Comment Spam

"Or perhaps you could just charge new members a fee or deposit before they are allowed to post.. say $5."

Fred, stop trying to turn the internet into a toll road! ;-)

If I had to go to the trouble of sending someone money to join here I'm pretty sure I wouldn't have.  Not that y'all aren't a great bunch, and not that this site isn't awesome, but who's got that kind of time?

Hi Jason,

I have another idea, the bot (ceming913) or what ever hit many sites in the past 24 hours and I think it has a more sophisticated method that bypasses Captcha. Some type of search crawler that knows what you programmers like to use for message directories and standard file types to create a website list. Maybe the security breach is Captcha itself, every employee has a price and he/she disables it at a golden hour.

Here is another site it spammed with the same crap last night and there are many more. I wonder if this site uses the same message post engine?

It does not make an effort to post any bio description so maybe messages can only be posted at TW after putting a minimum description personal profile or have a user activated messaging check box in profile.

You could have 5 numbered check boxes and say check for a total of seven.

The spammers could be using a room full of crack addicts in front of computers getting rewarded with rocks dropping into a tray in front of them for every break in. The numbered check box method would force them to use their cell phone calculator apps. LOL

Edit: Charlie the mass spamming is not human, unless on crack.

Some ideas:

1) Require that all users undergo moderator approval before being allowed to post.
2) Include one or more captcha-like things on the registration page (a sum, puzzle, a request to write about your favourite dog food, whatever)

"Fred, stop trying to turn the internet into a toll road! ;-)" - Dewster

Dewster, it is already a "toll road" - only, at present, it is spammers and those who sort out the mess when some villain corrupts your computer, who collect the "toll".

I personally would much prefer the "toll" to go to those who host useful (essential) sites like TW, and perhaps gives them a little return for all the hours they must spend weeding the crap (planted by those spamming Aholes) from the forums.

I do not have a problem with "captcha like" filtering, just have a problem with ones that require the sort of visual perception that captcha does.. I understand the mechanism - the visual image is not easily deciphered by a bot.. Alas though, in this respect I am impaired in a similar way.

If there was an image which was not distorted, and had (for example) a simple arithmetic operation to which one gave the answer, that would be fine..

But I think the problem is that captcha is available and can be easily plugged in, wheras these other ideas would require development of unique code.. I think that almost any unique method doing what captcha does, would work - provided it was not widely adopted by other sites.. "They" are not going to modify the bot just to get TW, but when (like captcha) a lot of sites use the same filtering method, then it is worth "their" while to hack it.

Fred.

© 2012 www.deathbycaptcha.com

• About Us

  Death by Captcha is a premier CAPTCHA solving service. With over 1 year in the CAPTCHA Bypass business, Death by Captcha has become one of the industry leaders in the market. Our teams of technical experts and specialized decoders have worked together to created a system that is both incredibly fast and very accurate. Death by Captcha offers an outstanding low price of $1.39 for 1000 decoded CAPTCHAs, a 24/7 team of CAPTCHA decoders with a success rate of 95% to 100%, an average response time of 17 seconds and several API clients.

"a 24/7 team of CAPTCHA decoders "..

Stunning - a load of humans sitting in front of PC's and wasting their valuable time (we only live once, and time is the substance of life) doing something so inane and pointless, just to earn a living.

What a sad world!

Fred.

I think using Captcha only until the user has completed a certain number of posts should be a fine solution.

I'd have no problem to pay the $5 but that would leave out a lot of people, including

- People from countries where it's not trivial to get access to a credit card,

- Minors and students that don't have a credit card yet,

- People that systematically mistrust any form of Internet payment and refuse to use them (I don't know in other places, but at least in Spain this is very common, maybe even a majority among people over 50 or so). 

would asking a simple question like "which forum are you in?" and giving a "pass" if you enter "Suggestion Box" work? A bot would, I suspect, need to be specifically programmed to find the answer - even though its readily available on the page.

Fred.

>>Here is another site it spammed with the same crap last night and there are many more. I wonder if this site uses the same message post engine? - RS

The interesting thing here is that the links in this particular spam were either wrongly inserted by the spammer/bot, or damaged in some other way.. I always check properties of any link before I click on it, and report any link referenced to various spam-blocking agencies.. No-one who ever uses spamming will get my business if I become aware of the fact.

would asking a simple question like "which forum are you in?" and giving a "pass" if you enter "Suggestion Box" work? A bot would, I suspect, need to be specifically programmed to find the answer - even though its readily available on the page.

Yes, I'm on another forum that does something like that. It asks an obvious question "what colour was the white horse of Saint James?" which is trivial for any human (well, for any human speaking the forum language) but difficult for a robot.

That, plus captcha on registration (not on each post), seems to be keeping spam at bay in that community at the moment. 

I got an idea, give me a minute to gather my thoughts.