Show HN: SQRL – Anti-spam rules language Twitter acquired in 2018, open-sourced

200 点作者 qixxiq超过 2 年前

Hey all, author here! This is a demo of the rules engine we built to fight spam/abuse on the internet. It was built based on learnings from Facebook & Google, while trying to make a language that makes it simple for anti-spam analysts to quickly (and safely) deploy rules to production.Unfortunately it looks like the Twitter event feed is temporarily down (they're blocking it, possibly as part of shutting down the API on Thursday). I have a cache of events from a little earlier that I'm going to try play through the stream.

14 条评论

qixxiq超过 2 年前

I've tried to release this a couple times in the past (you'll notice the git repo has a four year history), and happy it's finally out the door. If anyone is interested in using this, or wants to talk about the strategies I'm happy to help in any way I can.Proud of what we built at Smyte, and hoping it can find another live outside of Twitter </3. I know there are already a couple of implementations based on SQRL, one at Discord and another at Sumatra.ai[1][1] <a href="https://docs.sumatra.ai/scowl/" rel="nofollow">https://docs.sumatra.ai/scowl/</a>

评论 #34715702 未加载

jhgg超过 2 年前

We used to use Smyte at my place of work prior to the twitter acquisition. Very cool stuff.Ended up rewriting it in house. We ended up with a SQRL variant that is a restricted type-checked subset of python. It is not python however, just syntactically similar.

评论 #34699347 未加载

wnevets超过 2 年前

Not to be confused with SQRL (Secure Quick Reliable Login) [0][0] <a href="https://www.grc.com/sqrl/sqrl.htm" rel="nofollow">https://www.grc.com/sqrl/sqrl.htm</a>

评论 #34703107 未加载

snehesht超过 2 年前

Link to Github: <a href="https://github.com/sqrl-lang/sqrl">https://github.com/sqrl-lang/sqrl</a>

codetrotter超过 2 年前

It says "Compiled! Running", and shows some code in their language, but the other half of the screen is just black for me.I assume from the text on the page that it is supposed to be showing tweets and some kind of spam rule classification or something.The Wikipedia Recent Changes demo <a href="https://websqrl.vercel.app/wikipedia" rel="nofollow">https://websqrl.vercel.app/wikipedia</a> however did show one element on the right side, with an article title, IPv6 address, timestamp, a piece of quoted text, and "Rules fired". The rule was "FirstEventSeen".Looking at the code shown for the Wikipedia example, the demo rules are:- Simple rule to make sure atleast one event shows up in the UI- Flag any users using profanity (not a great spam rule! but easy)So I suppose that with a bit more time some events might show up matching the second rule as well.Meanwhile though, <a href="https://www.mediawiki.org/wiki/API:Recent_changes_stream" rel="nofollow">https://www.mediawiki.org/wiki/API:Recent_changes_stream</a> links to <a href="https://codepen.io/ottomata/pen/VKNyEw/" rel="nofollow">https://codepen.io/ottomata/pen/VKNyEw/</a> which has events flying across the screen in the hundreds. Would be neat with a demo of SQRL also having many events fly by like that, and perhaps with a pause button in case one wanted to stop it and have a look at some of the events.Perhaps the Twitter demo example works like that when it works.I see also that the SQRL code in the Twitter demo is also has a rule that is meant to ensure that at least one tweet shows up.Definitely either something is currently broken, or it is connecting directly to Twitter from the browser perhaps, and Twitter is not letting my browser get any data from their API?

评论 #34698793 未加载

评论 #34702680 未加载

latchkey超过 2 年前

All I want is this:<pre><code> if new follower has <=4 tweets.total and all(tweets) === type=image block</code></pre>

评论 #34702921 未加载

评论 #34703094 未加载

fsckboy超过 2 年前

this is just a thought experiment, but instead of "no obscurity open rules engine" for blocking spam which can be used to help create ever more creative $pAm, how about a "no obscurity open rules engine" that all acceptable posts must meet, a sort of Turing test. Then the stuff that was allowed through would at least be readable.remember that post a month back (and of course all other recently discusseds) for stylometry, to use writing style to identify authorship? would it work to require posters to expose a unique "voice" in their posts, and where banning of your style would definitely be something you'd want to avoid.This is a thought experiment to talk about. Yes, there are obvious criticisms, but would it also produce something "we can have nice things" useful?obvious criticisms are sort of like "what about the children!?" concern trolls (this is meant to be hyerbolic and biased): "what about PopulationX, the half literate know-nothing n00bs who are barely surviving under repressive regimes, they may all sound alike, but we can't silence their voices!" Which I agree with, we don't want to silence their voices. But again, this is just a thought experiment, I bet all the super high quality well informed thoughtful posters would in fact sail through the system. So the question is, does PopulationX actually all style-sound alike? (where population X is the concern you raise, not the fake one i just made up) maybe they are just as distinctive and the system would actually work for them too.and the criticism "this is not going to work because it's just spam filters with more steps and a minus sign" is not an adequate criticism because (a) spam filters do exist, and are deployed, and do take care of a bunch of spam. and (b) yes, what I'm trial ballooning here is similar, it would just distribute some of the work of maintaining the tasty spam rules to good posters who might get some sort of "you can't post hot grits here, naked or petrified" warning, more frequently then they currently do, hopefully in some way that would be useful for the community at large.

评论 #34702372 未加载

BoorishBears超过 2 年前

Don't open this in any public setting, there's some extremely NSFW images in the stream.If you're just replaying events, maybe select a few tamer examples to replay...

评论 #34699251 未加载

croes超过 2 年前

On Android Chrome mobile I only see the text explanation on the left side of the screen, the right is completely empty.

评论 #34699328 未加载

est超过 2 年前

I built something similar internally, just use Python expressions directly.

rengers超过 2 年前

That’s a really neat demo!

karinemellata超过 2 年前

Super neat demo!

revskill超过 2 年前

Nomad is really what Docker should become since day 1.

anigbrowl超过 2 年前

I wonder is Twitter even using this any more? I report spam a lot and i's common to find 50+ identical tweets being pumped out at the rate of 10/minute, or tweets that include variation but link to the same piece of media or URL hundreds or even thousands of times. Given the quite fine-grained control in the filter stream API, it's very easy to get streams of spam, so I wonder what their excuse for letting it proliferate.

评论 #34701527 未加载

评论 #34702678 未加载

评论 #34701135 未加载