How does spambot posting on GH?

[BucklingSpring]

Two bots posted on GH in the past couple weeks.

http://geekhack.org/showthread.php?t=16842

And can't find the other... Probably nuked by the admin.

Are they getting "smarter"?

Is it time to upgrade our boarding engine?

[BucklingSpring]

You push the little red triangle on the left.  Type "Spam".  Send.

Ok bot how do they get there in the first place?

[Lpb45]

they even make profiles and upload pics.

[BucklingSpring]

I just logged Out and went to the registering process. We don't use any "protection" like reCAPTCHA or alike. At least not as as far as I went in the registering process. I didn't make a complete submission.

[panda-R]

You should start your own keyboard forum.

Like Runeazn's.    The Russian Porn there is pretty impressive.

PandaR didn't call him "Princess" for nothing!

lulz poor runeazn, i miss that little princess guy thing. Whatever happened to her?

[panda-R]

PETER CHAO my hero!

[iMav]

Two bots posted on GH in the past couple weeks.

http://geekhack.org/showthread.php?t=16842

And can't find the other... Probably nuked by the admin.

Are they getting "smarter"?

Is it time to upgrade our boarding engine?

We have a, fairly simple, question.  I am looking to implement something else (more sophisticated then captcha), but have yet to do so....spambot annoyance here at GH is pretty light.

[iMav]

Ok.  New Human Verification System is in place.  

[Hak Foo]

IME, a simple random-math thing like this is a surprisingly effective deterrent:

$a = rand(1,10);
$b = rand(1,10);
?>
< input type="hidden" name="a" value="< ?php echo $a;?>">
< input type="hidden" name="b" value="< ?php echo $b;?>">
Please add < ?php echo $a;?> + < ?php echo $b;?>

then in the processing code

if(!$_POST["a"] || !$_POST["b"] || $_POST["c"]!=$_POST["a"]+$_POST["b"]) die("please fill out the damned captcha so we don't have to do the scrambled letter ones!");


Yeah, if it was WORTH the effort to target the site and realize "fields A, B, and C must be set together in specific ways", you could defeat it, but I doubt there's enough value in doing so.  And you could just replace the + with a - and/or rename fields and stymie them again.

[iMav]

For the most part, I believe the "spambots" are actually registering manually (real person).  We'll see what rate we get them now with the new verification in place.

[kill will]

i liked the one bot that posted about air jordans in nonsensical engrish.  he seemed like a cool robot.

[Ekaros]

Ok, that's one cool captcha

[mr_a500]

Gah! Flash based "captcha"! If geekhack had that crap back when I first came here, I never would have been able to become a member. I use alternative operating systems (Amiga, BeOS, Haiku, soon MorprhOS).

Flash is evil - a CPU sucking evil proprietary curse that's ruining the internet experience for anybody not using Windows, MacOS or Linux.

[BucklingSpring]

Ok.  New Human Verification System is in place.  

Cool... Let see if the bad ass smart Russians will crack the code.

:-)

[BucklingSpring]

Gah! Flash based "captcha"! If geekhack had that crap back when I first came here, I never would have been able to become a member. I use alternative operating systems (Amiga, BeOS, Haiku, soon MorprhOS).

Some others can't be resolved by color blind people. It's always a matter of weighting the annoyance of the spam problem vs the annoyance you impose on your users to prevent it.

As iMav is pointing it out, this is not a big problem here.

[digitalleftovers]

I think this was an excellent choice.  It doesn't alienate colorblind people, and it  seems to not only be difficult to crack, but I have never seen it before (rare is better than common).

If you had not posted this, I was going to suggest the cat/dog identification captcha.

[BucklingSpring]

I like the puzzle thing.

I think I will register over and over just to solve it once more. :baby: