2024-11-24, 08:55 *
Welcome, Guest. Please login or register.

Login with username, password and session length
 
Pages: [1]
  Print  
Author Topic: Registration Problems  (Read 20530 times)
0 Members and 4 Guests are viewing this topic.
Phoenix
Bird of Fire
 

Team Member
Elite (7.5k+)
*********
Posts: 8814

WWW
« on: 2011-11-10, 19:19 »

If anyone has been having trouble registering on the site, we had a glitch in one of our anti-bot utilities.  It has been corrected, so please try to register again.
Logged


I fly into the night, on wings of fire burning bright...
J3E125
 

Spider Mastermind
********
Posts: 407

In cunning 480p!

« Reply #1 on: 2011-11-10, 23:55 »

Wait, don't you (or someone else Slipgate - Shifty) approve of the account to register, or does the account automatically register  Slipgate - Confused
Logged

Phoenix
Bird of Fire
 

Team Member
Elite (7.5k+)
*********
Posts: 8814

WWW
« Reply #2 on: 2011-11-11, 16:34 »

I do approve the registrations, but to approve every registration attempt would mean I would have to spend all day every day just sorting out spam bots from real applicants.  It's much easier to use what is called a captcha to keep the bots out.  Captcha is the little random numbers and letters used during the registration process to try to fool bots.  The problem is that spam bots have gotten more sophisticated over the years and a lot of them know how to beat captcha.  Some spammers also employ a small army of low-paid workers to do nothing but register on sites and key in captchas so they can spam on web forums.  If a bot beats the captcha, or someone at a spam farm manages to do so, then a fake registration attempt ends up in the approval queue.  I still look over all the registrations that make it into the queue to try to determine if it's a live, sentient being that genuinely wants to use the board, or a spammer that wants to send our members off to virus-laden internet glory hole, but it's a lot safer and infinitely less work to just not let them get into the queue in the first place.

We implemented what is called a "Clock Captcha", a nifty anti-bot utility someone wrote that shows a graphic of a dial-style clock and asks the registrant to read the clock and input the time.  It's very unlikely that a bot program has been written to get around this, whereas most people in the world can read a clock.  If not... well, they shouldn't be using a computer so we're not too worried about that.  The problem was that when the forums had some file damage done by a failed takeover hack attempt the clock captcha was broken when I restored one of the files.  This was producing the prompt for the time, but no clock graphic to read, which meant nobody could register a new account.  The registration page is not something I usually look at so I didn't learn of this until someone had emailed Tabun and mentioned it.
Logged


I fly into the night, on wings of fire burning bright...
fourier
 
Hans Grosse
*******
Posts: 267

« Reply #3 on: 2011-11-12, 14:43 »

That's a good method.  One I came up with a couple years ago was an image system -- a pool of recognisable images like foods, animals, objects.  Randomly display a group of those images (which are overlayed onto a random checksum image or possibly an alpha channel), select 3 of those images at random, and ask for them in the correct order.  It's very simple for a human to do, but nearly impossible for a bot to figure out.  The values submitted by the user would of course be random gibberish whose mapped values only exist on the server for verification.
Logged
J3E125
 

Spider Mastermind
********
Posts: 407

In cunning 480p!

« Reply #4 on: 2011-11-12, 20:52 »

It's weird how a computer can be intermediately programmed to figure out a physics question, yet it's near impossible to make it read a clock
Doom - Huh?
Logged

Phoenix
Bird of Fire
 

Team Member
Elite (7.5k+)
*********
Posts: 8814

WWW
« Reply #5 on: 2011-11-13, 02:50 »

Oh it's quite possible for a computer to be programmed to decipher the clock captcha, but the question is one of exposure and expected gains in defeating the security measure.  Very few sites probably use the clock captcha.  If an anti-bot tool does not have very wide exposure then spammers won't bother with trying to defeat it because it's not worth their time and effort to do so.  It's the same as a thief wanting to break into a house.  Is the thief going to pick the house that has the iron bars on the windows, two deadbolts on the doors, a guard dog barking behind the wooden fence, and the security cameras, or is the thief going to cut the screen on the house with the open windows after watching the whole family pile into the minivan and take off to the movies?  Sure, it may be possible to break into the fortified home, but is it worth the effort to do so when there's easier pickings around?

