The stupidest blacklist
Moderator: Forum Moderators
-
loonycyborg
- Windows Packager
- Posts: 295
- Joined: April 1st, 2008, 4:45 pm
- Location: Russia/Moscow
Re: The stupidest blacklist
If the bot is written in python it can do eval("7 + 10") and answer itirrevenant wrote: It'd help if you flipped the order of the question around (125 - 15 - 27 = ??), and made the question a lot easier ("What is 7 + 10 ?").
"meh." - zookeeper
-
Viliam
- Translator
- Posts: 1341
- Joined: January 30th, 2004, 11:07 am
- Location: Bratislava, Slovakia
- Contact:
Re: The stupidest blacklist
I have received many comment spams in the blog on my homepage. Then I added a simple field asking:
2+2= [_]
and the spam comments stopped. (If you enter a wrong answer, you are just redirected to the same page with all data you sent, so you just have to fill in the answer and submit again. I guess this is user-friendly enough.)
I know that the Wesnoth forum has 1.000.000 times more visitors, but maybe something like this (on a registration screen) could help. My guess is that spambot makers are trying to keep a reasonable effort:gain ratio. If their algorithm is good enough for 99% of PHPBB forums, they will not put work to change it just because it stopped working for Wesnoth forum. You do not have to have perfect security, just better than most of other PHPBB sites. Any unusual security would do this.
2+2= [_]
and the spam comments stopped. (If you enter a wrong answer, you are just redirected to the same page with all data you sent, so you just have to fill in the answer and submit again. I guess this is user-friendly enough.)
I know that the Wesnoth forum has 1.000.000 times more visitors, but maybe something like this (on a registration screen) could help. My guess is that spambot makers are trying to keep a reasonable effort:gain ratio. If their algorithm is good enough for 99% of PHPBB forums, they will not put work to change it just because it stopped working for Wesnoth forum. You do not have to have perfect security, just better than most of other PHPBB sites. Any unusual security would do this.
How about something like Re: The stupidest blacklist
How about we just replace the captcha with a custom question. It could be the same every time:
"What color is the sky?"
Everyone should be able to answer it. I doubt our forum is popular enough for spambot programmers to notice us and detect this in our form.
David
"What color is the sky?"
Everyone should be able to answer it. I doubt our forum is popular enough for spambot programmers to notice us and detect this in our form.
David
“At Gambling, the deadly sin is to mistake bad play for bad luck.” -- Ian Fleming
Re: The stupidest blacklist
Aren't there ways to program a bot to do something like that? (I.E. like the previous explanation of how bots get past captcha?)
Mica says one who cheats, cheats himself.
You are an Elvish Shyde - Beautiful, natural, and helpful, though sometimes under-appreciated.
You are an Elvish Shyde - Beautiful, natural, and helpful, though sometimes under-appreciated.
Re: The stupidest blacklist
you can try misspelling the previous statement while leaving it somewhat understandable. Possibly with a math question that shouldn't be answered? or should be answered incorrectly?
-
uzytkownik
- Posts: 126
- Joined: April 19th, 2008, 7:12 pm
- Contact:
Re: The stupidest blacklist
May be a number of posts would be an idea? If somebody has x posts posted (x >> 0) than he is automatically passed. Otherwise he has to pass a security check.
Today in my country was rather greyish - however now is dark-violet (1 am). How could you detect it?Dave wrote:How about we just replace the captcha with a custom question. It could be the same every time:
"What color is the sky?"