reCAPTCHA for SMF

[青山 素子]

What is better? This mod or Arantor Captcha?

Whatever modification works better for your situation. Diversity of solutions is the best way to mitigate against automated spamming attempts.

[Arantor]

Well, ArantorCaptcha prevented me from getting more than 3 spam posts in total on arantor.org, but that's in no small part due to the fact that it presents 10 different styles of CAPTCHA including several animated kinds (and the spammer was a human spammer making 3 posts). It is, naturally, discontinued since arantormods.com was closed, and I don't even have the code for the mod on my computer now (it is installed on arantor.org though so I still have it, I guess)

[Antes]

Little Attention : http://www.allspammedup.com/2010/01/google-recaptcha-cracked/

[青山 素子]

Little Attention : http://www.allspammedup.com/2010/01/google-recaptcha-cracked/

Old news. Automated attempts have given way to human-based attempts anyway. The most common forum spamming tool integrates an API to a human-backed service that solves image verification puzzles from multiple sources.The best defense is to use some unique system that prevents mass automated attempts from working.

[Leemy]

Will an RC4 release come soon? Thanks for your help.

[青山 素子]

Will an RC4 release come soon? Thanks for your help.

See:

As soon as I can get to it. Life is fairly hectic for me and has been for some time due to family issues. I wanted to get everything done over the work holiday, but the family issues prevented such.

[Masterd]

Well, ArantorCaptcha prevented me from getting more than 3 spam posts in total on arantor.org, but that's in no small part due to the fact that it presents 10 different styles of CAPTCHA including several animated kinds (and the spammer was a human spammer making 3 posts). It is, naturally, discontinued since arantormods.com was closed, and I don't even have the code for the mod on my computer now (it is installed on arantor.org though so I still have it, I guess)

I still have every mod from Arantormods.

[Arantor]

Yes, but you're not permitted to distribute it.

Anyway, this is getting off topic

[Masterd]

Yes, but you're not permitted to distribute it.

Yes, I know that.

Will an RC4 release come soon? Thanks for your help.

This mod will work on SMF 2.0 RC4. I just modified the package-info.xml.

[Arantor]

* IncognitoMuse waits for Motoko to ask for that to be removed.

[Masterd]

* Masterd waits fo Motoko to update the package-info.xml.

[青山 素子]

* IncognitoMuse waits for Motoko to ask for that to be removed.

Already done. If the folks aren't smart enough to use version emulation, they aren't smart enough to diagnose problems when things go wrong.

* Masterd waits fo Motoko to update the package-info.xml.

There are a few pending bugs I would like to investigate. There is at least one report that this modification breaks the built-in verification questions in 2.0, which needs to be checked.

I got my development environment cleaned up this last weekend, so I can hopefully find time this week or on the weekend to go over things and verify functionality.

I might move reCAPTCHA to be an additional solution in 2.0 instead of replacing the built-in verification, but that will likely not be in the next release.

[kat]

Attachment removed.

[Goad]

I am running 2.0 RC4 with a template. Its positioned left. Where can I modify the code to center it?

[青山 素子]

Depends on how the template is coded. You should ask the designer for that theme.

[Goad]

Depends on how the template is coded. You should ask the designer for that theme.

the template doesnt modify the registration page though

[青山 素子]

the template doesnt modify the registration page though

The CSS for the theme might, however. Does it look okay on Curve?

[Paracelsus]

I reproduce what I just wrote in another topic:

The Recaptcha method must have been cracked because in the last days I've been having dozens of registered spambots. They do no harm because every register must go through an approval process, but it's really annoying to clean them everyday and to try to distinguish from the non-bots. 

[impreza]

great mod, thanks for making it

[青山 素子]

I reproduce what I just wrote in another topic:

The Recaptcha method must have been cracked because in the last days I've been having dozens of registered spambots. They do no harm because every register must go through an approval process, but it's really annoying to clean them everyday and to try to distinguish from the non-bots. 

Old news. Also, it isn't cracked so much as worked-around. The most popular forum spamming software integrates a service called CaptchaBot, which uses humans to solve CAPTCHAs. (The link goes to a security blog that talks about the service.) When a spammer can spend $10 and get access to 10,000 forums, you're going to have trouble.

The best defense is to be unique in your security approach and use defense-in-depth. Being unique will keep the majority of automated attempts from working, while focusing on in-depth measures will stop those that get through and the completely-human spammers.

This modification is just one part of the puzzle and is not the full solution.