Comments on: p2pnet spam bot troubles http://www.p2pnet.net/story/9740 p2pnet.net - reader powered Tue, 24 Nov 2009 12:38:11 -0600 http://wordpress.org/?v=2.8.4 hourly 1 By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118948 Reader's Write Mon, 04 Sep 2006 05:58:59 +0000 #comment-118948 Do what you have to do, be that verification, signing in, what ever it takes. This site is too valuable to all of us for you to be extinguished by any cause. Ken Johnson Sand Point Alaska Do what you have to do, be that verification, signing in, what ever it takes.

This site is too valuable to all of us for you to be extinguished by any cause.

Ken Johnson
Sand Point Alaska

]]> By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118884 Reader's Write Sat, 02 Sep 2006 19:38:52 +0000 #comment-118884 So I guess the question is whether spammers would be willing to go to the trouble to make an account here or not. Right now it only looks like one offender to me. I have noticed that the string verification hasn't been stopping him/her/it 100% of the time either, so even it's not perfect. I know that the idea we're talking about does have it's own flaws, but my thinking when I originally replied that this might be a good idea (further down) was that it might be easier to delete an account, which could perhaps be set up to erase all posts associated with it too, rather than delete one post at a time. I suppose the only way to know for sure is to try this idea out, but then again, like I also said in that other post, making people sign up just to avoid the string might have the same effect; that is, to discourage people from posting altogether. Isn't there any kind of automated scripting that could be implemented which would be able to recognize spam and prevent it from being posted, perhaps also automatically block the spammers IP address and account (if they're using one) for 24-48 hours maybe? That's another thought I had, though I don't really know much about how the server end of running a website works, and thus I have no clue if this is even possible to do. Frankly, I'd be happy with the string if only it was more readable and posts weren't lost when a string is typed in wrong. Those two things alone would be a huge help for everyone and a good start towards solving this dilemma. So I guess the question is whether spammers would be willing to go to the trouble to make an account here or not. Right now it only looks like one offender to me. I have noticed that the string verification hasn’t been stopping him/her/it 100% of the time either, so even it’s not perfect. I know that the idea we’re talking about does have it’s own flaws, but my thinking when I originally replied that this might be a good idea (further down) was that it might be easier to delete an account, which could perhaps be set up to erase all posts associated with it too, rather than delete one post at a time. I suppose the only way to know for sure is to try this idea out, but then again, like I also said in that other post, making people sign up just to avoid the string might have the same effect; that is, to discourage people from posting altogether.

Isn’t there any kind of automated scripting that could be implemented which would be able to recognize spam and prevent it from being posted, perhaps also automatically block the spammers IP address and account (if they’re using one) for 24-48 hours maybe? That’s another thought I had, though I don’t really know much about how the server end of running a website works, and thus I have no clue if this is even possible to do.

Frankly, I’d be happy with the string if only it was more readable and posts weren’t lost when a string is typed in wrong. Those two things alone would be a huge help for everyone and a good start towards solving this dilemma.

]]> By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118842 Reader's Write Sat, 02 Sep 2006 05:16:33 +0000 #comment-118842 I liked the one idea that someone posted, about making the string only required when posting anonymously. A user named 'eclectica' has already responded to this topic in the comments advertising pills..... I liked the one idea that someone posted, about making the string only required when posting anonymously.

A user named ‘eclectica’ has already responded to this topic in the comments advertising pills…..

]]> By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118841 Reader's Write Sat, 02 Sep 2006 05:14:07 +0000 #comment-118841 The only problem is the spammers can still register and post their shite... I can't even read the string displayed below... it's kind of like a 3d 'i' The only problem is the spammers can still register and post their shite… I can’t even read the string displayed below… it’s kind of like a 3d ‘i’

]]> By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118814 Reader's Write Fri, 01 Sep 2006 15:51:55 +0000 #comment-118814 It's good to see Jon being open about this. I was actually pretty close to leaving P2Pnet permanently because of it, but curiosity made me come back. The validation idea clearly isn't working as I keep seeing the same spam posted that string verification was supposed to stop. This means all verification is doing is driving the legit posters nuts. O and 0. I, l, and 1. 5 and S. 9 and g. A and 4 being the most recent gotcha, because the four is usually angled, which combined with the background static can make it look like an A if your not looking closely enough. I'm sure I've forgoten a few too. Doing the CTRL-A CTRL-C CTRL-V thing works, but we all forget sometimes to do it. That and it gets kind of trying after a while. Well, enough complaining from me since Jon has clearly seen the issues here. Lets see... I liked the one idea that someone posted, about making the string only required when posting anonymously. Might make folks more inclined to create a permanent account in order to avoid having to enter strings, but then again anonymous posting is likely what makes a lot of folks willing to post at all, so this idea could potentially do the same thing the verification is doing, which is drive people away. Surely there has to be a better version of this string verification script available somewhere. FWIW, I certianly don't mind having to enter a string. It's primarily the concequences of getting it wrong (several times in a row) that I don't like, plus it seems to time out if you take to long to tyope up a post, making the entire string wrong regardless. I'm certain it's worst for first time posters, who likely just give up and never come back. Certainly, setting things up so that folks don't lose the comment they worked so hard on would be a definite start, if nothing else. If you get rid of string verification altogether, then I'm sure there are volunteers willing to delete spam when they see it. I suppose the hard part with that is finding people you trust though. Man, this isn't an easy problem to solve, is it. Damned if you do, damned if you don't... It’s good to see Jon being open about this. I was actually pretty close to leaving P2Pnet permanently because of it, but curiosity made me come back. The validation idea clearly isn’t working as I keep seeing the same spam posted that string verification was supposed to stop. This means all verification is doing is driving the legit posters nuts. O and 0. I, l, and 1. 5 and S. 9 and g. A and 4 being the most recent gotcha, because the four is usually angled, which combined with the background static can make it look like an A if your not looking closely enough. I’m sure I’ve forgoten a few too. Doing the CTRL-A CTRL-C CTRL-V thing works, but we all forget sometimes to do it. That and it gets kind of trying after a while. Well, enough complaining from me since Jon has clearly seen the issues here. Lets see… I liked the one idea that someone posted, about making the string only required when posting anonymously. Might make folks more inclined to create a permanent account in order to avoid having to enter strings, but then again anonymous posting is likely what makes a lot of folks willing to post at all, so this idea could potentially do the same thing the verification is doing, which is drive people away. Surely there has to be a better version of this string verification script available somewhere. FWIW, I certianly don’t mind having to enter a string. It’s primarily the concequences of getting it wrong (several times in a row) that I don’t like, plus it seems to time out if you take to long to tyope up a post, making the entire string wrong regardless. I’m certain it’s worst for first time posters, who likely just give up and never come back. Certainly, setting things up so that folks don’t lose the comment they worked so hard on would be a definite start, if nothing else. If you get rid of string verification altogether, then I’m sure there are volunteers willing to delete spam when they see it. I suppose the hard part with that is finding people you trust though. Man, this isn’t an easy problem to solve, is it. Damned if you do, damned if you don’t…

