3

I raised a flag on the following question, because the OP wanted regex for credential stuffing purposes:

How to mark/delete lines that contain anything that is not letters or numbers after a specific string?

and then I received this response to my flag:

Declined - flags should only be used to make moderators aware of content that requires their intervention

I was thinking the question would get deleted, given it is obviously asking for help doing something illegal, and that moderator intervention would be required as non-moderators don't have the delete button.

If you somehow doubt that I am correct (first of all how dare you) and secondly see for example:

  1. How to Remove Lines Not Containing "Emails" in notepad++ or Emeditor, and
  2. How to delete lines matching a specific pattern with Notepad++

If we delete questions because they ask for help with piracy, why is this allowed?

3
  • It's not "obviously" asking for anything illegal... Having emails and passwords in text files is not illegal, hence the other questions were not closed. It could be e.g. his credentials stored in a dumb way or some testing data they're working on. There are tons of other possibilities. It's as if you assumed that asking a question about getting into BIOS/system without remembering a password means that someone stole the device. Or asking about security of credit cards on another SE website means that you want to breach them in a malicious way.
    – Destroy666
    Commented Nov 28, 2023 at 20:41
  • 1
    @Destroy666 It is for those in the know. He wanted help with textfiles over 50gb. People don't normally have 50gb of credentials. The email/username:pass format is how cred dumps are stored and traded. I assure you that there is no innocent explanation in this case, and I would give the benefit of the doubt if there was.
    – Gantendo
    Commented Nov 28, 2023 at 21:48
  • @Gantendo Maybe this is something better reported to the FBI (or whatever agency handles this) than a moderator.
    – Brōtsyorfuzthrāx
    Commented Jan 3 at 6:07

1 Answer 1

Reset to default
5

Ah, See, I am a moderator of the oldschool. I assume good intent

I've literally have had to do very similar text processing to recover/reprocess a set of rules for managing RSS feeds, or once when trying to retrieve passwords from my dad's PC (which honestly is so slow I probably would have been faster with a microscope and a very steady hand) to his newer PC.

I've done all sorts of unspeakable horrors with text files for entirely legitimate reasons. Some of these horrors I cannot even speak about without breaking the law.

While some argue regex is a monstrosity, I don't see how use of it is immediately suspicious.

There was no need to harangue the user with multiple comments then demand a moderator immediately delete it.

8
  • 1
    You sure I demanded something? Doesn't sound like me... Like we say on Wikipedia: "assume good faith isn't a suicide pact". I'll happily assume good faith if there is any theoretical hypothetical scenario where things might not be as they seem. In this case it is very obvious (especially combined with the other questions the user has posted) that assuming good faith would be misplaced.
    – Gantendo
    Commented Nov 22, 2023 at 10:14
  • 1
    Its not the use of regex that's suspicious, its the fact that dude has dumps that he is using for credential stuffing. I didn't harangue the user; I pointed out something very obvious to anyone who knows about these things. Sure, you've done ungodly things to text files, but in this particular case this particular operation can only mean one thing. And if you would have experience with that you would know what he is doing and why.
    – Gantendo
    Commented Nov 22, 2023 at 10:15
  • 1
    I like you Journeyman Geek, but in this case you are clearly and obviously wrong. Falsely claiming I demanded something and harangued the user is, ironically, not assuming good faith. I get it; you don't know what I know. But if you did you would act differently. And you don't seem to take into account the possibility that I know what I am talking about (in this very specific and limited case) and you do not. I am the broken clock that is right once a millenium.
    – Gantendo
    Commented Nov 22, 2023 at 10:23
  • Clearly digital.
    – Journeyman Geek Mod
    Commented Nov 22, 2023 at 10:25
  • 1
    We both know digital clocks are never right. Google Collection #1-5 & Zabagur ;-) I've been following scriptkiddy lore since before VX heaven
    – Gantendo
    Commented Nov 22, 2023 at 10:25
  • 2
    Oh and for the record, you can't force people to actually assume good faith but you can force them to pretend to. I've seen it happen. This led to people being very creative with words and accusing others while maintaining (somewhat) plausible deniability. The most toxic and problematic people thrived, they could no longer be accused of doing what they did and they knew how to accuse others without saying the magic words, just like they were masters at insulting people without using swearwords. Writing a workable CoC is impossible for people less jaded than I am.
    – Gantendo
    Commented Nov 22, 2023 at 11:18
  • @Gantendo I believe this implies that posts are treated as innocent until proven otherwise, regardless of how closely the technical inquiry aligns with something that could potentially be used for malicious purposes. Strive to conform and adhere to prevent any perception of singling out or accusing posts of harboring malicious intent. There's a possibility that I've assisted someone with a script here that could be utilized for criminal activities, highlighting one of the downsides of this sort of platform and shared content – every action comes with its pros and cons.
    – Vomit IT - Chunky Mess Style
    Commented Nov 30, 2023 at 3:12
  • 1
    @VomitIT-ChunkyMessStyle In this case it is clearly proven otherwise, see OP. I've seen posts closed in cases where people bought a key from a reseller. Quite a few people do not know that those resellers illegally resell Windows/Office keys.
    – Gantendo
    Commented Nov 30, 2023 at 4:42

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .