Go Down

Topic: Spam fighting request (Read 3 times) previous topic - next topic

follower

Hi...

Quote
it's not that we have a 90% spam 10% content ration..

That's not a very high standard to compare the situation to! :-)

To be honest I don't understand the reluctance to enable a couple of people to implement this. Is there something about the situation I'm not understanding?

A greater than zero number of community members find the spam unnecessary and there are at least a couple of people willing to provide the mouse clicks required to delete it more promptly. Less spam. More time for the existing mods to do more useful things. And I could delete the spam with one click (I assume) instead of typing in a bunch of stuff and waiting for a moderator to delete it.

I would appreciate it if you could please explain the reason for this not being an acceptable solution for you.

Thanks.

--Phil.

P.S. FWIW with the current spam volume I think captchas would inconvenience the forum community more than the spam.

Oracle

#11
Aug 28, 2008, 07:37 pm Last Edit: Aug 28, 2008, 07:43 pm by Oracle Reason: 1
Quote

To be honest I don't understand the reluctance to enable a couple of people to implement this. Is there something about the situation I'm not understanding?


From the point of view of the core team, Arduno is their baby, the built it up, and it's very hard to let go of control.  It's the same sort of feeling that parents have as their children grow up.

As the Arduino community grows, I suspect it will become more and more necessary to have some help, but I can certainly understand the reluctances of the core team to give up control of their baby.

I'd say just be patient right now, they are dealing with the spam.  The only real downside right now is they're spending time that could go into helping users or further developing Ardunio on deleting spam.

As the legitimate user base grows, it's not simply deleting spam, but more subjective things mods would have to do.  Moving threads to more appropriate forums for example.  Should a mod only delete spam or a grossly off-topic thread?  Where do you draw the line?  

John_Ryan

Quote
Quote
what about to use a captcha system for the borad?

http://www.yabbforum.com/community/YaBB.pl?num=1186785854/0


I'm not conviced captchas work, when I added them to my own site it barely slowed them down.


The attacks Arduino.cc's has been suffering, are Bot attacks, and bots "cannot" navigate sites protected by "good" implementations of CAPTCHAs, such as the format used over at Yahoo.

The general mentality of spammers is if they can let their bot's roam the web injecting their filth into millions of vulnerable forums, like this one, then it beats doing any form of work themselves, like reading site CAPTACHA codes for a single attack, especially if the pay-off isn't high unlike the persistent attacks suffered by WindowsLive and Gmail whose CAPTCHAs were hacked, which considering the "kudos" prize, its no wonder.

So for the 5 minutes the Yabb hack takes to implement it'll reduce a substantial amount of the misery users here are obviously suffering as a result of sometimes highly offensive spam.



Oracle

Quote


The attacks Arduino.cc's has been suffering, are Bot attacks, and bots "cannot" navigate sites protected by "good" implementations of CAPTCHAs, such as the format used over at Yahoo.


It's trivial to break any captcha.  You simply link it into a "free porn" site and have users answer the captchas.  They type the captcha, the bot automatically enters it into the victim site, and if it's right, the script lets the viewer have their porn.   There is no such thing as a good implementation because any captcha can be defeated with this sort of attack.

John_Ryan

Quote
Quote


The attacks Arduino.cc's has been suffering, are Bot attacks, and bots "cannot" navigate sites protected by "good" implementations of CAPTCHAs, such as the format used over at Yahoo.


It's trivial to break any captcha.  You simply link it into a "free porn" site and have users answer the captchas.  They type the captcha, the bot automatically enters it into the victim site, and if it's right, the script lets the viewer have their porn.   There is no such thing as a good implementation because any captcha can be defeated with this sort of attack.


I haven't heard of that one before, how does it work?

If CAPTCHAs are so easy to defeat, then the brains over at Carnegie Mellon University have a lot to be held accountable for, and gosh, the cheek of it, they're still telling people to use it!

http://www.captcha.net/

Our portfolio includes a number of adult sites we've owned "for years", all with CAPTCHA, not one has ever suffered a spam attack. An adult forum we own started out with Yabb, but it got too big and we upgraded it to SMF. In its 3 year history only a handful of Russians have tried manual attacks, but the site has 3 moderators and they blocked the IP's before they had a chance to do anything.

Spam is completely preventable.  

Go Up