-
New Feature
-
Resolution: Unresolved
-
Normal
-
None
-
None
-
None
At the moment we have the following process.
- Spam account is identified by a contributor to the project
- Spam account is then reported to MusicBrainz for breaking ToS/being spam
- Spam account report is then reviewed by reosarevok
The problem we have is when there are large amounts of spam accounts being created (like exhibited here https://musicbrainz.org/artist/b972f589-fb0e-474e-b64a-803b0364fa75/ratings ) then all of those reports fall on one persons head.
It'd have to be designed to avoid abuse, but I think that maybe we could move to a user account removal by comittee approach; in the same way we remove any data from the project it would require voting on.
Maybe limited only to auto-editors, or even a smaller sub-set of contributors; all with the aim of reducing burden.
[MBS-13860] Spam User Account Removal Voting System
Yes, I'm pretty sure these are all the same - we've already blocked some of the ways these got added and I think blocking temporary domains is a needed next step.
Before it was possible to tag and rate without verifying the account. This was heavily abused, see MBS-11750
Now it's verified accounts. I wonder if those could be eliminated by blocking temporary email domains (MBS-13835)
A few days ago someone created hundreds of accounts and "subscribed" them to me. Pushing my subscriber count to 553
I suspect the culprit is the same as in the case of the Mozart rating abuse since the accounts were also created on 2024-12-14
Do you think the current event is related to our Mr. "security researcher" (
AREQ-3578)? Strange coincidence.This reminds me of:
https://www.heise.de/en/news/To-the-point-of-burnout-open-source-developers-annoyed-by-AI-bug-reports-10195985.html
https://daniel.haxx.se/blog/2024/01/02/the-i-in-llm-stands-for-intelligence/