Skip navigation
Sidebar -

Advanced search options →

Welcome

Welcome to CEMB forum.
Please login or register. Did you miss your activation email?

Donations

Help keep the Forum going!
Click on Kitty to donate:

Kitty is lost

Recent Posts


AMRIKAAA Land of Free .....
Yesterday at 01:25 PM

News From Syria
December 10, 2024, 09:35 AM

New Britain
December 08, 2024, 10:30 AM

Lights on the way
by akay
December 07, 2024, 09:26 AM

اضواء على الطريق ....... ...
by akay
December 06, 2024, 01:27 PM

Ashes to beads: South Kor...
December 03, 2024, 09:44 PM

Qur'anic studies today
by zeca
November 30, 2024, 08:53 AM

Gaza assault
by zeca
November 27, 2024, 07:13 PM

What music are you listen...
by zeca
November 24, 2024, 06:05 PM

Do humans have needed kno...
November 22, 2024, 06:45 AM

Marcion and the introduct...
by zeca
November 19, 2024, 11:36 PM

Dutch elections
by zeca
November 15, 2024, 10:11 PM

Theme Changer

 Topic: Spambot attacks (read it: this means you)

 (Read 12441 times)
  • Previous page 1 2« Previous thread | Next thread »
  • Re: Spambot attacks (read it: this means you)
     Reply #30 - February 19, 2011, 11:51 AM

    Depends on which captacha software you use, some are very easy to crack. Also bots CAN crack any captaha a human can, they use a new spamming method, where they get a human to enter the captha via some kind of spam link or fake offers of free stuff.

    I know this, since I have a mate who works in the spamming business, he makes software to get around these securities. His had his computer equipment confiscated by the police once lol.   
  • Re: Spambot attacks (read it: this means you)
     Reply #31 - February 19, 2011, 02:17 PM

    Cheesy And what makes you think catpcha is any use against bots these days? It isn't. In the war against spambots captcha is obsolete. Just about any bot can read any captcha a human can manage to read, and for the bots it isn't annoying. I have deliberately left the captcha turned down to a low level on this site and have even thought seriously about removing it entirely.

    not really
    ocr has still a limited success rate against modern forms of captcha

    as an alternative, add a huge delay before authentication (like 20 seconds?) when logging in
    that will slow down the number of attempts per hour and make any dictionary attack unfeasible

    Do not look directly at the operational end of the device.
  • Re: Spambot attacks (read it: this means you)
     Reply #32 - February 19, 2011, 02:20 PM

    But in case you add a delay, add a huge warning about it, or users will think their connection hanged.
    Like "please wait x seconds while you are being authenticated..."

    Do not look directly at the operational end of the device.
  • Re: Spambot attacks (read it: this means you)
     Reply #33 - February 19, 2011, 02:30 PM

    Another good thing would be to log in the users using a "secret" that is known only to them (like, their email address, if it's kept secret), instead of something that can be farmed by bots (like usernames).

    In simple words: require people to login using their email+password instead of user+password.
    And enforce email hiding on all accounts.

    Do not look directly at the operational end of the device.
  • Re: Spambot attacks (read it: this means you)
     Reply #34 - February 19, 2011, 02:31 PM

    If you need other ideas I have some complex genius ones that require recoding the session system from scratch ^_^

    Do not look directly at the operational end of the device.
  • Re: Spambot attacks (read it: this means you)
     Reply #35 - February 20, 2011, 12:08 AM

    Just threw in a patch which seems to have nobbled them.  Afro

    ETA: Also disabled captcha, just to see what happens. My bet is it wont make a damned bit of difference.

     grin12

    Devious, treacherous, murderous, neanderthal, sub-human of the West. bunny
  • Previous page 1 2« Previous thread | Next thread »