Spambot activity - How you can stop it

cheddargirl

jh1234l wrote:
We could require a email confirmation, or require new scratchers to do a captcha when posting external links.

We have actually thought about this, but we have encountered problems where users misspell their e-mail address, or use someone else's e-mail address (such as a parent's), or where the user's e-mail client doesn't deliver our mail properly.

darkness3560 wrote:
Rumanti wrote:
darkness3560 wrote:
Rumanti wrote:
How about the blind peoples?
I don't think there are any blind people using Scratch because you can't really use a screen reader with the Scratch project editor…
Umm.. I don't know what to say…But I took a HTML5 course last month and the instructor said that all .edu domains could be read with a screen reader.
I personally would find it quite difficult to drag and drop blocks with a screen reader. Also, Scratch is Flash-based, and screen readers can't read Flash.

Not quite true! ;) Granted that you do have to depend on the developer to make the SWF file more accessible, but it's doable and it's something we would like to improve on Scratch going forward. But we're getting a bit off topic. ^^;

Sadly, my forum signature was eaten by an evil kumquat.

mariobros406

Yeah, I personally think that everything suggested should work. That's right, I said everything!!! That way if they get past one thing, there will be a bunch more. One problem…if this was implanted, it would take forever for a normal person to get in!

Last edited by mariobros406 (Jan. 4, 2014 00:56:26)

I only check in to Scratch from time to time to see what others have been up to. I don't really post anything anymore. I'll occasionally post a question in the AT forum if I can't find an answer anywhere else.

scratchisthebest

mariobros406 wrote:
Yeah, I personally think that everything suggested should work. That's right, I said everything!!! That way if they get past one thing, there will be a bunch more. One problem…if this was implanted, it would take forever for a normal person to get in!

It's just once, when you sign up. People expect a CAPTCHA on signup too. It's normal.

Quick recap:
* Email confermation is a no
* We can't use lettters and numbers b/c XRumer, like, at all.
* As accessable as possible.
* Flash is going to go soon, so no project based (for now)

I am a Lava Expert

darkness3560

Remember, my Spamover project is just an example of how my verification system would work. It's like a concept rather than the finished project. The concept I came up with is language-based, so even if XRumer can read it, it can't interpret language, and it doesn't know what to do. It has a color-blind mode for people who can't see color.

scimonster

scratchisthebest wrote:
mariobros406 wrote:
Yeah, I personally think that everything suggested should work. That's right, I said everything!!! That way if they get past one thing, there will be a bunch more. One problem…if this was implanted, it would take forever for a normal person to get in!
It's just once, when you sign up. People expect a CAPTCHA on signup too. It's normal.

People don't expect 10 CAPTCHAs. It would seriously turn people away.

Retired Community Moderator
BTW, i run Google Chrome 41.0.2272.101 on a Linux system - Ubuntu 14.04. NEW: iPad 4th gen. w/retina.

418 I'm a teapot (original - to be read by bored computer geeks)
THE GAME (you just lost)
; THE SEMICOLON LIVES ON IN OUR SIGS

scratchisthebest

scimonster wrote:
scratchisthebest wrote:
mariobros406 wrote:
Yeah, I personally think that everything suggested should work. That's right, I said everything!!! That way if they get past one thing, there will be a bunch more. One problem…if this was implanted, it would take forever for a normal person to get in!
It's just once, when you sign up. People expect a CAPTCHA on signup too. It's normal.
People don't expect 10 CAPTCHAs. It would seriously turn people away.

Ah, I thought he meant “or”. That's me skimming posts too quickly for you

I am a Lava Expert

Pipko411

Maybe we could make them put in their password.

hey I'm becca! scratch's resident old witch

when I receive [Falco]
forever
broadcast [Up Tilt]
end

Pipko411

Pipko411 wrote:
Maybe we could make them put in their password.

Wait, they should remember their password, nevermind.

hey I'm becca! scratch's resident old witch

when I receive [Falco]
forever
broadcast [Up Tilt]
end

ProdigyZeta7

Oh my God, I think these spambots are causing server downtime… It seems after every time I see the server maintenance page there's a few more spam topics in the forums. O_O

Last edited by ProdigyZeta7 (Jan. 5, 2014 20:07:43)

jvvg

ProdigyZeta7 wrote:
Oh my God, I think these spambots are causing server downtime… It seems after every time I see the server maintenance page there's a few more spam topics in the forums. O_O

I don't think that that is the case.
We are usually only getting a few spambots every few days. It would take several orders of magnitude more than that to cause downtime.

