darkness3560 wrote:

I just had a great idea! A honeypot CAPTCHA! You create a purposefully weak CAPTCHA, but it's hidden off-screen so humans won't fill it out! The spambots, however, notice hidden things, and will want to fill out the CAPTCHA. The CAPTCHA is not meant to be filled out (being hidden), and if it is filled out, you know it's a spambot!

AonymousProfessor wrote:

darkness3560 wrote:

I just had a great idea! A honeypot CAPTCHA! You create a purposefully weak CAPTCHA, but it's hidden off-screen so humans won't fill it out! The spambots, however, notice hidden things, and will want to fill out the CAPTCHA. The CAPTCHA is not meant to be filled out (being hidden), and if it is filled out, you know it's a spambot!

I had the same idea after looking at the honeypot idea!

Except for the fact that spambots can probably tell when something is off-screen by looking at the CSS, so…

darkness3560 wrote:

AonymousProfessor wrote:

darkness3560 wrote:

I just had a great idea! A honeypot CAPTCHA! You create a purposefully weak CAPTCHA, but it's hidden off-screen so humans won't fill it out! The spambots, however, notice hidden things, and will want to fill out the CAPTCHA. The CAPTCHA is not meant to be filled out (being hidden), and if it is filled out, you know it's a spambot!

I had the same idea after looking at the honeypot idea!

Except for the fact that spambots can probably tell when something is off-screen by looking at the CSS, so…

Then why not cover it up with a white-colored box?

Blaze349 wrote:

darkness3560 wrote:

AonymousProfessor wrote:

darkness3560 wrote:

I just had a great idea! A honeypot CAPTCHA! You create a purposefully weak CAPTCHA, but it's hidden off-screen so humans won't fill it out! The spambots, however, notice hidden things, and will want to fill out the CAPTCHA. The CAPTCHA is not meant to be filled out (being hidden), and if it is filled out, you know it's a spambot!

I had the same idea after looking at the honeypot idea!

Except for the fact that spambots can probably tell when something is off-screen by looking at the CSS, so…

Then why not cover it up with a white-colored box?

good idea

adasba wrote:

I have a few ideas for dealing with spambots. Use captchas that have everything backwards. Also, send an email to the person once they join. Tell them to reply and have them say their favorite color, movie, book, game, restaurant, food, and number. Also make them type it when they join.

• Specialized CAPTCHAs (they don't need to be hard, they just need to be unique)
  
• HTML tricks
  
• Questions specifically tailored to the website
  

jvvg wrote:

There is a trick to stop just about all spambots. The key is to use something that is unique to your site. Spambots can adapt to just about anything that is used on a lot of sites, but if it is only used on one site, then they probably won't adapt.

This usually involves one of the following:

• Specialized CAPTCHAs (they don't need to be hard, they just need to be unique)
  
• HTML tricks
  
• Questions specifically tailored to the website
  

There are a lot of other things that can go on that list, but the key is to create something unique.

ppettitt wrote:

jvvg wrote:

There is a trick to stop just about all spambots. The key is to use something that is unique to your site. Spambots can adapt to just about anything that is used on a lot of sites, but if it is only used on one site, then they probably won't adapt.

This usually involves one of the following:

• Specialized CAPTCHAs (they don't need to be hard, they just need to be unique)
  
• HTML tricks
  
• Questions specifically tailored to the website
  

There are a lot of other things that can go on that list, but the key is to create something unique.

I've got an idea! The top of the signup window would change to a random color and then it would ask “What is the color of the top of this window?” You would have to choose the color from a drop down menu. That is pretty unique. We could also do something like there is a scratch cat that changes colors and moves in a certain direction. You would then have to choose what color the scratch cat is and which direction it is moving. Those things would be easy for an 8 year-old to do, but not a spam bot. And it can be formatted in HTML5 so that flash player is not required. Of course, anyone who wants to view project online will have to get flash eventually.

davidkt wrote:

ppettitt wrote:

jvvg wrote:

There is a trick to stop just about all spambots. The key is to use something that is unique to your site. Spambots can adapt to just about anything that is used on a lot of sites, but if it is only used on one site, then they probably won't adapt.

This usually involves one of the following:

• Specialized CAPTCHAs (they don't need to be hard, they just need to be unique)
  
• HTML tricks
  
• Questions specifically tailored to the website
  

There are a lot of other things that can go on that list, but the key is to create something unique.

I've got an idea! The top of the signup window would change to a random color and then it would ask “What is the color of the top of this window?” You would have to choose the color from a drop down menu. That is pretty unique. We could also do something like there is a scratch cat that changes colors and moves in a certain direction. You would then have to choose what color the scratch cat is and which direction it is moving. Those things would be easy for an 8 year-old to do, but not a spam bot. And it can be formatted in HTML5 so that flash player is not required. Of course, anyone who wants to view project online will have to get flash eventually.

