Spambot activity - How you can stop it

scimonster

ProdigyZeta7 wrote:
I think I have the solution.

I've researched OCR (Optical Character Recognition) which is what spambots use to “read” CAPTCHAs. The problem is that every CAPTCHA is composed of letters. What there needs to be is a CAPTCHA image of a simple object, such as a car, apple, dog, etc. Bots can read words, but can they read pictures? Checkmate.

I think we are about to revolutionize the fight against spam.

Awesome.
Have around 100 images, and pick 4 descriptions randomly, plus the correct one, for a total of 5. Create a checklist like you described.

I must say, it's an ingenuous CAPTCHA. Unfortunately, as with any CAPTCHA, it doesn't work against human spammers.

Retired Community Moderator
BTW, i run Google Chrome 41.0.2272.101 on a Linux system - Ubuntu 14.04. NEW: iPad 4th gen. w/retina.

418 I'm a teapot (original - to be read by bored computer geeks)
THE GAME (you just lost)
; THE SEMICOLON LIVES ON IN OUR SIGS

scratchisthebest

scimonster wrote:
Unfortunately, as with any CAPTCHA, it doesn't work against human spammers.

I think the human spammer thing is a lost cause

You can't read minds over the internet, and people lie if they want to. End of story.

I am a Lava Expert

AonymousGuy

As to the image thing, what if there were two images that were the same, out of say, ten, and you had to checkmark the two that were the same to continue? At least then you wouldn't have to translate as much.

And as to how a spambot could see in the html:

<img src="someimage">
<img src="someimage">

What if there was a honeypot type thing for the rest of the images, or the image names were scrambled / there were multiple locations for each image?

craZcat

To expand on the idea, perhaps there could be some sort of automated scratch bot that looks at writing and if it sees something in the format of a web link that isn't to another project in scratch (http//example.com) and when it finds something it will remove that link and replace the words holding that link with random gibberish (so not only is there no link, there is no visible website address whatsoever?) That's my idea

You're right though, if we don't annihilate (or at least limit) spambot activity, a children-friendly site will be junked with rated-M game ads, bad words, links to powerful viruses, and all sorts of other evil stuff. I appreciate that you brought this up, and I'm sure the scratch team thanks you as well.

If a scratcher's signature was ‘eaten by an angry kumquat’, then why do they still have signatures? Hmm….

Links for ya:
Space Platformer RPG (MKII)
That project's forum topic!
Look here for other neat stuff!
More awesome stuff! Or not…

AonymousGuy

AonymousGuy wrote:
As to the image thing, what if there were two images that were the same, out of say, ten, and you had to checkmark the two that were the same to continue? At least then you wouldn't have to translate as much.

And as to how a spambot could see in the html:
<img src="someimage">
<img src="someimage">
What if there was a honeypot type thing for the rest of the images, or the image names were scrambled / there were multiple locations for each image?

Okay, I actually figured out a way this could work. (If you can believe that!)

Have two pictures of say, an apple. But, one is a cartoonish, pixel art red apple and one is a real life green apple. It says “Check the two images that are of the same object.” Then, the image source can't be used, and someone would have a hard time making a spambot that could tell which ones were the same.

The only problem is blind people couldn't use it.

ProdigyZeta7

AonymousGuy wrote:
The only problem is blind people couldn't use it.

What would blind people be doing on the Internet?

Rumanti

ProdigyZeta7 wrote:
AonymousGuy wrote:
The only problem is blind people couldn't use it.
What would blind people be doing on the Internet?

Listening to music? i don't know, but I've heard that there are some softwares somewhere that are made for blind peoples… Dunno.
(/offtopic)

:wq

Deerleg

Yeah, I think the good way to stop spambots is to use images.

scratchisthebest

ProdigyZeta7 wrote:
AonymousGuy wrote:
The only problem is blind people couldn't use it.
What would blind people be doing on the Internet?

http://en.wikipedia.org/wiki/Screen_reader

I am a Lava Expert

ProdigyZeta7

scratchisthebest wrote:
ProdigyZeta7 wrote:
AonymousGuy wrote:
The only problem is blind people couldn't use it.
What would blind people be doing on the Internet?
http://en.wikipedia.org/wiki/Screen_reader

Oh.

