mersenneforum.org  

Go Back   mersenneforum.org > Other Stuff > Forum Feedback

Reply
 
Thread Tools
Old 2009-01-08, 19:39   #1
10metreh
 
10metreh's Avatar
 
Nov 2008

2×33×43 Posts
Default Username fraud

A user has created the username XYZZY for himself/herself/itself. I guess the real Xyzzy (God) considers this identity fraud/terrorism. Is it possible to make sure no two users can have the same username except for capitals from now on?
10metreh is offline   Reply With Quote
Old 2009-01-08, 19:59   #2
J.F.
 
J.F.'s Avatar
 
Jun 2008

23×32 Posts
Default

God must be in a tolerant mood, not to smite that impostor.
J.F. is offline   Reply With Quote
Old 2009-01-08, 20:05   #3
Xyzzy
 
Xyzzy's Avatar
 
"Mike"
Aug 2002

3×17×151 Posts
Default

There is a provision in the control panel to prevent certain words from being used in a user name. We had assumed that it was case insensitive but apparently it is not. Lesson learned.

Hopefully the individual in question will register again using a different name.
Xyzzy is offline   Reply With Quote
Old 2009-01-09, 23:55   #4
10mеtreh
 

2×4,153 Posts
Default

It's not a caps issue.
  Reply With Quote
Old 2009-01-10, 23:44   #5
Xyzzy
 
Xyzzy's Avatar
 
"Mike"
Aug 2002

1E1516 Posts
Default

Quote:
It's not a caps issue.
The system has no setting to prevent multiple registrations using the same name. (Well, it might, but we have no idea where it is.) We just have a list of words that are blacklisted. Your user name is not on that list.
Xyzzy is offline   Reply With Quote
Old 2009-01-11, 01:28   #6
ixfd64
Bemusing Prompter
 
ixfd64's Avatar
 
"Danny"
Dec 2002
California

72×47 Posts
Default

Are you allowing usernames with non-ASCII characters?

If so, it is possible that the impostor is using some sort of Cyrillic alphabet.
ixfd64 is offline   Reply With Quote
Old 2009-01-11, 02:18   #7
Xyzzy
 
Xyzzy's Avatar
 
"Mike"
Aug 2002

3·17·151 Posts
Default

The forum allows UTF-8 stuff. I suppose that means all sorts of weird characters.
Xyzzy is offline   Reply With Quote
Old 2009-01-11, 10:28   #8
10metreh
 
10metreh's Avatar
 
Nov 2008

2·33·43 Posts
Default

Could someone please get rid of my clone? I have no part in that post. There needs to be a setting to prevent that from happening!

Last fiddled with by 10metreh on 2009-01-11 at 10:32
10metreh is offline   Reply With Quote
Old 2009-01-11, 15:19   #9
Xyzzy
 
Xyzzy's Avatar
 
"Mike"
Aug 2002

3·17·151 Posts
Default

Quote:
Could someone please get rid of my clone? I have no part in that post. There needs to be a setting to prevent that from happening!
The clone seems so well behaved.
Xyzzy is offline   Reply With Quote
Old 2009-01-11, 22:41   #10
mdettweiler
A Sunny Moo
 
mdettweiler's Avatar
 
Aug 2007
USA (GMT-5)

11000011010012 Posts
Default

Aha! I think I've figured out how whoever was responsible for this created the duplicated 10metreh. (And no, it wasn't me. )

First I used a Perl script to compare each character of the 10metreh doppleganger's username with the respective character typed from my keyboard, which of course are the same as the ones in the real 10metreh's username. The script located the first "е" as being different from a standard "e" as found on my keyboard (a standard model purchased in the U.S.).

I then Googled to find a Unicode character lookup website, copied and pasted the first "е" from the doppelganger's username into the lookup field, and came up with this:

http://www.fileformat.info/info/unic...0435/index.htm

Apparently, the character used is a "CYRILLIC SMALL LETTER IE", Unicode hex code 0435. It's outwardly indestinguishable from the regular "e", which has a hex code of 006D, but Unicode-aware computer programs will see them as completely different characters.

In a short while I will attempt to create a second mdettweiler, and make a post here with it, as a proof of concept. Of course, in my particular case the difference should be easy to spot since one is a moderator (hence green username) and the other is not, but it should nonetheless suffice for the purpose of this demonstration.

Max
mdettweiler is offline   Reply With Quote
Old 2009-01-11, 23:28   #11
Batalov
 
Batalov's Avatar
 
"Serge"
Mar 2008
Phi(4,2^7658614+1)/2

100011101001102 Posts
Default

It is a common problem on some boards. (Cloning and look-alike nicknames are problematic.)

One of the solutions is to disallow mixed alphabets, but even then
РОМРА (in Cyrillic) looks like POMPA.

What you may want to implement is a variant of the http://en.wikipedia.org/wiki/Soundex algorithm (but not as severe similarity compression as the real Soundex).
All letters that look like "e" should be mapped to latin "e".
All letters that look like "P" should be mapped to latin "P".
Greek capital M, Cyrillic М, and latin M --> mapped to "M".
etc. Some letters which are barely distinguishable should be mapped to their latin counterparts, too, e.g. 0, Cyrillic and Greek O --> to "O".
Cyrillic З --> to "3", etc.

Then wrap it into a function and if f(Nickname2) == f(Nickname1), then Nickname2 should be disallowed at the attempted creation.

My 2 cents.

P.S. Oh yes, and even more strictly if Lowercase(f(Nickname2)) == Lowercase(f(Nickname1))...

Last fiddled with by Batalov on 2009-01-11 at 23:31
Batalov is offline   Reply With Quote
Reply

Thread Tools


Similar Threads
Thread Thread Starter Forum Replies Last Post
election fraud? davar55 Lounge 4 2016-07-03 13:56
Electronic voting fraud vs. the old-fashioned type cheesehead Soap Box 22 2011-10-26 19:50
More Bank Fraud R.D. Silverman Soap Box 2 2009-09-21 18:54
username and password in url? stars10250 PrimeNet 30 2009-07-02 14:13
How to consolidate 2 Username? stuymer PrimeNet 4 2004-02-29 21:33

All times are UTC. The time now is 23:24.

Fri Sep 25 23:24:17 UTC 2020 up 15 days, 20:35, 1 user, load averages: 1.51, 1.65, 1.56

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.

This forum has received and complied with 0 (zero) government requests for information.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.
A copy of the license is included in the FAQ.