[lists] Re: [wp-hackers] Anti spam idea
Elliott Bäck
ecb29 at cornell.edu
Thu Nov 18 11:01:15 UTC 2004
Why not just make comment spammers pay in CPU time for each comment?
Put a buffer page in between when the user submits his comment and the
final submission. In between, have him calculate an expensive hash in
javascript. If you played with the constants, you could make a 10s
forced delay on submission. And, the spammers can't submit without the
hash, and they're not going to wait 10s per comment, so you win.
Thanks,
Elliott C. Bäck
607-229-0623
119 Blair St. #2
--------------------
www.spreadIE.com
www.elliottback.com
C. Rummel wrote:
>On Thu, 18 Nov 2004 03:52:44 -0500, Mark Jaquith
><mark.wordpress at txfx.net> wrote:
>
>
>> Not only does it only get called once a comment has been submitted... it is
>>only called if that comment goes to moderation. Generating the CAPTCHA
>>doesn't take up significant system resources, and in any case, it isn't
>>called for every comment.
>>
>>
>
>Sure thing, this doesn't apply to everybody.
>
>
>
>> I've seen that site with the proof of concept OCR thing... but I've not yet
>>seen a spammer in posession of such software. Remember, this is like in
>>real life... stick up a fake video camera outside your house, and robbers
>>will move on to an easier target.
>>
>>
>
>Right, kind of like a scarecrow. The OCR-thing is only a proof of
>concept. Spammers
>testing for the existance of Kitty's scripts is proof enough that
>spammers adapt to
>countermeasures, at least they give up until they have developed
>something better.
>
>Chris
>
>_______________________________________________
>hackers mailing list
>hackers at wordpress.org
>http://wordpress.org/mailman/listinfo/hackers_wordpress.org
>
>
>
More information about the hackers
mailing list