anti-brigading protections in security section
This commit is contained in:
12
README.md
12
README.md
@@ -155,7 +155,17 @@ Letting people participate anonymously doesn't mean letting them run wild. Echob
|
|||||||
- **Webhooks can't reach internal networks** - destination URLs are checked against private IP blocklists, DNS is resolved before connecting to prevent rebinding, and connections go directly to the resolved IP with TLS verification.
|
- **Webhooks can't reach internal networks** - destination URLs are checked against private IP blocklists, DNS is resolved before connecting to prevent rebinding, and connections go directly to the resolved IP with TLS verification.
|
||||||
- **Security headers everywhere** - HSTS with two-year max-age, strict CSP, X-Content-Type-Options, X-Frame-Options, Referrer-Policy set to no-referrer. The embed widget runs in a sandboxed iframe. Custom CSS is decoded and scanned before storage.
|
- **Security headers everywhere** - HSTS with two-year max-age, strict CSP, X-Content-Type-Options, X-Frame-Options, Referrer-Policy set to no-referrer. The embed widget runs in a sandboxed iframe. Custom CSS is decoded and scanned before storage.
|
||||||
- **File uploads validated by content, not trust** - images are checked against magic byte signatures, not just extensions or MIME types. Path traversal is blocked with realpath resolution. Orphaned files are cleaned up if database inserts fail.
|
- **File uploads validated by content, not trust** - images are checked against magic byte signatures, not just extensions or MIME types. Path traversal is blocked with realpath resolution. Orphaned files are cleaned up if database inserts fail.
|
||||||
- **Per-endpoint rate limiting** - every endpoint is individually tuned, from 100/minute for browsing down to 3/15 minutes for recovery code attempts. Not a blunt global throttle.
|
- **Per-endpoint rate limiting** - every endpoint is individually tuned, from 100/minute for browsing down to single-digit attempts for sensitive operations. Not a blunt global throttle.
|
||||||
|
- **Anti-brigading detection engine** - a background system that continuously monitors voting patterns, post creation velocity, identity creation clusters, and behavioral signals across all boards. When coordinated manipulation is detected, it flags the activity for admin review without disrupting legitimate users.
|
||||||
|
- **Phantom voting** - when the system detects suspicious vote patterns from a network, the votes appear to succeed from the voter's perspective but don't actually count. The brigadier sees their number go up, everyone else sees the real count. No way to tell from the client side whether a vote was real or phantom.
|
||||||
|
- **Adaptive proof-of-work** - the computational difficulty of ALTCHA challenges scales dynamically based on context. Boards under unusual activity get harder puzzles. Identities with suspicious behavioral patterns get harder puzzles. The difficulty adjusts automatically without admin intervention.
|
||||||
|
- **Identity behavioral analysis** - the system tracks behavioral signals per identity: action diversity, timing patterns, navigation paths, submission speed. These signals feed into the detection engine. No single signal triggers a flag - the system looks at the combination.
|
||||||
|
- **Delayed vote visibility** - vote counts on new posts are hidden for the first hour. This removes the real-time feedback loop that makes brigading psychologically rewarding. After the cooling period, counts appear with any anomaly filtering already applied.
|
||||||
|
- **Honeypot fields** - invisible form fields that legitimate users never see or interact with. Automated scripts that fill every field on the page reveal themselves immediately.
|
||||||
|
- **Content deduplication** - coordinated submissions using the same template text from different identities are detected and blocked before they go through.
|
||||||
|
- **Post integrity monitoring** - if a post's content is substantially changed after receiving votes, the system flags it and notifies voters. Prevents bait-and-switch manipulation where someone changes a post's meaning after people endorsed it.
|
||||||
|
- **Admin security dashboard** - a dedicated page showing anomaly alerts, voter network graphs, vote velocity charts, and one-click cleanup tools. Admins can freeze individual posts, quarantine entire boards, adjust detection sensitivity per board, and configure webhook notifications for anomaly events.
|
||||||
|
- **Auto-learning from confirmed attacks** - when an admin confirms a brigade, the system records the pattern characteristics. Future anomalies matching that pattern are automatically elevated to critical priority.
|
||||||
|
|
||||||
Security isn't a feature you bolt on at the end. It's a set of choices you make from the beginning about what data to collect (as little as possible), how to store it (encrypted), how to verify identity (without passwords when possible), and how to fail (safely, loudly, and without leaking information). Echoboard makes those choices so you don't have to think about them.
|
Security isn't a feature you bolt on at the end. It's a set of choices you make from the beginning about what data to collect (as little as possible), how to store it (encrypted), how to verify identity (without passwords when possible), and how to fail (safely, loudly, and without leaking information). Echoboard makes those choices so you don't have to think about them.
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user