geekhack

geekhack Community => Off Topic => Topic started by: BucklingSpring on Sun, 03 April 2011, 10:59:43

Title: How does spambot posting on GH?
Post by: BucklingSpring on Sun, 03 April 2011, 10:59:43

Two bots posted on GH in the past couple weeks.

http://geekhack.org/showthread.php?t=16842 (http://geekhack.org/showthread.php?t=16842)

And can't find the other... Probably nuked by the admin.

Are they getting "smarter"?

Is it time to upgrade our boarding engine?

Title: How does spambot posting on GH?
Post by: BucklingSpring on Sun, 03 April 2011, 11:05:49

Quote from: ripster;323766

You push the little red triangle on the left.  Type "Spam".  Send.

Ok bot how do they get there in the first place?

Title: How does spambot posting on GH?
Post by: Lpb45 on Sun, 03 April 2011, 11:10:08

they even make profiles and upload pics.

Title: How does spambot posting on GH?
Post by: BucklingSpring on Sun, 03 April 2011, 11:14:37

I just logged Out and went to the registering process. We don't use any "protection" like reCAPTCHA or alike. At least not as as far as I went in the registering process. I didn't make a complete submission.

Title: How does spambot posting on GH?
Post by: panda-R on Sun, 03 April 2011, 12:05:46

Quote from: ripster;323779

You should start your own keyboard forum.

Like Runeazn's.    The Russian Porn there is pretty impressive. (http://www.clickykeyboards.tk/phpBB3/viewforum.php?f=2)

PandaR didn't call him "Princess" for nothing!

lulz poor runeazn, i miss that little princess guy thing. Whatever happened to her?

Title: How does spambot posting on GH?
Post by: panda-R on Sun, 03 April 2011, 12:34:36

PETER CHAO my hero!

Title: How does spambot posting on GH?
Post by: iMav on Sun, 03 April 2011, 13:01:09

Quote from: BucklingSpring;323759

Two bots posted on GH in the past couple weeks.

http://geekhack.org/showthread.php?t=16842 (http://geekhack.org/showthread.php?t=16842)

And can't find the other... Probably nuked by the admin.

Are they getting "smarter"?

Is it time to upgrade our boarding engine?

We have a, fairly simple, question.  I am looking to implement something else (more sophisticated then captcha), but have yet to do so....spambot annoyance here at GH is pretty light.

Title: How does spambot posting on GH?
Post by: iMav on Sun, 03 April 2011, 14:57:17

Ok.  New Human Verification System is in place.  ;)

Title: How does spambot posting on GH?
Post by: Hak Foo on Sun, 03 April 2011, 16:59:45

IME, a simple random-math thing like this is a surprisingly effective deterrent:

$a = rand(1,10);
$b = rand(1,10);
?>
< input type="hidden" name="a" value="< ?php echo $a;?>">
< input type="hidden" name="b" value="< ?php echo $b;?>">
Please add < ?php echo $a;?> + < ?php echo $b;?>

then in the processing code

if(!$_POST["a"] || !$_POST["b"] || $_POST["c"]!=$_POST["a"]+$_POST["b"]) die("please fill out the damned captcha so we don't have to do the scrambled letter ones!");


Yeah, if it was WORTH the effort to target the site and realize "fields A, B, and C must be set together in specific ways", you could defeat it, but I doubt there's enough value in doing so.  And you could just replace the + with a - and/or rename fields and stymie them again.

Title: How does spambot posting on GH?
Post by: iMav on Sun, 03 April 2011, 17:08:55

For the most part, I believe the "spambots" are actually registering manually (real person).  We'll see what rate we get them now with the new verification in place.

Title: How does spambot posting on GH?
Post by: kill will on Sun, 03 April 2011, 17:16:56

i liked the one bot that posted about air jordans in nonsensical engrish.  he seemed like a cool robot.

Title: How does spambot posting on GH?
Post by: Ekaros on Sun, 03 April 2011, 17:21:48

Ok, that's one cool captcha ;D

Title: How does spambot posting on GH?
Post by: mr_a500 on Sun, 03 April 2011, 17:34:50

Gah! Flash based "captcha"! If geekhack had that crap back when I first came here, I never would have been able to become a member. I use alternative operating systems (Amiga, BeOS, Haiku, soon MorprhOS).

Flash is evil - a CPU sucking evil proprietary curse that's ruining the internet experience for anybody not using Windows, MacOS or Linux.

Title: How does spambot posting on GH?
Post by: BucklingSpring on Mon, 04 April 2011, 11:24:24

Quote from: iMav;323854

Ok.  New Human Verification System is in place.  ;)

Cool... Let see if the bad ass smart Russians will crack the code.

:-)

Title: How does spambot posting on GH?
Post by: BucklingSpring on Mon, 04 April 2011, 11:29:03

Quote from: mr_a500;323949

Gah! Flash based "captcha"! If geekhack had that crap back when I first came here, I never would have been able to become a member. I use alternative operating systems (Amiga, BeOS, Haiku, soon MorprhOS).

Some others can't be resolved by color blind people. It's always a matter of weighting the annoyance of the spam problem vs the annoyance you impose on your users to prevent it.

As iMav is pointing it out, this is not a big problem here.

Title: How does spambot posting on GH?
Post by: digitalleftovers on Mon, 04 April 2011, 11:36:56

(http://geekhack.org/picture.php?albumid=123&pictureid=732)

I think this was an excellent choice.  It doesn't alienate colorblind people, and it  seems to not only be difficult to crack, but I have never seen it before (rare is better than common).

If you had not posted this, I was going to suggest the cat/dog identification captcha.

Title: How does spambot posting on GH?
Post by: BucklingSpring on Mon, 04 April 2011, 16:54:28

I like the puzzle thing.

I think I will register over and over just to solve it once more. :baby: