Fighting spam is incredibly tough — a minor change in filters can suddenly block hundreds of legitimate posts and only prevent a few spam posts.
Hardly, almost every other website manages fine.
How many legitimate posts have 7 straight numbers in the thread title?
Isnt it fairly easy to limit time between new threads?
One spam post is tolerable, if there was say 30 or 60 minute lock on starting a new thread should stop the flooding.
Nobody needs to start multiple posts in quick succession.
Automated scripts can't presently get past CAPTCHA challenges. So not only will spammers be required to spend time trying to fool mods with legit-looking messages, but they'll have to pass CAPTCHA first. This will create enough of a hurdle to discourage the great majority of them. We don't need a "perfect" anti-spam system, we just need one that provides more resistance than now (i.e. more than zero).
I say: nay. CAPTCHA is on paper fine for stopping bots, but it is also remarkably good at annoying normal human users, while not actually stopping human spammers. The recent spammers seem like they could be humans.
Put CAPTCHA on the registration screen? Easily bypassed by human spam account creators. Put it as verification before starting a thread? Maybe, but it again won't stop human spammers. Put it before posting a reply? The perfect way to make a lynch mob out of your regular users.
And the main reason I'm even posting this is that another site I frequent tried implementing CAPTCHA as a defence. It had the benefits of (a) not stopping bot attacks (b) irritating legitimate users who had to enter it just for refreshing a page and (c) could be bypassed by simply refreshing the page. Perhaps 99% of that was due to terrifyingly inept implementation, but I don't think a similar plan is going to alleviate the spam problem on chess.com.
Automated scripts can't presently get past CAPTCHA challenges. So not only will spammers be required to spend time trying to fool mods with legit-looking messages, but they'll have to pass CAPTCHA first. This will create enough of a hurdle to discourage the great majority of them. We don't need a "perfect" anti-spam system, we just need one that provides more resistance than now (i.e. more than zero).
I am saying this now: no. CAPTCHA is on paper fine for stopping bots, but it is also remarkably good at annoying normal human users, while not actually stopping human spammers. The recent spammers seem like they could be humans.
Put CAPTCHA on the registration screen? Easily bypassed by human spam account creators. Put it as verification before starting a thread? Maybe, but it again won't stop human spammers. Put it before posting a reply? The perfect way to make a lynch mob out of your regular users.
And the main reason I'm even posting this is that another site I frequent tried implementing CAPTCHA as a defence. It had the benefits of (a) not stopping bot attacks (b) irritating legitimate users who had to enter it just for refreshing a page and (c) could be bypassed by simply refreshing the page. Perhaps 99% of that was due to terrifyingly inept implementation, but I don't think a similar plan is going to alleviate the spam problem on chess.com.
I was suggesting CAPTCHA only for new thread creation attempts by new accounts. Not for registering a new account. Not for refreshing a page. Not for anything else. And if new members get irritated by being required to answer CAPTCHA challenges during thier first 10 thread creation attempts, so be it. I think that the vast majority of members would understand and tolerate a short-term minor inconvenience in order to improve the forum experience here.
And what about playing 3 games before being allowed to post ? Maybe not that easy to circumvent...
And what about playing 3 games before being allowed to post ? Maybe not that easy to circumvent...
I dont like that, a new member should be allowed to ask a question.
But, he should not be allowed to ask two questions in quick succession....
So long as it's properly implemented, I would agree. So long as it's done right. I'm just a little jumpy because that other site did worse than just fail to stop spam, and I have... similar faith in the programmers on this site, so to say, given the random bugs with alerts, team matches, mysterious "Last online: Oggi/Vandaag/whatever" language renderings etc.
Yeah they'd probably stop everyone posting.
@rooperi : I agree delays between posts (or at least creating new threads) is the best idea.
It would be more work...
Here's the real answer.
Apparently spammers could write scripts to make an account and resign three games automatically. Which is why this debate is revolving around manually approving accounts.
hicetnunc wrote:
And what about playing 3 games before being allowed to post ? Maybe not that easy to circumvent...
Apparently spammers could write scripts to make an account and resign three games automatically. Which is why this debate is revolving around manually approving accounts.
hicetnunc wrote:
And what about playing 3 games before being allowed to post ? Maybe not that easy to circumvent...
Are you sugeesting that the scripts will get past CAPTCHA?
Apparently spammers could write scripts to make an account and resign three games automatically. Which is why this debate is revolving around manually approving accounts.
hicetnunc wrote:
And what about playing 3 games before being allowed to post ? Maybe not that easy to circumvent...
The point is, just to make people take longer to post these. A few game requirement is very reasonable-it'll stall their "instant create and post" issues.
Apparently spammers could write scripts to make an account and resign three games automatically. Which is why this debate is revolving around manually approving accounts.
hicetnunc wrote:
And what about playing 3 games before being allowed to post ? Maybe not that easy to circumvent...
The point is, just to make people take longer to post these. A few game requirement is very reasonable-it'll stall their "instant create and post" issues.
You mean like what is happening as I type this.
I brought that up in another post and someone rightly pointed out that spammers would use scripts to work around a lot of checks and balances. All in all, hard thing to do.
You can't "script" around a human review. I get bogus emails all the time from spammers pretending to be friends of mine from Facebook, but I never fall for it.
Thats the point though.
You can tell quite easily who is your friend, and it takes a moment to just reject them.
If you had a list of 20 users needing approval, and all look like they're making legitimate posts then you're just going to approve everything.
All a spammer needs to do to get through is make a legitimate looking post. (which for this site is hard to tell sometimes!)
I couldn't be doing with that.
Automated scripts can't presently get past CAPTCHA challenges. So not only will spammers be required to spend time trying to fool mods with legit-looking messages, but they'll have to pass CAPTCHA first. This will create enough of a hurdle to discourage the great majority of them. We don't need a "perfect" anti-spam system, we just need one that provides more resistance than now (i.e. more than zero).