The Portable Freeware Collection Forums

m^(2) wrote:Well, I've been using some forums for years w/out posting...so I'm not into such methods.

Agree!

There's another problem. Certain users never post, but are very active in the comments section.

On some forums if a user doesn't log in for 30 days then an email is sent to him to login within some days or his account will be deleted.

Maybe add a disclaimer at sign-up that if you don't post within the first 3 months your account will be closed.

I think we can add some info after sign up asking new users to post a hello message at the Chit-Chat section. That way, as long as they have at least a single message in the forum, they will not be purged. Spammers presumably will not bother with such etiquette.

Good idea Andrew.

Andrew Lee wrote:

Maybe add a disclaimer at sign-up that if you don't post within the first 3 months your account will be closed.

I think we can add some info after sign up asking new users to post a hello message at the Chit-Chat section. That way, as long as they have at least a single message in the forum, they will not be purged. Spammers presumably will not bother with such etiquette.

Well, I'm not convinced that many of these who come to forums with an intention to just listen will bother to say hello...

m^(2) wrote:I'm not convinced that many of these who come to forums with an intention to just listen will bother to say hello...

Why would they then register in the first place... reading TPFC content is hassle free

Andrew Lee wrote:Just did a prune on users who have not logged in for the past 3 months with 0 posts.

Now I will just sit back and wait for complaints from users asking why they cannot log in.

319 new users since then.

Can you check how many of them attempted at posting (spam) to the forums?

I am Baas wrote:

m^(2) wrote:I'm not convinced that many of these who come to forums with an intention to just listen will bother to say hello...

Why would they then register in the first place... reading TPFC content is hassle free

To have the forum software track what I've read and what I haven't.

Can you check how many of them attempted at posting (spam) to the forums?

Only 1 legit post in the past 2 days.

I performed some experiments today. Thought you guys might find it interesting.

First I was wondering if there is a loop hole in reCaptcha, which is allowing the spammers to sign up easily.

So I switch over to Q&A format and entered some easy questions (eg. what is the color of snow?)

The spammers were still coming in.

Then I began to wonder if there is a loophole in the registration process of phpBB that is allowing the spammers to bypass the botcheck.

So I make the answer gibberish (eg. instead of "white", it became "aksdhka").

Not a single spammer came through this time.

So the answer is clear. Like the article I read in Wired, the spammers are definitely using low cost workers in India or elsewhere to solve the reCaptcha or Q&A. I guessed as much because the reCaptchas are OCR segments with no easy answer in the first place, and I'd be surprised if they didn't patch up any security holes.

Then I got curious and wonder what kind of trouble they'd go through to answer a question. How about one Google search? So I updated the questions with harder ones like "How many states are there in the US?", or "How many symphonies did Beethoven compose?"

The spammers were still coming in, but at a reduced rate this time. Unscientifically, it's about 30% reduction. So some of your low cost third world workers are still quite eager to earn their pay.

So now the questions have been replaced with more "personal" ones eg. "Who is the founder of TPFC?"

Since then, not a single spammer yet. Maybe it really is too much trouble this time.

I'm still curious to know if the remarkable increase in the number of spammers since the debut of the new design has been a mere coincidence or whether, by contrast, it has been caused because, somewhere, a greater traffic to the site has been detected...

Well, there is a "Register" link on top which is new, only the "Login" link was there before.

Since most captcha breaking services just show the worker the captcha /or question then possibly something as simple as what is this sites address would suffice.

I am Baas wrote:

m^(2) wrote:I'm not convinced that many of these who come to forums with an intention to just listen will bother to say hello...

Why would they then register in the first place... reading TPFC content is hassle free

I'm one of those forum members who never post, though I do contribute a comment now and then, usually about an incorrect link. I joined the forum, as much as anything else, because I wanted to be able to easily see member points any given piece of software had earned, and also because I like to read some of the discussions even if I don't have anything in particular to add.