Register to post in forums, or Log in to your existing account
 

Post new topic  Reply to topic     Home » Forums » Website or Forum problems
Rorso
Wizard


Joined: 14 Oct 2000
Posts: 1368

PostPosted: Thu Oct 26, 2006 1:48 pm   

Image code verification
 
It would be nice if you had one of those images with letters on forum registration so we can decrease the amount of forum spam. It is kinda sad to see how these spammers have continued from email to web spam.

Some time ago I was really happy to see we had 1000 comments on the website of the MUD I play... just to notice it was 1000 spam comments Crying or Very sad.
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23379
Location: Colorado, USA

PostPosted: Thu Oct 26, 2006 4:24 pm   
 
We already have that. In fact, I have added a *lot* of anti-spam and auto-ban code to this forum. I won't discuss the specifics because I don't want spammers to know about it. The problem is that since zuggsoft.com has been a stable domain name for over 10 years and this forum is also rather mature, it has a very high Google score, which attracts a lot of crap.

It *is* very sad to see this stuff, and it annoys me whenever I have to deal with it.
Reply with quote
Fang Xianfu
GURU


Joined: 26 Jan 2004
Posts: 5155
Location: United Kingdom

PostPosted: Tue Dec 12, 2006 12:08 am   
 
Use b3ta's CAPTCHA system! You have a 4x4 grid of images, three of which are kittens and the rest of which are random images. The user has to click the three kittens to verify. Much better than letter strings ^_^

I res the thread because more and more of them seem to appear :|
Reply with quote
Taz
GURU


Joined: 28 Sep 2000
Posts: 1395
Location: United Kingdom

PostPosted: Tue Dec 12, 2006 1:43 pm   
 
If KittenAuth got implemented I'd be making myself a new user everyday Laughing
_________________
Taz :)
Reply with quote
Fang Xianfu
GURU


Joined: 26 Jan 2004
Posts: 5155
Location: United Kingdom

PostPosted: Tue Dec 12, 2006 1:51 pm   
 
I wonder how difficult it'd actually be to change the registration page code to use it instead of a number-based CAPTCHA. More forums seriously do need to start using it, if only because bot authors won't know what to do with it for a long time :D
_________________
Rorso's syntax colouriser.

- Happy bunny is happy! (1/25)
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23379
Location: Colorado, USA

PostPosted: Tue Dec 12, 2006 5:48 pm   
 
I love the idea of that (we are cat people :) If you have a link, send me a PM. Especially if you have any sort of link for PHPBB integration.
Reply with quote
Taz
GURU


Joined: 28 Sep 2000
Posts: 1395
Location: United Kingdom

PostPosted: Tue Dec 12, 2006 7:34 pm   
 
Unfortunately it is a work in progress that may never get completed, it doesn't look like it's been updated for a while.

There is another similar work that was inspired by it called HumanAuth.
_________________
Taz :)
Reply with quote
Fang Xianfu
GURU


Joined: 26 Jan 2004
Posts: 5155
Location: United Kingdom

PostPosted: Tue Dec 12, 2006 10:18 pm   
 
HumanAuth's as robust as KittenAuth v2, which actually looks pretty damn cool. But you can't have everything :(
_________________
Rorso's syntax colouriser.

- Happy bunny is happy! (1/25)
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23379
Location: Colorado, USA

PostPosted: Wed Dec 13, 2006 6:35 pm   
 
Does anyone actually know how these spammers get around the current image verification stuff? If I just added another question to the registration page (so that I don't have the "standard" phpbb page), would that help?

Or, is there an alternate set of images I can use? Although I have to admit that I really hate these CAPTCHA images and some sites have images that are *really* hard to read...I don't want to do that. But if I can just add another question to the registration page to get around the bots, that would be pretty easy.
Reply with quote
Fang Xianfu
GURU


Joined: 26 Jan 2004
Posts: 5155
Location: United Kingdom

PostPosted: Wed Dec 13, 2006 7:31 pm   
 
It's just that they've managed to create a bot that can read the CAPTCHA images. It was always going to happen eventually - now is that time.

