- From: Jonathan Garbee <jonathan.garbee@gmail.com>
- Date: Thu, 23 May 2013 13:40:22 -0400
- To: "public-webplatform@w3.org" <public-webplatform@w3.org>
- Message-ID: <CANQy2y3dK6LmfMYW4SAkA0oQzqQqixxXc6DJbCMWX6krWoFT3g@mail.gmail.com>
They are using QuestyCaptcha (the first thing I am implementing) as well. Our current captcha does nothing, it is always 2+3 which any bot can figure out and put in (or just be told what to do.) Fighting spam has no golden bullet except only allowing confirmed people to edit (but that gets insane and increases barrier to entry.) Yes, we need to improve our AbuseFilters which frozenice and I are working on. The MicroFormats wiki is also having horrible spam issues, I'm going to try and work with them on filters and port them over to WPD (and visa-versa if we have some they don't.) That way each wiki can get better. Someone in the MicroFormats IRC channel mentioned they help admin a wiki as well, so we should be able to get some better filters in place. We still need to stop account creation though, which is where the captcha system comes in. The effectiveness of captchas and AbuseFilters for wiki goes without saying. They are two very well-known and effective tools. They just need to be used together to get the most benefit. All the spam accounts just being made is putting extra load on our infrastructure since we are storing the crap data and backing it up. :/ On Thu, May 23, 2013 at 12:33 PM, Julee Burdekin <jburdeki@adobe.com> wrote: > Hi, Garbee: > > Just saw on MediaWiki-l thread that someone has had relative success with AbuseFilter.[1] > > > Julee > [1] http://lists.wikimedia.org/pipermail/mediawiki-l/2013-May/041202.html > > ---------------------------- > julee@adobe.com > @adobejulee > > From: Jonathan Garbee <jonathan.garbee@gmail.com> > Date: Monday, May 20, 2013 9:50 AM > To: "public-webplatform@w3.org" <public-webplatform@w3.org> > Subject: Broken captcha > Resent-From: <public-webplatform@w3.org> > Resent-Date: Monday, May 20, 2013 9:51 AM > > As infrastructure issue 26 [1] describes the captcha system is really not > working at all. For the time being I am going to try and resolve the > situation with the QuestyCaptcha method. This is a static associative array > which sets questions and answers to be selected from. We can make it more > dynamic of course since it is just PHP. In fact one thing I am thinking is > a question that generates a random 4 digit number and asks for it in > reverse. > > That is a good short-term fix and possibly even medium to long-term as > well. However, if people actually end up targeting WPD, then this kind of a > system can be pretty easily figured out each time the array of > questions/answers is changed. So it may be necessary at some point to > simply use the reCaptcha method. > > Should we simply go with QuestyCaptcha until it becomes an issue or use > recaptcha from the start? Further, does anyone have any suggestions on > other ways we could mitigate bot account creation and spamming of the docs? > > Thanks, > -Garbee > > [1] http://project.webplatform.org/infrastructure/issues/26 >
Received on Thursday, 23 May 2013 17:40:55 UTC