Professional web developer and lead engineer on the Scratch Wiki
Maybe the Scratch Team isn't so bad — Why the April Fools' Day forum didn't work last year

Mozzi64

Pipko411 wrote:
Pipko411 wrote:
Maybe we could make them put in their password.
Wait, they should remember their password, nevermind.

Well, maybe you get signed out as soon as you register. Then spambots maybe do not know how to access sign-in.

THE POTATOES, THEY'RE EVERYWHERE
HEELLLLPPP
lol

ProdigyZeta7

Bump, post updated.

mario91100

ProdigyZeta7 wrote:
Oh my (Whoops!), I think these spambots are causing server downtime… It seems after every time I see the server maintenance page there's a few more spam topics in the forums. O_O

Uh oh… not good…
That explains COULD explain all the server downtimes.

Speaking of which, who is going to make a tower defense game out of all this? You bet one is coming.

Then again, could a spambot circumvent the ‘downtime’ gate, and continue spamming without worry of being caught, at least at the time?

Last edited by mario91100 (Jan. 13, 2014 23:55:35)

Goodbye.

My final wishes are here.

jvvg

mario91100 wrote:
ProdigyZeta7 wrote:
Oh my (Whoops!), I think these spambots are causing server downtime… It seems after every time I see the server maintenance page there's a few more spam topics in the forums. O_O

Uh oh… not good…
That explains all the server downtimes.

Speaking of which, who is going to make a tower defense game out of all this? You bet one is coming.

Then again, could a spambot circumvent the ‘downtime’ gate, and continue spamming without worry of being caught, at least at the time?

I seriously doubt that spambots are causing downtime. All they do is submit a few cURL requests tothe registration page and forum post page (probably fewer than 10 requests in total, when it takes nearly 200 just to load the front page).

Professional web developer and lead engineer on the Scratch Wiki
Maybe the Scratch Team isn't so bad — Why the April Fools' Day forum didn't work last year

LuxrayStar

Maybe someone could make a project to raise awareness of this problem…

Stop the Spambots!
;We will never forget the semicolon;

Darrman

I reported the post for sticking. If an attack DOES come, we need to be prepared! This has helpful info.

RIP Scratch Smash Team! Thread here.

I made a thread about adding an Enter command in the “When whatever pressed.”
Thread is here.

I like Fire Emblem. Hail Zigludo!

Rumanti

I do not remember who's idea is this, but I think a censor that stops New Scratchers from posting external links (even though it's not clickable) would be effective.

Spammer: *posted 25 harmful links to commercial spammy websites*
Spammer: *submit*
Censor: Oh noes! You can not post links outside of Scratch and approved websites. Please don't post links outside approved websites until you're a Scratcher
Spammer: !@#%!@~(&*^&($!

It would be a pain, though, for New Scratchers that want to post in MaC. But this would be effective, to prevent both spammers and spambots.

Another idea: Users who sign with email from stopforumspam.com can not make accounts.

:wq

Sonickyle

Rumanti wrote:
I do not remember who's idea is this, but I think a censor that stops New Scratchers from posting external links (even though it's not clickable) would be effective.

Spammer: *posted 25 harmful links to commercial spammy websites*
Spammer: *submit*
Censor: Oh noes! You can not post links outside of Scratch and approved websites. Please don't post links outside approved websites until you're a Scratcher
Spammer: !@#%!@~(&*^&($!

It would be a pain, though, for New Scratchers that want to post in MaC. But this would be effective, to prevent both spammers and spambots.

Another idea: Users who sign with email from stopforumspam.com can not make accounts.

But most of the smammers I've seen advertise websites where you can watch movies for free, but there are no links anyway.

No I don't make projects anymore. I left some time ago.
I only check the forums every now and then, but other than that consider me retired.

NoxSpooth

Sonickyle wrote:
But most of the smammers I've seen advertise websites where you can watch movies for free, but there are no links anyway.

Actually there are links. You can see them when you quote the post.

Arrivederci.

Rumanti

NoxSpooth wrote:
Sonickyle wrote:
But most of the smammers I've seen advertise websites where you can watch movies for free, but there are no links anyway.
Actually there are links. You can see them when you quote the post.

Thanks to the New Scratcher status

However, even if they don't appear as links, some spammers posted them as URLs, which anyone could copy and paste. It would be great if the censor blocked THE POST, and not THE LINKS. (sorry, caps.)

:wq

Discuss Scratch