"From" name associated with it.I thought all valid feeds with posting privileges were established with
only known and passworded accounts.
Someone could just create an account on a BBS and post it. The message did have a
It's your basic forum spambot, it finds a signup form, does it, logs in,
then does it's evil magic. One of the negative points of having a web
based interface in this new age.
Wouldn't a captcha prevent that?
On 04/05/2020 22:51, NIGHTFOX wrote to OGG:
I thought all valid feeds with posting privileges were established w only known and passworded accounts.
Someone could just create an account on a BBS and post it. The message d have a"From" name associated with it.
It's your basic forum spambot, it finds a signup form, does it, logs in, the does it's evil
magic. One of the negative points of having a web based interface in this n age.
logs in, kevin>> then does it's evil magic. One of the negative points of having a web kevin>> based interface in this new age.
Wouldn't a captcha prevent that?
likely not... in some cases the bots simply OCR the captcha graphic... in others, they send it to a human farm and let them send back the code...
Wouldn't a captcha prevent that?
likely not... in some cases the bots simply OCR the captcha graphic...code...
in others, they send it to a human farm and let them send back the
Nightfox> I don't think OCR is going to help a bot do that, unless Nightfox> there's some AI to find all of what it's asking for in the Nightfox> captcha photo.
that could easily happen... it isn't like they cannot be gathering all the presented pictures, building a library of them, and training code to find the right ones... there's a lot of people out there with way too much time on their hands who are willing to do whatever it takes to get around security in any way they can...
Well OCR is Optical Character Recognition and is meant for recognizing writing. It would need
something other than OCR to recognize shapes of objects & such.
It's your basic forum spambot, it finds a signup form, does it, logs in, then does it's evil magic. One of the negative points of having a web based interface in this new age.
Wouldn't a captcha prevent that?
It's your basic forum spambot, it finds a signup form, does it, logs in, the
does it's evil
magic. One of the negative points of having a web based interface in this n
age.
i took out the ability to apply online, i think other people should consider it
too.
Well OCR is Optical Character Recognition and is meant for
recognizing writing. It would need something other than OCR to
recognize shapes of objects & such.
IIRC they're using this "click on pictures that contain bicycles" data to train AIs / improve pattern recognition, so eventually it'll become a self-defeating technique.
Well OCR is Optical Character Recognition and is meant for recognizing writing. It would need something other than OCR to recognize shapes of objects & such.
It's your basic forum spambot, it finds a signup form, does it, logs
in..
Wouldn't a captcha prevent that?
Sometimes, but honestly not too often. The amount of trash I get through some of my web forms is unreal and that's using Google's reCaptcha, not by choice either some of the other homebrew solutions I had didn't do much.
i know exactly what OCR is, man... these forum spam bots will use it when they can... other times they will get a human involved... then there's the new "pick all the pics with blah" stuff that is easy enough for them to gather all the pics and generate hashes for each one to work with as they
get human feedback to solve... this isn't rocket science, ya know?
i won't even mention the years i've been an operator and moderator of forums that were incessantly attacked by these bots... neither will i mention
that's i've had copies of these bots sent to me at times so i could see what they were doing so as to be able to build defenses against...
Captchas often have you do things like "Find all cars in this photo". I don think OCR is going to help a bot do that, unless there's some AI to find all what it's asking for in the captcha photo.
Re: Re: drivers license/passp
By: Nightfox to Rampage on Wed May 06 2020 08:24:57
Well OCR is Optical Character Recognition and is meant for recognizing writing. It would need something other than OCR to recognize shapes of objects & such.
IIRC they're using this "click on pictures that contain bicycles" data to tr AIs / improve pattern recognition, so eventually it'll become a self-defeati technique.
if you think about it, it cant be THAT hard to create a routine that works the
way our brain does. look at the shape of something to figure out if it's a train or building. or a stop light.
It would be hard to build an AI bot around that especially if you keep randomizing the challenges. Even if the challenge were relayed to a
hacker human as Mark/rampage mentioned, it would get frustrating for them, fast.
What kind of challenges did your system have that you gave up on?
It's easy enough to foil the "gather all the pics and generate hashes" approach by never using the same combination of pics again.