The other alternative is that they're using sweatshop labour in the Far East. You give them a selection of CAPTCHA images, they write down the letters. The bot then scans the image, looks it up in its database of images, finds the attached letter code, and enters it. People on the KittenAuth and HumanAuth forums talk about people "farming" your image database, and that's what they mean. If the bot knows what each image is of without having to work it out itself, the game's up anyway.
_________________
Rorso's syntax colouriser.

- Happy bunny is happy! (1/25)
Reply with quote
Taz
GURU


Joined: 28 Sep 2000
Posts: 1395
Location: United Kingdom

PostPosted: Thu Dec 14, 2006 12:13 am   
 
Which is why HumanAuth embeds a watermark at random places in the images so that they can't be hashed and looked up. HumanAuth integrates with phpBB I believe, it was written in php anyway.
_________________
Taz :)
Reply with quote
Fang Xianfu
GURU


Joined: 26 Jan 2004
Posts: 5155
Location: United Kingdom

PostPosted: Thu Dec 14, 2006 12:59 am   
 
It's possible to integrate it, it just requires some legwork on Zugg's part, which obviously isn't on the table with CMUD's release so near. Maybe one day :)
_________________
Rorso's syntax colouriser.

- Happy bunny is happy! (1/25)
Reply with quote
Tarn
GURU


Joined: 10 Oct 2000
Posts: 867
Location: USA

PostPosted: Thu Dec 14, 2006 7:05 am   
 
Fang Xianfu wrote:
It's just that they've managed to create a bot that can read the CAPTCHA images.

The other alternative is that they're using sweatshop labour in the Far East.


Or a spammer can set up a site with free stuff (mp3's, cracked software, porn, whatever) and require users to solve a CAPTCHA to register and get a "free day pass". The end user may not even realize that the CAPTCHA he sees has just been lifted from an entirely different site.

All of these methods are less easy the less standard a messageboard's interface is.

-Tarn
Reply with quote
Rorso
Wizard


Joined: 14 Oct 2000
Posts: 1368

PostPosted: Thu Dec 14, 2006 10:36 am   
 
Tarn wrote:
Fang Xianfu wrote:
It's just that they've managed to create a bot that can read the CAPTCHA images.

The other alternative is that they're using sweatshop labour in the Far East.


Or a spammer can set up a site with free stuff (mp3's, cracked software, porn, whatever) and require users to solve a CAPTCHA to register and get a "free day pass". The end user may not even realize that the CAPTCHA he sees has just been lifted from an entirely different site.

All of these methods are less easy the less standard a messageboard's interface is.

-Tarn

The current image verification this forum use might be possible to "crack" using a trained neural network. The images use a lot of noise to make OCR tougher, but a neural network is 'supposed' to be able to handle noisy situations. It wouldn't surprise me if these bots use a lot of AI techniques.
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23379
Location: Colorado, USA

PostPosted: Wed Jan 17, 2007 12:51 am   
 
Well, I didn't like any of the CAPTCHA alternatives, but I *did* add an extra question to the registration form. This should stop the automatted spambots. The only thing it won't stop are real people paid to register accounts. But this should help a lot.

Over the holidays I accidentally turned off the email verification requirement for the forum registration, so that caused more spam than normal. Sorry about that...its fixed now.
Reply with quote
Darker
GURU


Joined: 24 Sep 2000
Posts: 1237
Location: USA

PostPosted: Wed Jan 17, 2007 6:07 pm   
 
Erm, yes... the color of the nighttime sky depends entirely on where you live. Night in some parts of the world is more noticeable by a clock, than the position of the sun. :)
_________________
Darker
New and Improved, for your Safety.
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23379
Location: Colorado, USA

PostPosted: Wed Jan 17, 2007 7:33 pm   
 
True...the same can be said about the "daytime" sky :) But I think most people will be able to figure it out (or hit Refresh to get a different question).
Reply with quote
Display posts from previous:   
Post new topic   Reply to topic     Home » Forums » Website or Forum problems All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
© 2009 Zugg Software. Hosted on Wolfpaw.net