Page 1 of 5 123 ... LastLast
Results 1 to 10 of 46

Thread: Need to have some better security on the forums

Hybrid View

  1. #1
    Join Date
    May 2007
    Location
    Third Rock from the Sun
    Posts
    6,584

    Angry Need to have some better security on the forums

    Michael, there seems to be a lot of bots hitting the forums lately and spamming them, would you please consider implementing some sign up security to thwart these annoyances?

    Here is another example with no doubt a few more garbage posts to follow:

    http://www.phoronix.com/forums/showthread.php?t=21419
    http://www.phoronix.com/forums/showthread.php?t=21376
    http://www.phoronix.com/forums/showthread.php?t=21338
    http://www.phoronix.com/forums/showthread.php?t=21296
    http://www.phoronix.com/forums/showthread.php?t=21061
    Last edited by deanjo; 01-13-2010 at 09:46 PM.

  2. #2
    Join Date
    May 2007
    Location
    Third Rock from the Sun
    Posts
    6,584

  3. #3
    Join Date
    Apr 2008
    Location
    Saskatchewan, Canada
    Posts
    466

    Default

    Problem is there's no signup security which can't be defeated by OCR or an office full of Chinese people on $0.50 an hour which won't drive away real users. 'Captchas', for example, have devolved to the point where it's probably easier for a computer to read than for me to do so; I typically have to make two or three attempts before I can work one out.

  4. #4
    Join Date
    May 2007
    Location
    Third Rock from the Sun
    Posts
    6,584

    Default

    Quote Originally Posted by movieman View Post
    Problem is there's no signup security which can't be defeated by OCR or an office full of Chinese people on $0.50 an hour which won't drive away real users. 'Captchas', for example, have devolved to the point where it's probably easier for a computer to read than for me to do so; I typically have to make two or three attempts before I can work one out.
    Well there are some trends if you look at the spams,

    1) they always start a new thread on their initial spam, make it so that creating a new thread on the first posts from a new user can't be put up until reviewed

    2) since these are mostly bot signups have the signup process not accept a signup when the form is "instantly" filled from their macro's, etc. Usually with their signups are filled in all in one shot, something a human couldn't really do. Restrict it to the signup process has to take at least a minimum time such as 10 seconds.

    There are other ways as well to minimize the effect, they just have to be put in place.

  5. #5
    Join Date
    Sep 2007
    Location
    Connecticut,USA
    Posts
    964

    Default

    Quote Originally Posted by deanjo View Post
    Well there are some trends if you look at the spams,

    1) they always start a new thread on their initial spam, make it so that creating a new thread on the first posts from a new user can't be put up until reviewed

    2) since these are mostly bot signups have the signup process not accept a signup when the form is "instantly" filled from their macro's, etc. Usually with their signups are filled in all in one shot, something a human couldn't really do. Restrict it to the signup process has to take at least a minimum time such as 10 seconds.

    There are other ways as well to minimize the effect, they just have to be put in place.
    There's mods and patches for vbulletin for thwarting spammers cold.

    Also disabling signatures and avatars for new people till they reach a certain number of posts also helps too, as some spammers use signatures filled with links to badware

    Quote Originally Posted by Michael View Post
    Added "Android" and "converter" to the list of checks that will flag a post for the moderation queue if the user's post count is less than three, that should cut out lots of this spam lately.
    as other "spam words" pop up add them to the checklist too.

    @Michael, spammers will always try to get around whatever you throw at them, so its pretty much a must to keep devising new ways to keep on top of the spammers.

    Quote Originally Posted by L33F3R View Post
    oh man. poor Qaridarium would be trying for hours and hours.
    LOL!

    But Q's not really a spammer though, despite how badly worded his posts are.
    Last edited by DeepDayze; 01-19-2010 at 11:44 PM.

  6. #6
    Join Date
    Apr 2009
    Location
    Toronto/North Bay Canada
    Posts
    877

    Default

    Quote Originally Posted by movieman View Post
    Problem is there's no signup security which can't be defeated by OCR or an office full of Chinese people on $0.50 an hour which won't drive away real users. 'Captchas', for example, have devolved to the point where it's probably easier for a computer to read than for me to do so; I typically have to make two or three attempts before I can work one out.
    id tend to say its the Chinese, except that no profit is involved.

    anyone know a reason behind the spam?

  7. #7
    Join Date
    Jun 2007
    Location
    Albuquerque NM USA
    Posts
    350

    Default

    Quote Originally Posted by movieman View Post
    Problem is there's no signup security which can't be defeated by OCR or an office full of Chinese people on $0.50 an hour which won't drive away real users. 'Captchas', for example, have devolved to the point where it's probably easier for a computer to read than for me to do so; I typically have to make two or three attempts before I can work one out.
    I hear that.

  8. #8
    Join Date
    May 2008
    Location
    Germany/NRW
    Posts
    510

    Default

    Quote Originally Posted by movieman View Post
    Problem is there's no signup security which can't be defeated by OCR or an office full of Chinese people on $0.50 an hour which won't drive away real users. 'Captchas', for example, have devolved to the point where it's probably easier for a computer to read than for me to do so; I typically have to make two or three attempts before I can work one out.
    Dunno... I thought Text-chas were pretty effective at filtering out bots and still very accessible? They'll filter out everyone who doesn't speak english though, which might be a good and a bad thing. Good: Chinese wont be able to defeat them (as long as they don't speak english). Con: Non-english speakers wont be able to join the board. But seeing as how this is an english board anyway I don't think that'd be such a big trade-off.

  9. #9
    Join Date
    Apr 2009
    Location
    Toronto/North Bay Canada
    Posts
    877

    Default

    Quote Originally Posted by Zhick View Post
    Dunno... I thought Text-chas were pretty effective at filtering out bots and still very accessible? They'll filter out everyone who doesn't speak english though, which might be a good and a bad thing. Good: Chinese wont be able to defeat them (as long as they don't speak english). Con: Non-english speakers wont be able to join the board. But seeing as how this is an english board anyway I don't think that'd be such a big trade-off.
    oh man. poor Qaridarium would be trying for hours and hours.

  10. #10
    Join Date
    May 2007
    Posts
    327

    Default

    Quote Originally Posted by movieman View Post
    'Captchas', for example, have devolved to the point where it's probably easier for a computer to read than for me to do so; I typically have to make two or three attempts before I can work one out.
    Yeah what the heck's that about?
    What's the point of making them almost unreadable by humans, it's not as though it's going to make it any harder for bots.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •