The stupidest blacklist

Discussion of all aspects of the website, wiki, and forums, including support requests and new ideas.

Moderator: Forum Moderators

User avatar
loonycyborg
Windows Packager
Posts: 280
Joined: April 1st, 2008, 4:45 pm
Location: Russia/Moscow

Re: The stupidest blacklist

Post by loonycyborg »

irrevenant wrote: It'd help if you flipped the order of the question around (125 - 15 - 27 = ??), and made the question a lot easier ("What is 7 + 10 ?").
If the bot is written in python it can do eval("7 + 10") and answer it :)
"meh." - zookeeper
User avatar
Viliam
Translator
Posts: 1341
Joined: January 30th, 2004, 11:07 am
Location: Bratislava, Slovakia
Contact:

Re: The stupidest blacklist

Post by Viliam »

I have received many comment spams in the blog on my homepage. Then I added a simple field asking:
2+2= [_]
and the spam comments stopped. (If you enter a wrong answer, you are just redirected to the same page with all data you sent, so you just have to fill in the answer and submit again. I guess this is user-friendly enough.)

I know that the Wesnoth forum has 1.000.000 times more visitors, but maybe something like this (on a registration screen) could help. My guess is that spambot makers are trying to keep a reasonable effort:gain ratio. If their algorithm is good enough for 99% of PHPBB forums, they will not put work to change it just because it stopped working for Wesnoth forum. You do not have to have perfect security, just better than most of other PHPBB sites. Any unusual security would do this.
User avatar
Urs
Art Contributor
Posts: 437
Joined: August 11th, 2007, 5:33 pm

Re: The stupidest blacklist

Post by Urs »

:hmm: How about something like this?
Dave
Founding Developer
Posts: 7071
Joined: August 17th, 2003, 5:07 am
Location: Seattle
Contact:

Re: The stupidest blacklist

Post by Dave »

How about we just replace the captcha with a custom question. It could be the same every time:

"What color is the sky?"

Everyone should be able to answer it. I doubt our forum is popular enough for spambot programmers to notice us and detect this in our form.

David
“At Gambling, the deadly sin is to mistake bad play for bad luck.” -- Ian Fleming
User avatar
Mica
Posts: 577
Joined: December 4th, 2007, 5:18 pm

Re: The stupidest blacklist

Post by Mica »

Aren't there ways to program a bot to do something like that? (I.E. like the previous explanation of how bots get past captcha?)
Mica says one who cheats, cheats himself.

You are an Elvish Shyde - Beautiful, natural, and helpful, though sometimes under-appreciated.
ededored
Posts: 1
Joined: December 11th, 2007, 3:34 am

Re: The stupidest blacklist

Post by ededored »

you can try misspelling the previous statement while leaving it somewhat understandable. Possibly with a math question that shouldn't be answered? or should be answered incorrectly?
uzytkownik
Posts: 126
Joined: April 19th, 2008, 7:12 pm
Contact:

Re: The stupidest blacklist

Post by uzytkownik »

May be a number of posts would be an idea? If somebody has x posts posted (x >> 0) than he is automatically passed. Otherwise he has to pass a security check.
Dave wrote:How about we just replace the captcha with a custom question. It could be the same every time:

"What color is the sky?"
Today in my country was rather greyish - however now is dark-violet (1 am). How could you detect it? ;)
Post Reply