I'm sure this has been talked about a ton, either here or behind closed doors, but...
What's the deal? I know when you register, there's a CAPTCHA. Let's say you delete/ban the spam username. How are the rest getting through? If they're implementing workaround scripts for the CAPTCHA, man, whoever's sending out the bots is trying really, really hard.
Regarding CAPTCHA, it's not as straightforward as it seems. For example, there are programs that help you download stuff from file sharing websites, and they come with built-in captcha circumvention. They work pretty well, to say the least.
On a side note, captchas are not just a bot prevention, but they are a tool to OCR books. Read more about it on Google's reCAPTCHA website. And I'd like to mention the name Louis van Ahn, the father of crowdsourcing and the guy who came up with this brilliant idea in the first place (and many others, like the ESP game). Whenever you see one of these reCAPTCHAs, what happens behind the scenes is that one of the words is known (i.e., the traditional captcha check), but the other is "unknown" and one of the OCR fails from Google Books, and you are helping them to get the OCR right. Of course you don't know which one is the captcha check and which one is the OCR task, but the important thing to consider for bots/captcha script writers is this: the captcha check is probably a word that was successfully OCR'ed by the system before; the word that created troubles for Google's OCR is the word you don't need to get right. Therefore, a captcha image recognizer might only have 50% success rate on the captcha from our point of view, but for the purpose of passing the test it's significantly higher (and given enough iterations, you can get close to 100% I guess).
TL;DR: Captchas are not great as a bot prevention (anymore).
So, what helps?
What we did on several other forums I'm a member of is to add a question specific to users signing up on that site. For example, on a soccer forum we ask a question that every soccer fan should know, but bots don't (i.e., Google and see if the result is on the first page). Of course it shouldn't be too complicated, you don't want to keep potential members out. It's also not completely fail-safe, but we've made good experiences. To be honest, the simple question "what's the greatest club in the world" on a fan site of that club kept all bots out, whereas traditional captchas didn't... and fans can sign up without a problem. Plus, the question "what's the best ARPG in the world currently" might keep all the PoE trolls out of DFans as well ;-)
But the problem DFans is dealing with, in my opinion, is of another dimension: DFans is so huge and a successful advertisement from a bot here is so valuable that bots (or their owners) will solve the captcha (or answer any question) personally and then just let the bot pots its 10 spam topics. You have literally zero protection against this, unless you enforce rules like "no URLs before your 10th post", but as we've seen, this is even more annoying for new users.
In my personal opinion, what would help is if the first post of every member would have to be reviewed and unlocked by a mod. However, this would require 1) at least one mod online all the time, thus 24/7 mod coverage (and 80% of the mods on DFans are inactive), and 2) changes to the forum software.
Yeah, it's annoying as hell, and as you can see it's not the first time I have thought about this issue...
On a site I moderate at we are increasingly getting spam posts that look like they are from people from 3rd world countries that are paid peanuts to advertise in threads with posts that look like a human could have written them, and they even respond to accusations of them being spambots, they then have adverts for pipeline companies/steroids/video streams etc. in their signatures.
This spam can be done manually. They don't need bots for that. there is no way to prevent it. Maybe minimize it, but yeah...Bagstone pretty much already summed it up.
A heads up on this - we will be updating Dfans at some point in the somewhat near futuer to the system curse uses on other sites. With this update will come our self made spam detection sytem - should help big time then
A heads up on this - we will be updating Dfans at some point in the somewhat near futuer to the system curse uses on other sites. With this update will come our self made spam detection sytem - should help big time then
My plans have been foiled!
Just kidding!
Rollback Post to RevisionRollBack
Bashiok - Blizzard Representative - 08/01/2011 -"So how many skill combinations are there now? Well taking into account 6 active skills, all the rune combinations, and 3 passives we currently expect each class to have roughly 2,285,814,795,264 different build combinations."
"Hey, I thought you'd like the witty irony of grub-on-glowie violence!"
A heads up on this - we will be updating Dfans at some point in the somewhat near futuer to the system curse uses on other sites. With this update will come our self made spam detection sytem - should help big time then
A heads up on this - we will be updating Dfans at some point in the somewhat near futuer to the system curse uses on other sites. With this update will come our self made spam detection sytem - should help big time then
A heads up on this - we will be updating Dfans at some point in the somewhat near futuer to the system curse uses on other sites. With this update will come our self made spam detection sytem - should help big time then
What's the deal? I know when you register, there's a CAPTCHA. Let's say you delete/ban the spam username. How are the rest getting through? If they're implementing workaround scripts for the CAPTCHA, man, whoever's sending out the bots is trying really, really hard.
Armory | YouTube | Twitter | Clan Site
On a side note, captchas are not just a bot prevention, but they are a tool to OCR books. Read more about it on Google's reCAPTCHA website. And I'd like to mention the name Louis van Ahn, the father of crowdsourcing and the guy who came up with this brilliant idea in the first place (and many others, like the ESP game). Whenever you see one of these reCAPTCHAs, what happens behind the scenes is that one of the words is known (i.e., the traditional captcha check), but the other is "unknown" and one of the OCR fails from Google Books, and you are helping them to get the OCR right. Of course you don't know which one is the captcha check and which one is the OCR task, but the important thing to consider for bots/captcha script writers is this: the captcha check is probably a word that was successfully OCR'ed by the system before; the word that created troubles for Google's OCR is the word you don't need to get right. Therefore, a captcha image recognizer might only have 50% success rate on the captcha from our point of view, but for the purpose of passing the test it's significantly higher (and given enough iterations, you can get close to 100% I guess).
TL;DR: Captchas are not great as a bot prevention (anymore).
So, what helps?
What we did on several other forums I'm a member of is to add a question specific to users signing up on that site. For example, on a soccer forum we ask a question that every soccer fan should know, but bots don't (i.e., Google and see if the result is on the first page). Of course it shouldn't be too complicated, you don't want to keep potential members out. It's also not completely fail-safe, but we've made good experiences. To be honest, the simple question "what's the greatest club in the world" on a fan site of that club kept all bots out, whereas traditional captchas didn't... and fans can sign up without a problem. Plus, the question "what's the best ARPG in the world currently" might keep all the PoE trolls out of DFans as well ;-)
But the problem DFans is dealing with, in my opinion, is of another dimension: DFans is so huge and a successful advertisement from a bot here is so valuable that bots (or their owners) will solve the captcha (or answer any question) personally and then just let the bot pots its 10 spam topics. You have literally zero protection against this, unless you enforce rules like "no URLs before your 10th post", but as we've seen, this is even more annoying for new users.
In my personal opinion, what would help is if the first post of every member would have to be reviewed and unlocked by a mod. However, this would require 1) at least one mod online all the time, thus 24/7 mod coverage (and 80% of the mods on DFans are inactive), and 2) changes to the forum software.
Yeah, it's annoying as hell, and as you can see it's not the first time I have thought about this issue...
Just kidding!
Bashiok - Blizzard Representative - 08/01/2011 -"So how many skill combinations are there now? Well taking into account 6 active skills, all the rune combinations, and 3 passives we currently expect each class to have roughly 2,285,814,795,264 different build combinations."
"Hey, I thought you'd like the witty irony of grub-on-glowie violence!"
Armory | YouTube | Twitter | Clan Site
Awesome!
Will this also be fixed then: http://www.diablofans.com/streams ?
The new system has a section just for streams (better than that system ever was) - We can def have it enabled if there is demand