How about first sending a message to an administrator to register? It takes time, but at least spambot activity will be reduced, and the only way they could spam is they spam using their own accounts.

ScratchJahd2011 wrote:

How about first sending a message to an administrator to register? It takes time, but at least spambot activity will be reduced, and the only way they could spam is they spam using their own accounts.

As you said, this will take a lot of time, and how could an admin see who wants to scratch and who wants to spam?

Lirex wrote:

ScratchJahd2011 wrote:

How about first sending a message to an administrator to register? It takes time, but at least spambot activity will be reduced, and the only way they could spam is they spam using their own accounts.

As you said, this will take a lot of time, and how could an admin see who wants to scratch and who wants to spam?

By reading the message, they will see the insignificance of the spambot's message and end the account, and the admin will read the passionate Scratcher's message. (typing scratcher makes me think about backscratchers)

ScratchJahd2011 wrote:

How about first sending a message to an administrator to register? It takes time, but at least spambot activity will be reduced, and the only way they could spam is they spam using their own accounts.

You'd need to hire 50 people to take care of all those account requests. It couldn't work.

scimonster wrote:

ScratchJahd2011 wrote:

How about first sending a message to an administrator to register? It takes time, but at least spambot activity will be reduced, and the only way they could spam is they spam using their own accounts.

You'd need to hire 50 people to take care of all those account requests. It couldn't work.

Agreed, indicating the quick growth of Scratch.

It seems to be really hard to stop human spammers…

Lirex wrote:

It seems to be really hard to stop human spammers…

True. The only current good security is the New Scratcher rank. While being a New Scratcher is a pain, it's really defensive against spam.

Rumanti wrote:

Lirex wrote:

NoxSpooth wrote:

GreenDog3 wrote:

I have an idea. Bots are computers, right? How about – no wait. people might not have webcams. Nvm. But the idea was: How about if they don't see a person in a webcam, the account will be rejected?

EDIT: but laptops are increasingly popular, and they ALWAYS come with webcams, right?

No way. Not everyone uses laptops and/or has webcams.

+Some people may not want that a website can use their webcam… Also this won't solve the issue about real people spamming.

Yes, I agree. It's against my privacy. Someone could hack Scratch and see my face! Lol.

Good idea, but too many complications. Also, human spammers will not be rejected. This defeats the purpose.

Ahem…

I wrote:

Why not have the forums parser “destroy” outside links posted by New Scratchers? Let me rephrase that: when a New Scratcher goes to post a link to a website outside of Scratch, the link will be ignored once it is parsed, so in the data that is sent to the database the link will not exist in the post.

Either that or if external links are found in a post, a red alert will appear and say “You cannot post links outside of scratch.mit.edu!” and the post will be rejected.

How about that?

I know that this will stop actual New Scratchers from posting legit links but we could add websites that are okay to link to, such as Wikipedia and Google. I'm striving to defeat the purpose of a spambot: spam tons of links. If the links don't show up the spambots failed. It won't stop them, but it will make their posts completely harmless (that is, if they don't adapt to trick the parser).

ProdigyZeta7 wrote:

Ahem…

I wrote:

Why not have the forums parser “destroy” outside links posted by New Scratchers? Let me rephrase that: when a New Scratcher goes to post a link to a website outside of Scratch, the link will be ignored once it is parsed, so in the data that is sent to the database the link will not exist in the post.

Either that or if external links are found in a post, a red alert will appear and say “You cannot post links outside of scratch.mit.edu!” and the post will be rejected.

How about that?

I know that this will stop actual New Scratchers from posting legit links but we could add websites that are okay to link to, such as Wikipedia and Google. I'm striving to defeat the purpose of a spambot: spam tons of links. If the links don't show up the spambots failed. It won't stop them, but it will make their posts completely harmless (that is, if they don't adapt to trick the parser).

Yes. Have all my “Yes”-es.

ProdigyZeta7 wrote:

Ahem…

I wrote:

Why not have the forums parser “destroy” outside links posted by New Scratchers? Let me rephrase that: when a New Scratcher goes to post a link to a website outside of Scratch, the link will be ignored once it is parsed, so in the data that is sent to the database the link will not exist in the post.

Either that or if external links are found in a post, a red alert will appear and say “You cannot post links outside of scratch.mit.edu!” and the post will be rejected.

How about that?

I know that this will stop actual New Scratchers from posting legit links but we could add websites that are okay to link to, such as Wikipedia and Google. I'm striving to defeat the purpose of a spambot: spam tons of links. If the links don't show up the spambots failed. It won't stop them, but it will make their posts completely harmless (that is, if they don't adapt to trick the parser).