The "gathering all the pics" would be a fruitless project that never
ends if the pics are replaced with new material and the old stuff discarded.
It's a spy .vs. spy, attack, counter-attack scenario. :/
if you think about it, it cant be THAT hard to create a routine that works the way our brain does. look at the shape of something to figure out if it's a train or building. or a stop light.
Re: Re: drivers license/passp
By: echicken to Nightfox on Wed May 06 2020 11:59 am
Re: Re: drivers license/passp
By: Nightfox to Rampage on Wed May 06 2020 08:24:57
Well OCR is Optical Character Recognition and is meant for recognizi writing. It would need something other than OCR to recognize shapes objects & such.
IIRC they're using this "click on pictures that contain bicycles" data to AIs / improve pattern recognition, so eventually it'll become a self-defe technique.
if you think about it, it cant be THAT hard to create a routine that works t way our brain does. look at the shape of something to figure out if it's a train or building. or a stop light.
I'd like to see a captcha which requires you to finish a small Doom level. It >would be more fun than clicking squares with bikes, and the AI can't do this >yet.
It would be hard to build an AI bot around that especially if you keep randomizing the challenges. Even if the challenge were relayed to a hacker human as Mark/rampage mentioned, it would get frustrating for them, fast.
What kind of challenges did your system have that you gave up on?
equations, hidden fields, random words, etc they all get you in the
end. For the BBS I just gave up, accounts have to email me directly off
system to get validated and if they don't then they can't login.
Rampage wrote to Dennisk <=-
Re: Re: drivers license/passp
By: Dennisk to Ogg on Thu May 07 2020 13:02:04
Dennisk> I'd like to see a captcha which requires you to finish a
small
Dennisk> Doom level. It would be more fun than clicking squares with
Dennisk> bikes,
for sighted people, it might be... if they are into games... and then there are those missing limbs that have to use special means to do
things (eg: mouth sticks)...
Dennisk> and the AI can't do this yet.
you might be surprised ;)
https://www.cmu.edu/news/stories/archives/2016/september/AI-agent-surviv es-doom.html
https://kotaku.com/doom-bot-learns-to-play-better-than-humans-1787188415
https://www.sciencealert.com/controversial-ai-has-been-trained-to-kill-h umans-in-a-doom-deathmatch
)\/(ark
---
= Synchronet = The SouthEast Star Mail HUB - SESTAR
equations, hidden fields, random words, etc they all get you in the
end. For the BBS I just gave up, accounts have to email me directly off
system to get validated and if they don't then they can't login.
Wait until they automate those emails! :(
Meanwhile, WordPress's registration process seems to work well if a user is forced to register before thay are allowed to post.
It's been two years now, but one site that I built for a teacher-friend from highschool has remained spam free. Registration is totally automated and throws the responsibility back to the applicant. Sofar, no fake user login attempts.
http://thetimetraveller.ca
The fellow is an avid outdoorsman, and loves to chronicle his experiences and tell a tale.
I let him loose on creating his own posts and incorporating images. The images probably need better organizing. But I am glad we don't have to deal with spam or fake registrations.
KEVIN wrote to NIGHTFOX <=-That is why I do not give posting access to networked areas to new users.
It's your basic forum spambot, it finds a signup form, does it, logs
in, then does it's evil magic. One of the negative points of having a
web based interface in this new age.
That is why I do not give posting access to networked areas to new users.
They have to send me a two sentence letter to me to get their account validated to eitherThat is why I do not give posting access to networked areas to new users.
Do you give new users a trial period where you watch their activity or something?
Do you give new users a trial period where you watch their activity
or something?
They have to send me a two sentence letter to me to get their account validated to either handle user or validated user.
Re: Re: drivers license/passp
By: MATTHEW MUNSON to NIGHTFOX on Sun May 10 2020 10:24 am
By "letter", usually I think of a physical written/printed letter in the mail, but I suppose this in this case it might be an email?
Sysop: | echicken |
---|---|
Location: | Toronto, Ontario |
Users: | 2,224 |
Nodes: | 6 (0 / 6) |
Uptime: | 208:05:02 |
Calls: | 14,142 |
Files: | 295 |
Messages: | 551,087 |