Jump to content

A Possible Solution to SPAM Threads


Recommended Posts

  • Members

I think first time posters should have to answer a short questionnaire before being allowed access to post here.

 

Say 20 questions, all music related that they have the option to make public or not.

 

Possible Questions:

Your main instrument

Your favorite player/band

Your most cherished musical moment

You favorite piece of gear

Etc...

 

Something like this would probably deter the occasional "spam-mer". Its a deterrence of sorts.

 

What d`ya think?:cop:

Link to comment
Share on other sites

  • Members

the shoe and porn spammers are generally 'bots

 

'bots aren't my area, but I assume they are tuned to be able to reg on the various popular forum software apps (vbulletin,? etc)

 

What you are suggesting is sort of an advanced "challenge-response" method of authenticating users

you may have seen really twisted graphics containing text that you have to type...this is to confound bots (the idea is that OCR won't work on the twisty text, but that humans can do it)

 

 

Talkbass uses a single question with a defined answer that requires some interpretation "what color is an orange"

 

The problem with asking a number of music related questions is either :

 

- IF they are open-ended (what is your fav) a human [admin] will have to check the responses as the answers can be too widely varied or a machine to check effectively.

Essentially a manual reg process (a few systems do use manual means, but HC is pretty decently large scale)

 

-If they are definite, some valid potential users may not know the answer

Link to comment
Share on other sites

  • Members

If people have to answer 20 questions to join a forum, their intentions are sincere basically.

 

 

My concern with the process isn't the sincerity of the applicant, but the problems (either machine or manual) of admining the authentication based on a 20 open-ended question challenge-response system -- guess we gotta pay somewhere

 

One mechanism is that first posts are put into a queue and have to be okayed.

 

That seems relatively tractible - I mean it's going to slow down and ad some manual overhead to the reg process - but expediency is often where security takes the dive

 

 

I doubt a 'bot could be easily brewed to have decent enough boilerplate for its various targets and then you may be able to search for boilerplate in the text body

 

I suppose my one concern (and it may not be warranted - not really my area of expertise...then again nothing is :) and I don't have a sense for the traffic numbers here ) is if enough 'bots could clog the registration queue making what amts to a DoS attack

Link to comment
Share on other sites

  • Members

I suppose my one concern (and it may not be warranted - not really my area of expertise...then again nothing is
:)
and I don't have a sense for the traffic numbers here ) is if enough 'bots could clog the registration queue making what amts to a DoS attack

 

That's entirely possible. We would likely need to hire someone to deal with this sort of thing...

Link to comment
Share on other sites

  • Members

 

VBulletin can't do this, but the next gen bulletin board software we're looking at can. One mechanism is that first posts are put into a queue and have to be okayed.

 

 

 

Just using a captcha on sign-up would probably do it. But, what are we going to do for entertainment in these lonely nights of no active threads?

Link to comment
Share on other sites

  • Members

I guess we come from different languages / subcultures (granted, I may be a bit olde schoole -- I remember to stripe my cardstack and I think I have some ForTran coding sheet around somewhere :) )

 

a "hacker" in my parlance is a system user who tends to be intimately familiar with technical details (though generally not involved in that system's design) of the system to (sometimes inelegantly, but with high functionally and decent robustness that you don't get from a kluge) alter, enhance, or expand the scope of a system's performance.

Link to comment
Share on other sites

  • Members

 

That's entirely possible. We would likely need to hire someone to deal with this sort of thing...

 

 

I've seen a few spam threads around here, but are they really getting that bad? The captcha system seems to work fairly well to stop bots. Couple it with an encrypted link the registrar must click prior to submitting a post and I'll bet you catch the majority of bots and spammers.

Link to comment
Share on other sites

  • Members

hmmm

 

questions (figure if you guys are looking at upgrading security, this info might already be mined)

 

how many catches do you get with the current captcha system?

 

what kind of valid user v spammer (manual or 'bot) ratio are we looking at?

 

any idea how the current crop of spammers are defeating the captcha? (human intervention at the challenge? really adaptive OCR? circumvention?)

 

[basically just trying to get an idea of how strong the current system is, where improvement is needed, etc]

Link to comment
Share on other sites

  • Members

 

any idea how the current crop of spammers are defeating the captcha? (human intervention at the challenge? really adaptive OCR? circumvention?)

 

 

In addition to increasingly intelligent automated systems, there are actually captcha sweat factories in India, likely other places as well, where large groups of people are paid meager wages to efficiently process reams of captcha.

Link to comment
Share on other sites

  • Members

I think first time posters should have to answer a short questionnaire before being allowed access to post here.


Say 20 questions, all music related that they have the option to make public or not.


Possible Questions:

Your main instrument

Your favorite player/band

Your most cherished musical moment

You favorite piece of gear

Etc...


Something like this would probably deter the occasional "spam-mer". Its a deterrence of sorts.


What d`ya think?
:cop:

 

I like the "confirm first post method" better. Too many questions might scare away new participants. I don't know if I'd want to answer a whole bunch of questions to join some new forum. Just accept my damn fake email address and let me post, damnit! However, if answering a list of 20 questions deterred the blight of parody threads that spam the forum more frequently than ads for Nokia cellphones, I'd be all for it. With that noble goal in mind, I'll start by answering them meowself.

 

Your main instrument = keyboard.

Your favorite player/band = changes regularly.*

Your most cherished musical moment = whatever happened this past week (seriously).*

You favorite piece of gear = my piano.

 

*doesn't necessarily connote profound thought as much as sieve-like memory.

Link to comment
Share on other sites

  • Members

 

In addition to increasingly intelligent automated systems, there are actually captcha sweat factories in India, likely other places as well, where large groups of people are paid meager wages to efficiently process reams of captcha.

 

 

yeah, I'm kinda wondering if it's human intervention as well defeating the system

(it seems like maybe the current system isn't working quite "good enough" as we've got this thread going)

 

strange times across the industrial divide -- weird to watch other places have, essentially, an industrial revolution in the information age

(heard a few accounts of "Warcraft Sweatshops" -- where low-wage workers "play" the large MUD style games to collect rewards...points/gold which are then offered for sale to recreational users -- don't know much abt that subculture myself)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...