Comments on: Fighting Spam on Typo with Logic http://www.ralree.com/2007/02/05/fighting-spam-on-typo-with-logic/ Malicious enjoyment derived from observing someone else's misfortune Mon, 09 Jan 2012 12:33:37 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Hank http://www.ralree.com/2007/02/05/fighting-spam-on-typo-with-logic/comment-page-1/#comment-127 Hank Mon, 05 Feb 2007 20:29:00 +0000 http://www.ralree.info/2007/10/13/fighting-spam-on-typo-with-logic#comment-127 That would rock. I say do it! I was also considering beating the mechanical turks by asking about things on the site itself. That way, the person would have to be on my site to get past the spam check, which shouldn't be a big deal. That would rock. I say do it! I was also considering beating the mechanical turks by asking about things on the site itself. That way, the person would have to be on my site to get past the spam check, which shouldn’t be a big deal.

]]> By: Piers Cawley http://www.ralree.com/2007/02/05/fighting-spam-on-typo-with-logic/comment-page-1/#comment-126 Piers Cawley Mon, 05 Feb 2007 14:29:00 +0000 http://www.ralree.info/2007/10/13/fighting-spam-on-typo-with-logic#comment-126 The problem I have with putting something exactly like this in Typo itself is that, as soon as something becomes predictable, the spammers can either program their way around it, or use mechanical turk like techniques to evade it. For instance, the classic way of evading a captcha is simply to serve the same captcha up on, say, a free porn site and ask that the user complete the captcha to see more porn, then the robot takes that answer and feeds it back to the original site and continues on its merry way. It's generally not worth the spammers' while doing this for a unique captcha system, but if enough sites start using a particular scheme, then there's more incentive for the spammer to work around it. That said, I am thinking of how to set up an anti spam plugin architecture that will allow typo users to either design their own gatekeepers or pick some other plugin, that way, gatekeepers can continue to evolve in a way that's decoupled from the blogging software and, hopefully there will be a much wider variety of them and the value the spammer in working around any single one of them will be dramatically reduced. The problem I have with putting something exactly like this in Typo itself is that, as soon as something becomes predictable, the spammers can either program their way around it, or use mechanical turk like techniques to evade it. For instance, the classic way of evading a captcha is simply to serve the same captcha up on, say, a free porn site and ask that the user complete the captcha to see more porn, then the robot takes that answer and feeds it back to the original site and continues on its merry way.

It’s generally not worth the spammers’ while doing this for a unique captcha system, but if enough sites start using a particular scheme, then there’s more incentive for the spammer to work around it.

That said, I am thinking of how to set up an anti spam plugin architecture that will allow typo users to either design their own gatekeepers or pick some other plugin, that way, gatekeepers can continue to evolve in a way that’s decoupled from the blogging software and, hopefully there will be a much wider variety of them and the value the spammer in working around any single one of them will be dramatically reduced.

]]> By: Piers Cawley http://www.ralree.com/2007/02/05/fighting-spam-on-typo-with-logic/comment-page-1/#comment-128 Piers Cawley Mon, 05 Feb 2007 14:29:00 +0000 http://www.ralree.info/2007/10/13/fighting-spam-on-typo-with-logic#comment-128 My personal roadmap for 4.x->5 is a bunch of fixes to make us more RESTful (@/admin@ must DIE) and a complete overhaul/creation of typo's plugin structure. Expect Hpricot to crop up as either a required gem or a subdirectory of vendor, and for a bunch of what I'm currently thinking of as 'structural' callbacks to appear. Event based callbacks are so _Wordpress_ don't you think? My personal roadmap for 4.x->5 is a bunch of fixes to make us more RESTful (@/admin@ must DIE) and a complete overhaul/creation of typo’s plugin structure. Expect Hpricot to crop up as either a required gem or a subdirectory of vendor, and for a bunch of what I’m currently thinking of as ‘structural’ callbacks to appear. Event based callbacks are so _Wordpress_ don’t you think?

]]>