That's the whole nature of security.  It's not about making things impossible to defeat so much as making it not worth bothering with since there's easier targets elsewhere.  Sure, you'll get hackers that like to beat stuff just for thrills, but we're talking about for-profit spammers running automated tools.  They're not going to bother with writing extra code to break into everything around.  They typically write code to defeat the most widely used captchas.  Since the clock captcha is an uncommon tool, it's likely to get missed by the spam bot writers unless and until it catches on as a more common tool.
Logged


I fly into the night, on wings of fire burning bright...
Tabun
Pixel Procrastinator
 

Team Member
Elite (3k+)
******
Posts: 3330

WWW
« Reply #6 on: 2011-11-15, 04:10 »

This is also why you see the very popular captcha applications get more and more obfuscated, to the point of being near-impossible to read even for humans. That's because there's plenty of spam-agencies willing to invest in beating those; if they can get past the check for those, they can infect lots of different targets.
Logged

Tabun ?Morituri Nolumus Mori?
J3E125
 

Spider Mastermind
********
Posts: 407

In cunning 480p!

« Reply #7 on: 2011-11-15, 23:59 »

hmm... how about make a maze game captcha?
simple graphics, yet confusing for a bot  Slipgate - Laugh
Logged

Thomas Mink
 

Beta Tester
Icon of Sin
***********
Posts: 920

HeLLSpAwN

« Reply #8 on: 2011-11-18, 11:37 »

This is also why you see the very popular captcha applications get more and more obfuscated, to the point of being near-impossible to read even for humans. That's because there's plenty of spam-agencies willing to invest in beating those; if they can get past the check for those, they can infect lots of different targets.

Hmmm.. guess that explains why I sometimes find myself having to 'select another' like 4 or 5 times before I get one I can make any sense of. I've seen a couple that were a weird, swirled mess of gibberish and clashing colors that messed with my eyes.
Logged

"Everybody's got a price" - 'The Million Dollar Man' Ted DiBiase
Phoenix
Bird of Fire
 

Team Member
Elite (7.5k+)
*********
Posts: 8814

WWW
« Reply #9 on: 2011-11-18, 15:16 »

The whole purpose of the captcha is to make it hard for the machines.  When it becomes too hard for even the users to see what's going on then it's time new approach... hence the clock and other nifty ideas along those lines.  Slipgate - Wink
Logged


I fly into the night, on wings of fire burning bright...
ReBoOt
Mean ol Swede
 
Team Member
Elite
****
Posts: 1294

WWW
« Reply #10 on: 2011-11-22, 23:11 »

Well some captchas are just time wasters..really hate when im surfing the net and have to fill some jibberish captcha type it..its wrong..type it agan..its wrong..starts the swearing oohh look that scewed F is actually an P letter!!

Logged
Tabun
Pixel Procrastinator
 

Team Member
Elite (3k+)
******
Posts: 3330

WWW
« Reply #11 on: 2011-11-23, 02:14 »

Maybe it will be the most cost-effective way of improving AI. Say it gets up to the point where the captcha questions are deep philosophical ones or convoluted appeals to common sense -- and bigtime spammers are actually working to get supercomputers to answer them consistently. Best Turing test ever... ;]
Logged

Tabun ?Morituri Nolumus Mori?
J3E125
 

Spider Mastermind
********
Posts: 407

In cunning 480p!

« Reply #12 on: 2011-11-23, 17:31 »

What Is The Answer To Life=
42
lol Slipgate - WTF
Logged

Phoenix
Bird of Fire
 

Team Member
Elite (7.5k+)
*********
Posts: 8814

WWW
« Reply #13 on: 2011-11-24, 09:50 »

I believe the entire question encompassed "Life, the Universe... Everything".  Now here's something interesting.  If you take the English alphabet and enumerate it, starting with 1, you get this:

A = 1
B = 2
C = 3

And so on and so forth.  Well it just so happens that:

42 = 13 + 1 + 20 + 8, which corresponds to the letters M A T H.

So, the answer to the question is math.
Logged


I fly into the night, on wings of fire burning bright...
J3E125
 

Spider Mastermind
********
Posts: 407

In cunning 480p!

« Reply #14 on: 2011-11-24, 19:22 »

What are you a philosipher? A good one for a bird.
 Slipgate - Cool

Or....
« Last Edit: 2011-11-25, 16:57 by Phoenix » Logged

Pages: [1]
  Print  
 
Jump to: