The only advantage of a such name is uniqueness (more precisely, a google-wide uniqueness), but why exactly is that an advantage?
Perhaps to make it easier to track which sites were successfully attacked? For example 100 000 websites under attack, 100 000 silly user names; a month later an automated google search reveals which websites are insecure, and those are selected for a second wave of attack? For example, to avoid Google penalty for getting 100 000 links on the same day, the spammer could create accounts on 100 000 websites the same day, but only add 200 links a day from the attacked sites to their own websites.
This was my first idea, but… why google for a unique username associated with a website, when you can just look at the given website to check whether the user’s wiki page still exists? (Is the Google search perhaps more anonymous?)
There is an added bonus that it is harder to link related attacks and find out which group is behind which wave.
Also, there will always be some amount of legitimate users with random names—and any other easy to generate will-always-exist pattern would fall into collisions more often.
At least on LW proper, I have deliberately random username. I don’t have LW wiki account, though, but if I ever find a maths article there that I would want to edit, I will use the same screen name. I didn’t notice that I am a spambot (outside “Product Recommendation” at least).
Yeah. You’d think they’d have sensible names, like all the other users on the site.
The only advantage of a such name is uniqueness (more precisely, a google-wide uniqueness), but why exactly is that an advantage?
Perhaps to make it easier to track which sites were successfully attacked? For example 100 000 websites under attack, 100 000 silly user names; a month later an automated google search reveals which websites are insecure, and those are selected for a second wave of attack? For example, to avoid Google penalty for getting 100 000 links on the same day, the spammer could create accounts on 100 000 websites the same day, but only add 200 links a day from the attacked sites to their own websites.
This was my first idea, but… why google for a unique username associated with a website, when you can just look at the given website to check whether the user’s wiki page still exists? (Is the Google search perhaps more anonymous?)
Another advantage is reduced likelihood of name collisions (in this case meaning reduced likelihood of the account creation failing).
There is an added bonus that it is harder to link related attacks and find out which group is behind which wave.
Also, there will always be some amount of legitimate users with random names—and any other easy to generate will-always-exist pattern would fall into collisions more often.
Relevant username? It seems that the spambots are learning at a geometric rate—I give them a few weeks before they go FOOM.
At least on LW proper, I have deliberately random username. I don’t have LW wiki account, though, but if I ever find a maths article there that I would want to edit, I will use the same screen name. I didn’t notice that I am a spambot (outside “Product Recommendation” at least).