Page 1 of 2
ReCAPTCHA reevaluation
Posted: Fri Jul 22, 2011 11:48 am
by JensAyton
Signing up on the board currently requires one to solve a
ReCAPTCHA. I’ve had occasional complaints about this – a few, but not zero. A lot of bots are getting through anyway, and the first-post moderation seems to be working well to catch actual spam, so I’d like to turn it off and evaluate the spam rate over the weekend. Any objections?
Re: ReCAPTCHA reevaluation
Posted: Fri Jul 22, 2011 11:51 am
by Cody
Nope.
Re: ReCAPTCHA reevaluation
Posted: Fri Jul 22, 2011 11:59 am
by DaddyHoggy
<clicks flight feathers> <tests keenest of blade>
Bring it on...
Re: ReCAPTCHA reevaluation
Posted: Fri Jul 22, 2011 5:14 pm
by Dragonfire
Let's do it.
Re: ReCAPTCHA reevaluation
Posted: Fri Jul 22, 2011 5:38 pm
by Oathbreaker
Somebody needs to make a flash mini-game with a semi-random-behavioural Krait that you need to shoot down in order to be allowed to post.
Apparently companies are paying people in Bangladesh, India and elsewhere to solve reverse Turing tests at the rate $0.50 per 1000 solved.
Yikes.
http://en.wikipedia.org/wiki/CAPTCHA#Human_solvers
Human solvers
CAPTCHA is vulnerable to a relay attack that uses humans to solve the puzzles. One approach involves relaying the puzzles to a group of human operators who can solve CAPTCHAs. In this scheme, a computer fills out a form and when it reaches a CAPTCHA, it gives the CAPTCHA to the human operator to solve.
Spammers pay about $0.80 to $1.20 for each 1,000 solved CAPTCHAs to companies employing human solvers in Bangladesh, China, India, and many other developing nations.[19] Other sources cite a price tag of as low as $0.50 for each 1,000 solved.[20]
Another approach involves copying the CAPTCHA images and using them as CAPTCHAs for a high-traffic site owned by the attacker. With enough traffic, the attacker can get a solution to the CAPTCHA puzzle in time to relay it back to the target site.[21] In October 2007, a piece of malware appeared in the wild which enticed users to solve CAPTCHAs in order to see progressively further into a series of striptease images.[22][23] A more recent view is that this is unlikely to work due to unavailability of high-traffic sites and competition by similar sites.[24]
These methods have been used by spammers to set up thousands of accounts on free email services such as Gmail and Yahoo!.[25] Since Gmail and Yahoo! are unlikely to be blacklisted by anti-spam systems, spam sent through these compromised accounts is less likely to be blocked.
Re: ReCAPTCHA reevaluation
Posted: Fri Jul 22, 2011 5:51 pm
by CommonSenseOTB
On the other hand do we want to put starving people in a poor democracy out of work?
Re: ReCAPTCHA reevaluation
Posted: Fri Jul 22, 2011 6:15 pm
by Smivs
Eyes peeled...google and SFS on standby. Bring 'em on!
Re: ReCAPTCHA reevaluation
Posted: Fri Jul 22, 2011 6:55 pm
by JensAyton
aha… Aha… AHAHAHAHAHAHAHA!
*pulls giant knife switch*
Re: ReCAPTCHA reevaluation
Posted: Fri Jul 22, 2011 8:42 pm
by DaddyHoggy
"The Drums. The Drums. They are coming..."
Re: ReCAPTCHA reevaluation
Posted: Mon Jul 25, 2011 8:58 am
by JensAyton
Evaluation time. Thoughts?
Re: ReCAPTCHA reevaluation
Posted: Mon Jul 25, 2011 9:11 am
by Gimi
Ahruman wrote:Evaluation time. Thoughts?
Not much difference from my point of view, but there is a lot I don't see that DH and EV take care of without most of us noticing.
Re: ReCAPTCHA reevaluation
Posted: Mon Jul 25, 2011 9:59 am
by Disembodied
I was away over the weekend but it doesn't seem like they're swarming over the walls ... but if spammers really do pay a few cents to have Captchas broken, I'd support keeping something that costs them even a trivial amount of money rather than letting them do it for free. Causing a spammer some teensy pain is better than causing them no pain at all! Of course, I don't know how many complaints you've been getting about the Captchas, or how many of them are from inveterate complainers ...
Re: ReCAPTCHA reevaluation
Posted: Mon Jul 25, 2011 10:21 am
by Smivs
My impression so far is that it has not made a noticeable difference. The spammers are getting past the recaptcha, but it seems some potential new members aren't, so at the moment I'd say leave it disabled.
Re: ReCAPTCHA reevaluation
Posted: Mon Jul 25, 2011 11:19 am
by Cody
A few more spammers have slipped through, but not that many more. My daily kill count is steadily rising anyway... has been for a while now, and I very much doubt that the trend will reverse in the future (I should be so lucky).
Opinion: leave as is for the moment... if it starts to become a flood, then we can re-enable the ReCaptcha.
Re: ReCAPTCHA reevaluation
Posted: Mon Jul 25, 2011 1:00 pm
by DaddyHoggy
You have indeed been busy - I log on to find only broken bodies...
It's a beautiful sight...