ProdigyZeta7

Bump.

Spambots can now change their profile pic, sometimes to an inappropriate one.

AonymousGuy

ProdigyZeta7 wrote:
Bump.

Spambots can now change their profile pic, sometimes to an inappropriate one.

Wow. Next they will be constructing inappropriate projects from their code, and having a whole bunch of extra accounts love-it the project so it will get on the front page.

Deerleg

This is a bit late, but I saw a spam topic that didn't look like a spam topic on the outside, but was complete spam on the inside.
If this was a spambot, are they getting smarter? (Of course, there is the possibility that the spammer was human.)

Harakou

Deerleg wrote:
This is a bit late, but I saw a spam topic that didn't look like a spam topic on the outside, but was complete spam on the inside.
If this was a spambot, are they getting smarter? (Of course, there is the possibility that the spammer was human.)

It's not uncommon for them to have an innocuous title, though it's usually generic or nonsensical. (e.g. “Hey yo man what's up”) This sort of behavior also tends to follow a pattern and is followed mostly by a couple of our “regulars.” (One in particular.) What specific title did you see?

Last edited by Harakou (Dec. 21, 2013 18:51:54)

Deerleg

Harakou wrote:
Deerleg wrote:
This is a bit late, but I saw a spam topic that didn't look like a spam topic on the outside, but was complete spam on the inside.
If this was a spambot, are they getting smarter? (Of course, there is the possibility that the spammer was human.)
It's pretty common for them to have an innocuous title, though it's usually generic or nonsensical. (e.g. “Hey yo man what's up”) What specific title did you see?

It was “Make the world a better place project” or something like that. (It's already been reported.)

Last edited by Deerleg (Dec. 22, 2013 17:26:11)

jontmy00

Maybe an audio CAPTCHA with no text visible on screen would work?

Example:

User wants to register.
User goes to the registration page.
User fills up everything except for the audio verification.
User presses a button to start the audio CAPTCHA.
User fills in the text/phrase which is said by the CAPTCHA (it can say it in letters, or the word?).
User submits form.

Spambot wants to register.
Spambot goes to the registration page.
Spambot fills up everything except for the audio verification.
Spambot somehow knows how to start the audio verification, but doesn't know how to enter it in.
Spambot presses “submit” (or whatever) to register while the field is empty.
Spambot fails.

Rumanti

jontmy00 wrote:
Maybe an audio CAPTCHA with no text visible on screen would work?

Example:

User wants to register.
User goes to the registration page.
User fills up everything except for the audio verification.
User presses a button to start the audio CAPTCHA.
User fills in the text/phrase which is said by the CAPTCHA (it can say it in letters, or the word?).
User submits form.

Spambot wants to register.
Spambot goes to the registration page.
Spambot fills up everything except for the audio verification.
Spambot somehow knows how to start the audio verification, but doesn't know how to enter it in.
Spambot presses “submit” (or whatever) to register while the field is empty.
Spambot fails.

I don't quite know, but I'm sure what we're dealing with is human spammers, not spambots.

:wq

Lirex

jontmy00 wrote:
Maybe an audio CAPTCHA with no text visible on screen would work?

You would have to translate the text into many languages. Also not everyone has speakers (e.g. in schools sound is disabled sometimes).

Last edited by Lirex (Dec. 22, 2013 09:09:11)

Scratch-DACH-Wiki author

;

Yay, 500+ posts! (05/25/2014)

jontmy00

Lirex wrote:
You would have to translate the text into many languages. Also not everyone has speakers (e.g. in schools sound is disabled sometimes).

True…

cheddargirl

ProdigyZeta7 wrote:
Bump.

Spambots can now change their profile pic, sometimes to an inappropriate one.

I think that's more of a sign to a human spammer or a human-controlled spambot as opposed to a purely automatic one.

It's not unusual to see human spammers around here doing things like changing their profile page, adding a user description, or even making Scratch projects to try to fit in thinking moderators will mistake then for normal users. There was one case of a spammer who was chatting in the forums like a normal user in a Miscellaneous thread back when we had a Miscellaneous section.

Sadly, my forum signature was eaten by an evil kumquat.

Discuss Scratch