This ^^ is what we need. Spambot can't post if there is an external link to a website not on a white list.

turkey3_test wrote:

ProdigyZeta7 wrote:

Ahem…

I wrote:

Why not have the forums parser “destroy” outside links posted by New Scratchers? Let me rephrase that: when a New Scratcher goes to post a link to a website outside of Scratch, the link will be ignored once it is parsed, so in the data that is sent to the database the link will not exist in the post.

Either that or if external links are found in a post, a red alert will appear and say “You cannot post links outside of scratch.mit.edu!” and the post will be rejected.

How about that?

I know that this will stop actual New Scratchers from posting legit links but we could add websites that are okay to link to, such as Wikipedia and Google. I'm striving to defeat the purpose of a spambot: spam tons of links. If the links don't show up the spambots failed. It won't stop them, but it will make their posts completely harmless (that is, if they don't adapt to trick the parser).

This ^^ is what we need. Spambot can't post if there is an external link to a website not on a white list.

I think this is a great idea, spambot or just plain spammers.

The whitelist could be:

• All .edu domains
  
• Wikipedia
  
• Approved member created websites
  
• Scratch Resources
  
• et cetera
  

ProdigyZeta7 wrote:

Ahem…

I wrote:

Why not have the forums parser “destroy” outside links posted by New Scratchers? Let me rephrase that: when a New Scratcher goes to post a link to a website outside of Scratch, the link will be ignored once it is parsed, so in the data that is sent to the database the link will not exist in the post.

Either that or if external links are found in a post, a red alert will appear and say “You cannot post links outside of scratch.mit.edu!” and the post will be rejected.

How about that?

I know that this will stop actual New Scratchers from posting legit links but we could add websites that are okay to link to, such as Wikipedia and Google. I'm striving to defeat the purpose of a spambot: spam tons of links. If the links don't show up the spambots failed. It won't stop them, but it will make their posts completely harmless (that is, if they don't adapt to trick the parser).

This is a great idea! Also, instead of adding a new post continuing your recent one, click the blue Edit button to add to your post.

ScratchJahd2011 wrote:

ProdigyZeta7 wrote:

Ahem…

I wrote:

Why not have the forums parser “destroy” outside links posted by New Scratchers? Let me rephrase that: when a New Scratcher goes to post a link to a website outside of Scratch, the link will be ignored once it is parsed, so in the data that is sent to the database the link will not exist in the post.

Either that or if external links are found in a post, a red alert will appear and say “You cannot post links outside of scratch.mit.edu!” and the post will be rejected.

How about that?

I know that this will stop actual New Scratchers from posting legit links but we could add websites that are okay to link to, such as Wikipedia and Google. I'm striving to defeat the purpose of a spambot: spam tons of links. If the links don't show up the spambots failed. It won't stop them, but it will make their posts completely harmless (that is, if they don't adapt to trick the parser).

This is a great idea! Also, instead of adding a new post continuing your recent one, click the blue Edit button to add to your post.

I think he made a new post because the old one is already “covered.” I don't know if it's a spam or not, though, but I'm sure not.

Colours (colors) shouldn't be used for people with colour (color) blindness

GadgetAndyMan wrote:

Colours (colors) shouldn't be used for people with colour (color) blindness

Yup

Maybe we could give this CAPTCHA a shot?
So the idea is you have markup something like this:
and a style like this:
and then simply block anybody who tries to enter anything in the field with the name=“username”. This works because spambots just read the flat html and don't evaluate the style. It would be trivial to write your own bot to get around this, but only script kiddies or people who suck at SEO use bots and they don't know how to write their own. {{citation needed}}

—–
Now here's the above part, just rewritten so it's easier to understand :P
So you make the signup form look like this:
, and then you take the box that says “Leave blank” and hide it way off screen. However, spambots are stupid and they will still enter their username into the “Leave blank” field! This is because spambots are “blind” - they can only tell the fields apart by their name. Then it's easy to see of someone's a spammer - just check to see of anything's in the “leave blank” field.
—–

Obviously this method won't block human spammers. There's nothing better than a good old fashioned report button, however. Press it whenever you're even only suspicious of spam activity.

+1 to the honeypot idea! Thank you scratchisthebest.

I read the post about the honeypot captcha, and read the post that the writer of the honeypot post made, and there is a type of spambot that watches as users fill in data, then fills in those fields with spam. The honeypot couldn't trick those, but it would definitely capture the other spambots.

Nothing can stop humans, I'm afraid.

So a spambot puts viruses on your computer?! People these days…