- Joined
- Dec 30, 2020
Just make it a very low pay to enter like SomethingAwful, with an option for TF2 keys.
The Gay Pedophile at the Gates
- Thread starter Null
- Start date
- Joined
- Nov 11, 2023
Favicons can have arbitrary size; that'd be the easiest way to do it Alternatively, force the download of a 5GB image with a registration code plonked on top of it with magick. That's a time gate and a data restriction and you can't do anything weird like 'just get the last ten bytes of the file for the code'. Then just ban registration from India, Myanmar, Cambodia and Bangladesh to prevent outsourcing.
Edit for elaboration.
Last edited:
Kokonut Kangs Klan
kiwifarms.net
- Joined
- Oct 9, 2025
It's the most promising idea I've heard here yeah, like an inverse amplification attack. Could you extend kiwiflare to sometimes require a bandwidth toll? Eg send some random challenge seed/key, the browser expands this into a large but cheap response and sends it back.
The response should be high entropy so request compression etc won't help.
However this assumes many accounts need to get through for the attacker to "win". In practice I'm unclear how many you can afford to let through / remain active at once, and idk what the actual bandwidth costs look like for the fag, important to roughly know this. Scaling the bandwidth requirements per remote ISP might be worth checking out too, as a static size could take too long for shit connections or be too easy if the fag switches away from residential to faster connections.
Upload is typically scarcer than download for residential ISP customers, even if it isn't part of the attacker's botnet pricing it seems worth taking advantage of this by forcing them to upload.
Last edited:
- Joined
- Jan 16, 2017
Mine was Dick Masterson. I'm not sure if that's better or worse than Keffals.
Of course it's child porn, its always child porn with these faggots. I'm not sure what you mean by "passed off as child pornography" and I think I'm a happier person for that.
- Joined
- Feb 13, 2024
not sure if this was brought up because I'm short on time but...
have new users make or rewrite a lolcow/person of interest thread with a 1 week time limit to be approved by mods/senior members/knowledgeable members of topic , this would improve user quality and possibly improve thread quality or bring new lolcows to light while making spamming annoying to do/time consuming without sacrificing actual new users first experience.
i don't know if AI would invalidate this but I don't think AI likes reading racial slurs and sperg outs.
have new users make or rewrite a lolcow/person of interest thread with a 1 week time limit to be approved by mods/senior members/knowledgeable members of topic , this would improve user quality and possibly improve thread quality or bring new lolcows to light while making spamming annoying to do/time consuming without sacrificing actual new users first experience.
i don't know if AI would invalidate this but I don't think AI likes reading racial slurs and sperg outs.
- Joined
- Oct 20, 2019
Doesn't that have the consequence of adding costs on Null's side, though? You've provided a handy DDoS facilitator in being able to just trigger a 1GB chunk of bandwidth at any time.
Kokonut Kangs Klan
kiwifarms.net
- Joined
- Oct 9, 2025
Maybe I'm wrong about this btw, because if bandwidth were priced/metered symmetrically then making them download would drain funds faster than uploading? Understanding the price structure is important in any case, idk anything about these services.
- Joined
- Oct 7, 2019
I am in utter shock (but not surprised) that somebody would spend their time and efforts to find exploits just to attack this site and for what? To hopefully take down this site to protect himself and other sexually immoral predators?
That somebody could have made money by fulfilling bug bounties, the money that anybody gives out if somebody discovers a vulnerability is much more valuable and worthwhile than a weird obsession with some site that serves no benefit and only serves to make said site stronger and more notable.
There should be a way to implement functionality so that users can donate bandwidth/server IPs/anything technical for Kiwi Farms to make the site truly ineradicable. I don't know how capable this UnrealSkybox is but if somebody truly determined were to take a crack at it, I don't know what the result would be...
That somebody could have made money by fulfilling bug bounties, the money that anybody gives out if somebody discovers a vulnerability is much more valuable and worthwhile than a weird obsession with some site that serves no benefit and only serves to make said site stronger and more notable.
There should be a way to implement functionality so that users can donate bandwidth/server IPs/anything technical for Kiwi Farms to make the site truly ineradicable. I don't know how capable this UnrealSkybox is but if somebody truly determined were to take a crack at it, I don't know what the result would be...
