spam links... never ending story?
Moderator: Lucifer
- sol
- On Lightcycle Grid
- Posts: 41
- Joined: Fri Jun 09, 2006 10:43 pm
- Location: United Banks of Switzerland
- Contact:
spam links... never ending story?
Again spammers. Some examples with plenty links in case you're bored and need some change:
http://wiki.armagetronad.net/index.php?title=IFC
http://wiki.armagetronad.net/index.php? ... nistration
http://wiki.armagetronad.net/index.php? ... L_Calendar
...all happened in the last few days. Realized this while browsing http://wiki.armagetronad.net/index.php? ... entchanges
Lucifer, I guess you might need to upgrade to latest version 2008-03-20: 1.12.0
http://wiki.armagetronad.net/index.php?title=IFC
http://wiki.armagetronad.net/index.php? ... nistration
http://wiki.armagetronad.net/index.php? ... L_Calendar
...all happened in the last few days. Realized this while browsing http://wiki.armagetronad.net/index.php? ... entchanges
Lucifer, I guess you might need to upgrade to latest version 2008-03-20: 1.12.0
Last edited by sol on Mon Apr 14, 2008 11:13 am, edited 1 time in total.
- sol
- On Lightcycle Grid
- Posts: 41
- Joined: Fri Jun 09, 2006 10:43 pm
- Location: United Banks of Switzerland
- Contact:
is there nothing we can do about it? updating? new captcha?
have a look here. Again new links - same user. how about deleting those accounts? Same accouns are used to insert spam links again and again...
have a look here. Again new links - same user. how about deleting those accounts? Same accouns are used to insert spam links again and again...
- wrtlprnft
- Reverse Outside Corner Grinder
- Posts: 1679
- Joined: Wed Jan 04, 2006 4:42 am
- Location: 0x08048000
- Contact:
Why don't we just require some special, armagetronad-specific CAPTCHA for user registration? Something like “Enter the server browser in armagetronad and navigate (don't enter) toTigers Network Speed Blast. Look at the details at the bottom of the screen and enter the URL associated with this server into the following field:” (and accept if the answer contains the string “tigersnetwork.sytes.net”).
It doesn't need to be dynamic, just some static question. If some spammer really goes through the trouble of installing arma or finding some online server browser we can still change the question (“The password is found in the MOTD of Fortress Café”).
It doesn't need to be dynamic, just some static question. If some spammer really goes through the trouble of installing arma or finding some online server browser we can still change the question (“The password is found in the MOTD of Fortress Café”).
There's no place like ::1
- Lucifer
- Project Developer
- Posts: 8640
- Joined: Sun Aug 15, 2004 3:32 pm
- Location: Republic of Texas
- Contact:
Before we get too crazy writing our own code (and soliciting a NotInventedHere comment from at least one of us), why don't we try the reCAPTCHA project?
http://recaptcha.net/
That's the one where everytime a person fills in the captcha, they're helping to digitize books.
Edit:
They have a mediawiki plugin now.
http://recaptcha.net/plugins/mediawiki/
http://recaptcha.net/
That's the one where everytime a person fills in the captcha, they're helping to digitize books.
Edit:
They have a mediawiki plugin now.
http://recaptcha.net/plugins/mediawiki/
- wrtlprnft
- Reverse Outside Corner Grinder
- Posts: 1679
- Joined: Wed Jan 04, 2006 4:42 am
- Location: 0x08048000
- Contact:
Don't you get the point? Any popular captcha system is likely to be cracked by some spammer, because it's worth it for them.
If we build our own system, however primitive it may be (just a matter of adding another static input field to the login form and a simple check in the code that handles the request), it won't be worth for a spammer to crack. We're small enough for that. Obvioisly Wikipedia couldn't get away with this kind of CAPTCHA.
This will also stop spammers who use a half-automated process involving cheap workers in some third-world country, because someone who doesn't play arma won't have any idea what to do. And in the time they downloaded arma and found out the password they could have spammed dozens of other wikis, so guess what they'll do.
If we build our own system, however primitive it may be (just a matter of adding another static input field to the login form and a simple check in the code that handles the request), it won't be worth for a spammer to crack. We're small enough for that. Obvioisly Wikipedia couldn't get away with this kind of CAPTCHA.
This will also stop spammers who use a half-automated process involving cheap workers in some third-world country, because someone who doesn't play arma won't have any idea what to do. And in the time they downloaded arma and found out the password they could have spammed dozens of other wikis, so guess what they'll do.
There's no place like ::1
- Tank Program
- Forum & Project Admin, PhD
- Posts: 6711
- Joined: Thu Dec 18, 2003 7:03 pm
- sol
- On Lightcycle Grid
- Posts: 41
- Joined: Fri Jun 09, 2006 10:43 pm
- Location: United Banks of Switzerland
- Contact:
Thanks Tank!
I think we won't loose contributions just because of this new method. Those who know the wiki know these forums too. Experienced users should know what to do. Anyway, I don't think that newbies are interested to contribute on the wiki but rather just read and browse through.
Now there are still those existing spam accounts which aren't only used once but several times (e.g. PasroLrolc - as you can see here). Who's able to delete them? At least those who show up in recent changes for the last 30 days. Conspicuously often those spam accounts have a name consisting of 10 characters.
I think we won't loose contributions just because of this new method. Those who know the wiki know these forums too. Experienced users should know what to do. Anyway, I don't think that newbies are interested to contribute on the wiki but rather just read and browse through.
Now there are still those existing spam accounts which aren't only used once but several times (e.g. PasroLrolc - as you can see here). Who's able to delete them? At least those who show up in recent changes for the last 30 days. Conspicuously often those spam accounts have a name consisting of 10 characters.