[wsfii-discuss] Spammers appear to have hacked into wsfii site

Tue Oct 28 09:02:27 UTC 2008

On Tue, Oct 28, 2008 at 1:01 PM, jeff buderer <jeff at onevillagefoundation.org
> wrote:

> Vickram,
>
> Anything can be broken but CAPTCHAS reduce the number of intruders.
>

CAPTCHAs are a bit ugly in the sense of it being a zero-sum game - a CAPTCHA
gets broken, then you need to make it more obscure, upto a point where its
rather hard for even humans to decipher what's written .. I personally
prefer the option of using random questions, etc. combined with some
javascript spoofing techniques (not having a standard submit button but a
javascript onclick triggering submit, etc.) which has reduced attacks from
automated bots for me in the past - however, none of these techniques are
effective against human spammers ..

>
> What are the other options?
>

One tool that I know of, that apparently works quite well - I haven't used
it a lot, but am on their mailing list and it sounds like a decently good
project - http://akismet.com/ .

Again, the above solutions are more in the context of "comment spam" and not
sure how well they translate to the problem of wiki spam ...

Am happy to work with people on implementing any of these solutions ... I
think aksimet is probably worth a try as its absolutely non-intrusive for
the user, works by learning from the community of users so you help the
larger community every time you find a new spammer, etc ...

(btw, since this is my first post on the list, a quick introduction - I work
for http://camputer.org , very interested in wireless and am friends with
Vickram, in Bombay .. )

cheers,
Sanjay

> Jeff
>
> On Tue, 2008-10-28 at 02:52 +0000, Vickram Crishna wrote:
> > I think many such initiatives suffer for the same reason (ie, not
> > enough time for sysops to handle the load), in order to authenticate
> > genuine users. Plus of course the hassles of keeping passwords, for
> > the genuine users.
> >
> > Captchas can and are being broken today by public ocr service sites, I
> > read not so long back in Slashdot.
> >
> > Vickram
> > http://communicall.wordpress.com
> > http://vvcrishna.wordpress.com
> >
> >
> >
> >
> > ______________________________________________________________________
> > From: Alexander List <alex at list.priv.at>
> > To: Discuss list on the World Summit on Free Information
> > Infrastructure <wsfii-discuss at lists.okfn.org>
> > Sent: Monday, 27 October, 2008 15:41:37
> > Subject: Re: [wsfii-discuss] Spammers appear to have hacked into wsfii
> > site
> >
> > Vickram Crishna wrote:
> > > Quite right. Naturally, this increases the workload for the sysop,
> > for
> > > which the only solution, imo, is to increase the number of sysops,
> > > with enough volunteers (3-5 is a good number) that one or the other
> > > takes care of it in time.
> >
> > What about only allowing authenticated users to sign up/post, and to
> > use
> > captchas to get rid of those bots?
> >
> > Alex
> >
> > _______________________________________________
> > wsfii-discuss mailing list
> > wsfii-discuss at lists.okfn.org
> > http://lists.okfn.org/mailman/listinfo/wsfii-discuss
> >
> >
> > _______________________________________________
> > wsfii-discuss mailing list
> > wsfii-discuss at lists.okfn.org
> > http://lists.okfn.org/mailman/listinfo/wsfii-discuss
>
>
>
> _______________________________________________
> wsfii-discuss mailing list
> wsfii-discuss at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/wsfii-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/wsfii-discuss/attachments/20081028/d46d3668/attachment.html>