]]> By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118769 Reader's Write Fri, 01 Sep 2006 10:04:57 +0000 #comment-118769 I've purposely made comment whenever I have to validate more than once, so that it is known where the problem is. I've lost several posts prior to that because I didn't do the ctrl+a and then the ctrl+c. Those just didn't get posted again because I usually will post a long text. It's not worth it to rewrite it again. For the spammer, I left a post right under his for all the members just for the heck of it. It was followed by another spam and I spammed it right back (which I noticed that both remained though I expected them both to go with the spam) with a copy of the same post. I wish you had another version of this validation script that might have more distinct characters. That in itself would solve this problem. I’ve purposely made comment whenever I have to validate more than once, so that it is known where the problem is. I’ve lost several posts prior to that because I didn’t do the ctrl+a and then the ctrl+c. Those just didn’t get posted again because I usually will post a long text. It’s not worth it to rewrite it again.

For the spammer, I left a post right under his for all the members just for the heck of it. It was followed by another spam and I spammed it right back (which I noticed that both remained though I expected them both to go with the spam) with a copy of the same post.

I wish you had another version of this validation script that might have more distinct characters. That in itself would solve this problem.

]]> By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118740 Reader's Write Fri, 01 Sep 2006 08:03:42 +0000 #comment-118740 And lose any of 1 and l and I and i please. I've lost posts, too. And lose any of 1 and l and I and i please. I’ve lost posts, too.

]]> By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118717 Reader's Write Fri, 01 Sep 2006 06:44:35 +0000 #comment-118717 Jon 1. I always have trouble logging in. I don't know how to change my password to something I can remember. That's problem #1 in why I don't leave you more comments. I've created 3 accounts so far, and still don't know what to do. 2. When I did log in, and got the letter verification, it just didn't work; I don't know why. I use letter verification on other sites all the time, including my blog, and don't have any problem with it. So I think it's the particular version you're using that's difficult to penetrate. Those are my thoughts. Best regards, Ray Jon

1. I always have trouble logging in. I don’t know how to change my password to something I can remember. That’s problem #1 in why I don’t leave you more comments. I’ve created 3 accounts so far, and still don’t know what to do.

2. When I did log in, and got the letter verification, it just didn’t work; I don’t know why. I use letter verification on other sites all the time, including my blog, and don’t have any problem with it. So I think it’s the particular version you’re using that’s difficult to penetrate.

Those are my thoughts.

Best regards,

Ray

]]> By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118708 Reader's Write Fri, 01 Sep 2006 05:52:00 +0000 #comment-118708 If you were to run this site using vBulletin 3.6 you could have registered users who don't have to use a captcha for every post, while unregistered users would be required to post using the captcha. If you were to run this site using vBulletin 3.6 you could have registered users who don’t have to use a captcha for every post, while unregistered users would be required to post using the captcha.

]]> By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118657 Reader's Write Fri, 01 Sep 2006 00:51:40 +0000 #comment-118657 OOOOOOOH YES WE DO! ;) OOOOOOOH YES WE DO! ;)

]]> By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118653 Reader's Write Fri, 01 Sep 2006 00:40:14 +0000 #comment-118653 I think that you have been the victim of 'someone' remotely taking control of your computer or website. A Zombie program maybe?...or something like that. It's quite obvious this 'someone' is trying to hide by 'spoofing' [unsavory] Chinese websites in an attempt to appear from somewhere where they are NOT. ;) I think that you have been the victim of ’someone’ remotely taking control of your computer or website. A Zombie program maybe?…or something like that. It’s quite obvious this ’someone’ is trying to hide by ’spoofing’ [unsavory] Chinese websites in an attempt to appear from somewhere where they are NOT. ;)

]]> By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118642 Reader's Write Fri, 01 Sep 2006 00:03:10 +0000 #comment-118642 ummm I don't know :) ummm I don’t know :)

]]> By: Reader's Write http://www.p2pnet.net/story/9740/comment-page-1#comment-118627 Reader's Write Thu, 31 Aug 2006 23:12:34 +0000 #comment-118627 This is a good way to eliminate the spammers. Too bad there's not a similar system which would be able to delete comments by the various trolls who call you a shill for Morpheus. :) This is a good way to eliminate the spammers. Too bad there’s not a similar system which would be able to delete comments by the various trolls who call you a shill for Morpheus. :)

]]>