked these against 'spammer blacklists', and almost every one hit.), There is nothing I'm going to do to change the policy.

if people need access, and are being blocked they contact me.

If that isn't satisfactory, then (to be blunt), said dissatisfied souls are more than welcome to start their own forum/maillist. At which point they can deal with the new reality that cyber-attacks are a real, and ever-growing problem.

Thanks for your prompt response. The answer was quite similar to what I figured. I would have done the same thing if I were the website manager. Thanks for your hard work on maintaining this forum.

Tricia

[cooch]

Thanks for your prompt response. The answer was quite similar to what I figured. I would have done the same thing if I were the website manager. Thanks for your hard work on maintaining this forum.

Tricia

Sure -- as I said, if someone wants/need to access the forum, all they need to do is contact me.

A hybrid model I've toyed with (which is relatively easy to implement) is to allow people from *everywhere* to at least browse the forum, but restrict those who can *register* (without direct intervention from me) to certain parts of the world. The only downside to this is that even letting the 'bad guys' see the forum incentivizes them to find some way to attack. So, my current strategy is to not even let them look at the forum (or anything else on phidot -- e.g., the MARK book). The same logic is the basis for preventing the forum from being searched by any of the major search engines (you can't Google for any forum threads, for example).

Thanks for everyone's collective patience and tolerance for such things. If you have colleagues in affected parts of the world, then advise them of their options.