Way too easy for a spambot to detect the colour.

scratchisthebest wrote:

Spambots don't read CSS.

Sure it's possible, but 99.9% of people who run spambots don't know how to write one.

veryyoungguy wrote:

What if, since spambots usually post the same post over and over, we prevent users from posting the same thing within, say, 1 day?

jvvg wrote:

davidkt wrote:

ppettitt wrote:

jvvg wrote:

There is a trick to stop just about all spambots. The key is to use something that is unique to your site. Spambots can adapt to just about anything that is used on a lot of sites, but if it is only used on one site, then they probably won't adapt.

This usually involves one of the following:

• Specialized CAPTCHAs (they don't need to be hard, they just need to be unique)
  
• HTML tricks
  
• Questions specifically tailored to the website
  

There are a lot of other things that can go on that list, but the key is to create something unique.

I've got an idea! The top of the signup window would change to a random color and then it would ask “What is the color of the top of this window?” You would have to choose the color from a drop down menu. That is pretty unique. We could also do something like there is a scratch cat that changes colors and moves in a certain direction. You would then have to choose what color the scratch cat is and which direction it is moving. Those things would be easy for an 8 year-old to do, but not a spam bot. And it can be formatted in HTML5 so that flash player is not required. Of course, anyone who wants to view project online will have to get flash eventually.

Way too easy for a spambot to detect the colour.

Not exactly. I need to reiterate what I said above: Spambots will not be able to get around something that isn't widespread. They can get around just about anything if someone wants them to, but nobody will bother trying to write a script to detect the color if it's just one site.

davidkt wrote:

jvvg wrote:

davidkt wrote:

ppettitt wrote:

jvvg wrote:

There is a trick to stop just about all spambots. The key is to use something that is unique to your site. Spambots can adapt to just about anything that is used on a lot of sites, but if it is only used on one site, then they probably won't adapt.

This usually involves one of the following:

• Specialized CAPTCHAs (they don't need to be hard, they just need to be unique)
  
• HTML tricks
  
• Questions specifically tailored to the website
  

There are a lot of other things that can go on that list, but the key is to create something unique.

I've got an idea! The top of the signup window would change to a random color and then it would ask “What is the color of the top of this window?” You would have to choose the color from a drop down menu. That is pretty unique. We could also do something like there is a scratch cat that changes colors and moves in a certain direction. You would then have to choose what color the scratch cat is and which direction it is moving. Those things would be easy for an 8 year-old to do, but not a spam bot. And it can be formatted in HTML5 so that flash player is not required. Of course, anyone who wants to view project online will have to get flash eventually.

Way too easy for a spambot to detect the colour.

Not exactly. I need to reiterate what I said above: Spambots will not be able to get around something that isn't widespread. They can get around just about anything if someone wants them to, but nobody will bother trying to write a script to detect the color if it's just one site.

What if someone makes a spambot specifically for the Scratch website that creates a bunch of accounts to spam? Way too easy.

jvvg wrote:

davidkt wrote:

jvvg wrote:

davidkt wrote:

ppettitt wrote:

jvvg wrote:

There is a trick to stop just about all spambots. The key is to use something that is unique to your site. Spambots can adapt to just about anything that is used on a lot of sites, but if it is only used on one site, then they probably won't adapt.

This usually involves one of the following:

• Specialized CAPTCHAs (they don't need to be hard, they just need to be unique)
  
• HTML tricks
  
• Questions specifically tailored to the website
  

There are a lot of other things that can go on that list, but the key is to create something unique.

I've got an idea! The top of the signup window would change to a random color and then it would ask “What is the color of the top of this window?” You would have to choose the color from a drop down menu. That is pretty unique. We could also do something like there is a scratch cat that changes colors and moves in a certain direction. You would then have to choose what color the scratch cat is and which direction it is moving. Those things would be easy for an 8 year-old to do, but not a spam bot. And it can be formatted in HTML5 so that flash player is not required. Of course, anyone who wants to view project online will have to get flash eventually.

Way too easy for a spambot to detect the colour.

Not exactly. I need to reiterate what I said above: Spambots will not be able to get around something that isn't widespread. They can get around just about anything if someone wants them to, but nobody will bother trying to write a script to detect the color if it's just one site.

What if someone makes a spambot specifically for the Scratch website that creates a bunch of accounts to spam? Way too easy.

There is just about no way to stop a spambot targeted for a specific site. However, developers of spambots don't care about individual websites.

The thing you need to remember is that the spambots we're trying to stop are commercial spambots, and those just try to hit as many sites as possible. The developers don't care if some sites are able to stop them, they just care that some aren't.