Anti Lolicon Bomb
kiwifarms.net
- Joined
- Jan 14, 2024
How do people that done in the head have the time and resources to even commit to this?
- Joined
- May 16, 2019
Maybe this is already part of your safeguards, but can you easily detect the velocity of registrations? I assume there's a known normal rate like 10 new users per hour, that you calculate manually or with a report.
Can you set a watch on the Users table that throws an alert when that number hits 2x the expected rate? Then trigger a process to flag the last X users, and automatically nuke every attachment they've uploaded. This will obviously cause problems during a Happening or big lolcow event, but then it can be disabled for manual monitoring.
Can you set a watch on the Users table that throws an alert when that number hits 2x the expected rate? Then trigger a process to flag the last X users, and automatically nuke every attachment they've uploaded. This will obviously cause problems during a Happening or big lolcow event, but then it can be disabled for manual monitoring.
Tram Fan
kiwifarms.net
- Joined
- Sep 8, 2025
I'm sorry but ur a bit lil retarded. Let REAL WOMEN handle the job and in the meanwhile you can play with crayons.
??? Wait what. What is the reasoning behind this idea? So if you're annoyed by somebody smoking weed at your place you should go to their place and smoke weed there? You see it won't do right?
In Poland we say "illness doesn't choose" meaning anybody can fell ill in this context mentally ill. The attacker prolly has a weird combination of mental illnesses combined with high IQ.
Why can't I write posts on this troony profile page it ain't fair
Actually this is a good question. The attacker might not be able to post actual cp but he might fuck up the KF just enough it won't be usable which is basically the same result. Thankfully KF is still working.
No no no slungus is a funny retard even though it is a tranny. We can keep him until he eventually defends pedos just like SSJ_Ness.
What about Polish fags like me who once learnt English and have already forgotten most of stupid English grammar rules? Besides the attacker can probably just use grammarly or something like this.
Maybe they are just rich. This pedo could be working a regular IT job during the day and then attack KF during the evenings.
Yeah personally I got no ideas. You can have more jannies but jannies need to be willing and trusting people. And no fucking doxxing. This site is of any value only if you can be anonymous.
Do we even know if the attacker actually lives in the US? Because it would be less surprising if he was living in Russia or in Africa. And if yes then USA feds can't do shit even if they wanted to.
- Joined
- Jan 14, 2023
Unfortunately there is no such thing is open forum anymore. Eventually everything becomes corrupted and we must diligently monitor our community.
- Joined
- Aug 6, 2019
Just turn off P.M’s and report this dude to the communist gangster government computer god or whatever.
- Joined
- Apr 25, 2020
Just stop inviting people in general, were full.
- Joined
- Dec 17, 2019
I mean
This is Gurupartap "RapeApe" Davis, someone who had to deal with Leto's 'p spam for years and not being exactly fit for the task as a half-jeet half-negro, both mentally and skill-wise, so it's no wonder he's doomposting about Null's efforts to clap the fucker.
- Joined
- May 22, 2013
Better, change it up for every new registration, like how we have the rotating quotes on the front page.
“Password must contain at least 2 special characters, 3 numbers, and the letter M 5 times”
“Today is brought to you by the number 6. You should have at least 6 special characters in your password, not including . @ & or #”
“You must include at least one accented character such as ê ì or ů”
“Password must be exactly 16 characters long without using the following: E 6 $ * @ ; 3 M A ) ~”
Etc.
That way spammers have to keep using different passwords every time and the automatic password creation tools most browsers come with wouldn’t as useful for them.
Normal users wouldn’t be bothered cause they’re only ever making a password once and if they really feel like it they can just go into their user settings and change it.
- Joined
- Apr 6, 2020
I remember the Alex Jones gay frogs remix captcha.
Edit: it's still on the server. https://kiwifarmsaaf4t2h7gc3dfc5ojhmqruw2nit3uejrpiagrxeuxiyxcyd.onion/public/security/
- Joined
- Jan 14, 2023
It's true. But we must also expand.
- Joined
- Mar 7, 2023
Similar idea to the bandwidth one, probably was mentioned already, would be to re-use the Proof of Work challenges from KiwiFlare as the captcha for signups using either a more expensive hashing algorithm or higher difficulty challenge, Something like requiring around several minutes of work in order to create an account would act as a decent speed bump for mass account creation.