[Noisebridge-discuss] Spam on the wiki
c1 at caseyc.net
Tue Jul 5 15:59:47 PDT 2011
I've had some experience de-spamming other MediaWiki installations. It
seems that most of these spammers have someone (mechanical Turk, chinese
gold farm, porno access page) solving RECaptchas as quickly as possible.
This is where their main costs come from. Remember that this is a major
volume business. They almost never tweak their scripts to work around
the individual quirks of a particular installation. In fact, as a
general rule, if you can make your pages the least-bit out of "standard"
it will kill spam for a very long time.
On ones that I managed, we required newly created accounts to pass a
CAPTCHA for all spam-potential actions. More specifically, "new"
accounts couldn't create or edit any sort of page. That "new" threshold
is worth tweaking. By default, it's 3 days. We set it to 4 and that was
enough out of "normal" to kill spam.
I think, for the NB wiki, we should consider adding that restriction. We
should also try using different CAPTCHAs for different pages.
ReCAPTCHA's failing is its ubiquity. Writing code to work around it has
a high payoff. Anything we can do to affect the spammers' bottom lines
will be what works.
On 7/2/11 2:23 AM, Andy Isaacson wrote:
> On Fri, Jul 01, 2011 at 05:03:26PM -0700, L E wrote:
>> +1 for email+ReCaptcha registration. Yay!
> I'm strongly against email reg requirements; mail accounts are easy to
> come by anyways, and I'm not going to get into the "these are known spam
> domains" game. A captcha, especially an unusual one, is much better
> IMO. It could be as simple as "solve this math problem and put the
> result in this textbox".
> We survived for 4 years (holy fuck! it's been four years since this
> crazy idea got started) with just requiring SSL; incremental improvement
> is sufficient.
> I'm still amused that anonymous editing isn't more of a problem.
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
More information about the Noisebridge-discuss