[PD-dev] [ pure-data-Bugs-1942204 ] pdpedia Captcha

IOhannes m zmoelnig zmoelnig at iem.at
Wed Apr 16 10:54:20 CEST 2008


Hans-Christoph Steiner wrote:


 > You cannot stop spam ever. Period.  Captchas are annoying and are far
 > from 97% effective.  I have captchas on my blog and I get a lot of
 > automated user registrations anyway.

interesting.
for me spamming has stopped completely after i introduced captchas on 
the sites i administrate.
do you have any ideas why captchas do not work for you?
- are the captchas readable by machines
- are human spammers deciphering the captchas
- are humans deciphering captchas for spammers (unknowingly)
- do spammers exploit a vulnerability in your blog, that allows them to 
bypass the captchas?

btw, i had a look at your blog and i don't see any captchas.

a log-in does not prevent bots, even if you require a valid 
email-address to activate an account.

spammers registered about 3000 user-accounts at pure-data.info and 
posted junk, before i installed captchas.
since then i cannot remember any spam on that site.

> 
> I think wikipedia people are very smart about this issue.  The real  
> focus should not be to prevent spamming at all costs.  If you do  
> that, you end up working more, and you lose a lot of contributions.   

obviously this is something we want to prevent.
> 
> The real focus of this effort should be how to manage the problem in  
> a way that takes the least work and provides the most benefit.  If we  

again, from my personal experience, it took me no more than 6 hours to 
install the captchas system (once i had found a reasonable one). chances 
are high that it took me about 2 hours (but this has been a while ago, i 
cannot remember it accurately). i haven't spent any minute since then on 
the system.

leaving the work for pdpedia-admins will eventually result in more time 
spent on dealing with the problem.

(ah i realize the error in my little calculation: if you add up all the 
time users have to spend deciphering captchas, the effort spent in 
reducing spam might indeed be higher when using captchas)


> have a number of admins active on pdpedia, then it is really quite  
> easy to use the 'delete' feature to get rid of spam.  For pages that  
> get spammed a lot, there is the 'protect' feature.
> 

there are 2 problems i see here:
- "if we have a number of admins active"; indeed, _if_ we have them.
it took quite a while for one of the admins to fix the content. for 
whatever reasons, this admin has been _you_
- using the "protect" feature is exactly the opposite of a wikipage as 
it forbids editing. how does this relate to "working more, and you lose 
a lot of contributions" (ah right: the difference is, that you lose 
_all_ contributions)


finally, an example from the real-world:

looking at the "recent changes" of wikipedia right now, i don't see any 
junk.
looking at the "recent changes" on pdpedia right now, the last 6 entries 
  are junk content for "Template:jmmmmp_author" (this happended _after_ 
you did the fixes)
according to the logs you have had "protected" this object. either 
protection is not very efficient or somebody has removed protection (i 
guess the latter is the case, as you seem to have deleted this object 
after you activated protection)


fgmasdr
IOhannes









More information about the Pd-dev mailing list