It is currently Tue May 21, 2019 8:59 pm

All times are UTC - 7 hours





Post new topic Reply to topic  [ 23 posts ]  Go to page Previous  1, 2
Author Message
PostPosted: Fri Jan 11, 2019 11:44 am 
Offline
User avatar

Joined: Fri Nov 12, 2004 2:49 pm
Posts: 7711
Location: Chexbres, VD, Switzerland
gauauu wrote:
Out of curiosity, can we also incorporate other things like google's "i am not a robot" captchas?

For God's sake, NO, NO, NO !! I absolutely LOHATE those things and refuses to take part of this game whenever I can (sometimes I don't have the coice but it's rare). I don't want to be forced to spend 5 minutes working for Google's custommers sorting their datas without being paid just because they arbitrairly tought I could be a robot. I think the law should forbid those.

For example I had to do 10 minutes of those when (recently) deleting my google and facebook accounts (*) - because obviously they don't want people to delete their accounts. Google especially. They tell you you're logging in from an unusual place, or whathever. Fuck them, this is none of their buisness.

(*) Actually it wasn't a captcha but another time-confusing idioty of the same style.


Top
 Profile  
 
PostPosted: Fri Jan 11, 2019 1:48 pm 
Offline
User avatar

Joined: Sat Jan 09, 2016 9:21 pm
Posts: 607
Location: Central Illinois, USA
pubby wrote:
create a captcha system that hides an answer in a NES rom

(spammers won't have NES emulators installed)


Hahah, I love this idea.

_________________
My games: http://www.bitethechili.com


Top
 Profile  
 
PostPosted: Fri Jan 11, 2019 4:36 pm 
Offline
User avatar

Joined: Tue Jun 24, 2008 8:38 pm
Posts: 2293
Location: Fukuoka, Japan
I'm "so good" at those captcha things that the site thinks I'm a robot and needs to often do it 3~4 times. Hours of fun ^^;;; Often you look at the question and you are like "but this part could be what they asked" and just add it and it just fail since it would be how an automated way would find it (like that small street sign that is very, very far away but nobody would select it but if you check properly, it's there!). So I have to think more like "what would people usually select?". I hate site that uses it and waste so much time because of that.


Top
 Profile  
 
PostPosted: Sat Jan 12, 2019 12:48 am 
Offline
Site Admin
User avatar

Joined: Mon Sep 20, 2004 6:04 am
Posts: 3678
Location: Indianapolis
Thankfully, there are further lines of defense once they get past the Q/A. It's not perfect, but is holding up pretty well. There aren't any stats on how many fail the Q/A, but I have been able to see what happens when the spammers pass the Q/A but fail the subsequent check. It can get pretty insane, I've seen it range between one account every couple weeks when the questions are fresh, and more like 100 per day when they must have broken the Q/A, I had to stop tracking it because tepples and I were getting blasted with user activation request emails.

It looks like there is a (disabled) interface to Akismet, anyone have any experience with that service, if it's any good? I guess it monitors posts (until user reaches a certain number of posts), but it costs money. For all I know it could just lead to more work by false positives. I might just give a 1-month test run at some point, at an unannounced time.

Summary of the current spam status is that it's annoying to see any get through, but we're kinda lucky so far. It's no exaggeration to say it could potentially be 1000 times worse than it is.

But yeah with captcha and stuff I hate those, it's annoying and a major barrier for people who have color blindness or worse impairments. I miss the old days of having anonymous posting allowed. Gotta agree that idea of having an NES ROM as a registration test is pretty funny and interesting. But it sorta has the same problem as the Q/A test, we'd either have to generate/validate the ROM per session, or they'll just get the right answer once and bypass it forever.


Top
 Profile  
 
PostPosted: Sat Jan 12, 2019 3:10 am 
Offline

Joined: Tue Oct 06, 2015 10:16 am
Posts: 938
Pre-generate 1k roms, select one at random. Re-generate monthly.


Top
 Profile  
 
PostPosted: Sat Jan 12, 2019 3:42 pm 
Offline

Joined: Fri Feb 24, 2012 12:09 pm
Posts: 899
pubby wrote:
create a captcha system that hides an answer in a NES rom

Hah, I had the same idea today.

As tepples said, it could be frustating if somebody can't solve it (for example, dsibrew and 3dbrew want (or wanted) people to enter a linux commandline, which is not so funny if you don't use linux). But in this case, I guess almost anybody remotely interested in NES-development (or just in NES-gaming) would know how to use a rom-image in an emulator (or on real hardware). Unless there are people frequently asking "how to download my first emulator plz help"?

One extra idea would be modifying the rom-image on the fly (if that is possible without too much effort), like storing the user name or email address in the rom-image, and then using the NES code to compute a checksum on that string to produce a 4-digit "PIN" number that works only for that specific user.
That would avoid people re-using a known captcha answer, but won't help if they are hiring somebody with a NES emulator to create some dozen/hundred accounts for them (or rather unlikely: disassemble the NES code).

And, of course, the NES rom could additionally do something like this (repeat dozens of times with different challenges):

The Internet wants You to do this: Click on Street Signs!!!
* Signature
* Street Art
* Shop Front
* Street Signs
* Google!


Or some more complex and subversive variation, like a game that allows to vandalize/decorate all shop fronts with graffiti (perhaps writing your user name), or steal street signs and sell them at a flea market (or to google)... which might ultimately end up with a school bus steering off a cliff in lack of proper warnings about dangerous road stretches, so you might better avoid doing that in real life.


Top
 Profile  
 
PostPosted: Tue Jan 15, 2019 1:19 am 
Offline
User avatar

Joined: Thu Sep 15, 2016 6:29 am
Posts: 896
Location: Denmark (PAL)
Bregalad wrote:
For example I had to do 10 minutes of those when (recently) deleting my google and facebook accounts (*) - because obviously they don't want people to delete their accounts. Google especially. They tell you you're logging in from an unusual place, or whathever. Fuck them, this is none of their buisness.

To be fair, actually deleting your account is an irreversible process, and it makes sense to increase security tenfold on that action. If someone hacked access to your account, deleting it is second probably only to getting access to money stuff.


Top
 Profile  
 
PostPosted: Sun Feb 24, 2019 10:33 am 
Offline
User avatar

Joined: Fri Nov 19, 2004 7:35 pm
Posts: 4172
Just got some PM spam...

_________________
Here come the fortune cookies! Here come the fortune cookies! They're wearing paper hats!


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 23 posts ]  Go to page Previous  1, 2

All times are UTC - 7 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group