egghelp/eggheads community

Have there been any more spambots in the past week? The current captcha isn't the default phpbb one and is quite strong - I've had a look and can barely read most of them - it's a miracle we get any signups at all

slennox wrote:Have there been any more spambots in the past week? The current captcha isn't the default phpbb one and is quite strong - I've had a look and can barely read most of them - it's a miracle we get any signups at all

Haha ye i actualy dont understand how they get bots to read them, since i also find them hard to read

One approach i heard about i to put a link from here on a xxx page and then make real people enter numbers there for seeing pictures, so if you got some sort of stats page you might be able to see if there are some suspect pages linking to the captcha images.

It's rather a "simple" process of signal processing.. Or, atleast the theory of it is...

Step one is to remove the "noice" from the signal (backgrounds, shades, etc), so that we get a decent representation of the actual letters.

Step two would be some shaping and anti-aliasing, just to smooth things out.

Step three is to isolate each letter "object" from the image, and arrange these.

And the final step would be to match these objects to shapes of real letters using heuristic algorithms...

Of course, coding these steps might not be as trivial :p


Back on track however, just checking the last two pages of the members list reveals maybe 30-50 possible spambot candidates. However, these seem yet unable to actually create posts (suspicion based on Handle, website, IM, email, etc. available in their profile-page).
Also, these Captchas only prevent automated registration; which can easily be circumvented like Domin suggested by having manual labor entering this info upon request. They don't offer any protection once the registration is done however. An evil spammer would simply register a bunch of accounts, then use them one at a time until banned, causing a virtually seamless flood of spam.

And yes, as an old serveradmin, webmaster, etc. I am paranoid!

Old thread, I know...

Just got a bit bored and scanned through the userlist..
Seems we've got some 800+ users registered with 0 posts. Of course not all of those are spammers, but a quick look at the profile would suggest some 50% of these may very well be the result of some (semi)automated process (aka spambots). Considering the low number of posts that do slip through the net, I'd say the spam protection works fairly well.

As for new accounts, I've noticed atleast 2 accounts related to a Chinese spamhub/web registrar known as jingke, created within the last two weeks. I would say the captcha does limit the number of automated accounts, but they're still coming through.

Been a long time since I pruned the user list. Always been the case that many users register but never activate or post. Haven't been keen on running the user pruning tool recently as it's old and unsupported - I'd rather have inactive users than risk messing up the database.

There are 4 users that have jingke as their website, but none have activated, so perhaps they're just spamming for the profile link.

please don't take my nick off, i am just sick, not dead

sellwowgold2 have been bumping old threads with advertisements to several sites (I guess that's new style? )...

Yup, 'tis the new school :/
I guess slennox is buzy with IRL during the holidays, so we'll just have to hunt down the posts meanwhile.
Atleast it's not an avalanche-spammer, but I could imagine better things to do with all the snow outside.

A thought though; I've seen many forums requiring new members to introduce themselves in a public area before being allowed to post in the rest of the forum. Still means they can spam, but it keeps the crap to a limited area of the forum...