[wp-hackers] Anti spam idea
Mark Jaquith
mark.wordpress at txfx.net
Thu Nov 18 08:52:44 UTC 2004
Not only does it only get called once a comment has been submitted... it
is only called if that comment goes to moderation. Generating the
CAPTCHA doesn't take up significant system resources, and in any case,
it isn't called for every comment.
I've seen that site with the proof of concept OCR thing... but I've not
yet seen a spammer in posession of such software. Remember, this is
like in real life... stick up a fake video camera outside your house,
and robbers will move on to an easier target.
C. Rummel wrote:
>On Mon, 15 Nov 2004 19:09:36 -0500, Mark Jaquith
><mark.wordpress at txfx.net> wrote:
>
>
>>I wrote some WP code that does this... but only if a comment has been
>>moderated. Thus, if a user accidentally trips into moderation, he will
>>have a chance to moderate his own comment by completing the CAPTCHA.
>>
>>
>
>So this way you give manually submitting spammers the chance to get where
>they want to get? Not so good, I think.
>
>The Problem with CAPTCHAs is resources. It is not advisable to always show
>a CAPTCHA it has to be created everytime. With hightraffic sites your machine
>is busy generating CAPTCHAs all day long. So either you create a cache of
>pregenerated CAPTCHAs or you move it to the comment-preview page that
>only gets called if somebody is really writing a comment. I know some people
>how stopped using CAPTCHAs because their machines couldn't cope with the
>additional load.
>
>An then, again, there is the OCR-problem... Most CAPTCHAs can be read
>and guessed correctly with >70% chance.
>
>Chris
>
>_______________________________________________
>hackers mailing list
>hackers at wordpress.org
>http://wordpress.org/mailman/listinfo/hackers_wordpress.org
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/hackers_wordpress.org/attachments/20041118/985e5ded/attachment-0001.htm
More information about the hackers
mailing list