SPONSORS:






User Tag List

Thanks Thanks:  0
Likes Likes:  0
Dislikes Dislikes:  0
Page 1 of 2 12 LastLast
Results 1 to 10 of 11
  1. #1
    Member
    Join Date
    Apr 2007
    Posts
    31
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    spam protection etc

    How does the Spam Protection work? I heard of using images with words? Is that safe enough? By the way, this site allowed me to register without asking for an image-based word, so how does it prevent automated programs flooding spam registrations etc? Also, if I build a web application, is there a tool I can use to identify the general weak areas in my application?

  2. #2
    Moderator Joe Strazzere's Avatar
    Join Date
    May 2000
    Location
    USA
    Posts
    13,170
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    1 Thread(s)
    Total Downloaded
    0

    Re: spam protection etc

    [ QUOTE ]
    Is that safe enough?

    [/ QUOTE ]

    As with anything, "enough" depends on your requirements.

    For some sites, that would be safe enough.
    For other sites, it would be nowhere near enough.
    Joe Strazzere
    Visit my website: AllThingsQuality.com to learn more about quality, testing, and QA!

  3. #3
    Member
    Join Date
    Apr 2007
    Posts
    31
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: spam protection etc

    Yes, sure. How does this site use that prevention mechanism? Is not having even an image-based option safe-enough? Sorry but this question is only going to add value to the knowledge of me and others, and perhaps this site developers as well.

  4. #4
    Senior Member
    Join Date
    Feb 2003
    Location
    FL, USA
    Posts
    3,646
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    1 Thread(s)
    Total Downloaded
    0

    Re: spam protection etc

    "Image-based" option as far as I have seen only secures or prevents automation on registration - once registered it is easy enough on most sites to automate and if it is your desire create spam. This site handles spam the old-fashioned way - diligent moderators.
    Lynne

    I have not failed. I've just found 10,000 ways that won't work" --Thomas Edison

  5. #5
    Moderator Joe Strazzere's Avatar
    Join Date
    May 2000
    Location
    USA
    Posts
    13,170
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    1 Thread(s)
    Total Downloaded
    0

    Re: spam protection etc

    [ QUOTE ]
    Is not having even an image-based option safe-enough?

    [/ QUOTE ]

    Clearly, you'd have to ask the site owner.

    AJ - do you think your current spam protection is safe enough?
    Joe Strazzere
    Visit my website: AllThingsQuality.com to learn more about quality, testing, and QA!

  6. #6
    Junior Member
    Join Date
    May 2007
    Posts
    6
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: spam protection etc

    Real Galuboy [img]/images/graemlins/smile.gif[/img]

  7. #7
    Senior Member
    Join Date
    May 2007
    Posts
    379
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: spam protection etc

    Image based protection is present in orkut as well if your scrap contains a link. I think it is good to have feature, otherwise any automated program can write scraps in thousands of profiles. Here I think old fashioned way seems to be working fine. So if some thing is not broken why fix it?

  8. #8
    Member
    Join Date
    Oct 2002
    Location
    Spokane, WA
    Posts
    75
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: spam protection etc

    Image-based protection doesn't protect you from all scripts. I manage a phpbb-based forum with a registration image and a verification link sent via email. It was getting flooded with automated spam.

    We cut the amount by about 90% by making our registration form different from others. The scripts assume every phpbb forum uses the same parameter names. Change the names and the script fails on our site. Most spammers won't put in the time to adjust their script for each individual site - that takes up too much of their time.

    So basically... predictability is the biggest weakness. If your registration system is a copy of hundreds of others out there or your site is sufficiently large you'll get spammed. The best thing is to not have your site be the same, or make it dynamic in some way that makes it difficult to script.

  9. #9
    Member
    Join Date
    Mar 2006
    Location
    Switzerland, Spain
    Posts
    54
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: spam protection etc

    Hello,

    >>Image-based protection doesn't protect you from all scripts. I manage a phpbb-based forum with a registration image and a verification link sent via email. It was getting flooded with automated spam.

    This is quite interesting!

    I assume that the spammers are getting through the registration in some other way - or do you think that the spammer script is actually reading the letters in the image? I find this quite surprising and if yes and would wonder how that could be done?

    Regards

    Armin
    Armin Albarracin
    http://www.albarracin.ch - My publications

    ----------------------------------------------------------
    "Whether you think you can or think you can't - you are right"
    Henry Ford

  10. #10
    Member
    Join Date
    Oct 2002
    Location
    Spokane, WA
    Posts
    75
    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Total Downloaded
    0

    Re: spam protection etc

    They are in fact using a program to read the letters in the image as a part of their script. Here's some more info on the problem with phpbb:
    http://blog.phpbb.cc/articles/captcha/

    This is why some sites have really funky looking lines, tilted letters, different colors, etc in their images. It's all to make it more difficult to use image recognition to read. A good programmer will probably be able to hack any image with usable accuracy given enough time, all you can do is try to make it hard enough for them to give up and try a different site. Another method is to detect bot registration attempts (lots of failed registrations, logins, requests for verification images, etc) and lock them down.

 

 
Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Search Engine Optimisation provided by DragonByte SEO v2.0.40 (Pro) - vBulletin Mods & Addons Copyright © 2017 DragonByte Technologies Ltd.
Resources saved on this page: MySQL 8.82%
vBulletin Optimisation provided by vB Optimise v2.7.1 (Pro) - vBulletin Mods & Addons Copyright © 2017 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.3.0 (Pro) - vBulletin Mods & Addons Copyright © 2017 DragonByte Technologies Ltd.
vBNominate (Lite) - vBulletin Mods & Addons Copyright © 2017 DragonByte Technologies Ltd.
Feedback Buttons provided by Advanced Post Thanks / Like (Pro) - vBulletin Mods & Addons Copyright © 2017 DragonByte Technologies Ltd.
Username Changing provided by Username Change (Free) - vBulletin Mods & Addons Copyright © 2017 DragonByte Technologies Ltd.
BetaSoft Inc.
Digital Point modules: Sphinx-based search
All times are GMT -8. The time now is 09:26 PM.

Copyright BetaSoft Inc.