Re: forum.dlang.org is now using DCaptcha
On Thursday, 11 December 2014 at 00:35:13 UTC, Martin Nowak wrote: On 12/02/2014 10:41 PM, Vladimir Panteleev wrote: Although forum.dlang.org has had a spam check and used reCAPTCHA since it was announced, it is only somewhat effective against fully-automated bots - it is powerless against humans paid to post spamverts on forums web-wide, which is what the current spam economy seems to be gravitating towards. Ha ha, my first thought was, can't you use something else than reCAPTCHA, which is also known for tracking. Good idea, but the demo site is down right now :(. http://wiki.dlang.org/extensions/DCaptcha/demo.php Ah, fixed. Broke that when I updated to the easy version.
Re: forum.dlang.org is now using DCaptcha
Good idea, but the demo site is down right now :(. http://wiki.dlang.org/extensions/DCaptcha/demo.php Ah, fixed. Broke that when I updated to the easy version. Nice one, failed the first try :). You should probably reload on failure, or maybe only after the 3rd attempt or so. Looks like you ruled out at least half of the spammers. http://blog.codinghorror.com/separating-programming-sheep-from-non-programming-goats/
Re: forum.dlang.org is now using DCaptcha
On Thursday, 11 December 2014 at 11:04:09 UTC, Martin Nowak wrote: Good idea, but the demo site is down right now :(. http://wiki.dlang.org/extensions/DCaptcha/demo.php Ah, fixed. Broke that when I updated to the easy version. Nice one, failed the first try :). You should probably reload on failure, or maybe only after the 3rd attempt or so. This is a very simple demo page (you can even see the answers in the HTML source code). The forum will give you a different question on a wrong answer, as well as invite the user to reload the page to get a different challenge. Hopefully I can find the regression and make it live again soon.
Re: forum.dlang.org is now using DCaptcha
What will be the return value of the following function?
int y()
{
int d = 31, baz = 5;
baz--;
d /= baz;
return d;
}
Oh, the irony! Asking people to prove they're human by making them to
complete a task that is usually done by machines. :-)
--bb
On Thu, Dec 11, 2014 at 4:26 AM, Vladimir Panteleev via
Digitalmars-d-announce digitalmars-d-announce@puremagic.com wrote:
On Thursday, 11 December 2014 at 11:04:09 UTC, Martin Nowak wrote:
Good idea, but the demo site is down right now :(.
http://wiki.dlang.org/extensions/DCaptcha/demo.php
Ah, fixed. Broke that when I updated to the easy version.
Nice one, failed the first try :).
You should probably reload on failure, or maybe only after the 3rd
attempt or so.
This is a very simple demo page (you can even see the answers in the HTML
source code). The forum will give you a different question on a wrong
answer, as well as invite the user to reload the page to get a different
challenge.
Hopefully I can find the regression and make it live again soon.
Re: forum.dlang.org is now using DCaptcha
On 12/11/2014 07:51 PM, Bill Baxter via Digitalmars-d-announce wrote: Oh, the irony! Asking people to prove they're human by making them to complete a task that is usually done by machines. :-) Let's hope the spammers don't get clever enough to let our machines (dpaste or drepl) solve that task for them. You should add random syntax mistakes Vladimir ;).
Re: forum.dlang.org is now using DCaptcha
On Tuesday, 9 December 2014 at 18:23:26 UTC, deadalnix wrote: Hijacking this thread. Captcha is still not working on https :( Sorry, had to revert to an earlier version due to an unrelated regression. It's back on reCaptcha now. The new one should work on HTTPS once I'll find and fix the regression, though.
Re: forum.dlang.org is now using DCaptcha
On 12/02/2014 10:41 PM, Vladimir Panteleev wrote: Although forum.dlang.org has had a spam check and used reCAPTCHA since it was announced, it is only somewhat effective against fully-automated bots - it is powerless against humans paid to post spamverts on forums web-wide, which is what the current spam economy seems to be gravitating towards. Ha ha, my first thought was, can't you use something else than reCAPTCHA, which is also known for tracking. Good idea, but the demo site is down right now :(. http://wiki.dlang.org/extensions/DCaptcha/demo.php
Re: forum.dlang.org is now using DCaptcha
Hijacking this thread. Captcha is still not working on https :(
Re: forum.dlang.org is now using DCaptcha
I removed all the harder challenges, so y'all can now stop complaining. Sorry. There are now only 2 simple questions. Pull requests welcome.
Re: forum.dlang.org is now using DCaptcha
On Thursday, 4 December 2014 at 02:48:07 UTC, MattCoder wrote: On Tuesday, 2 December 2014 at 21:41:28 UTC, Vladimir Panteleev wrote: Although forum.dlang.org has had a spam check and used reCAPTCHA since it was announced, it is only somewhat effective against fully-automated bots - it is powerless against humans paid to post spamverts on forums web-wide, which is what the current spam economy seems to be gravitating towards. Coincidence? :) http://googleonlinesecurity.blogspot.com.br/2014/12/are-you-robot-introducing-no-captcha.html Yep. I've heard about it, but it would still allow non-bot spammers in.
Re: forum.dlang.org is now using DCaptcha
On Thursday, 4 December 2014 at 02:29:39 UTC, Faux Amis wrote: This has to be a joke! I couldn't answer a single question: What is the name of the D language syntax feature illustrated in the following fragment of D code? string a = x5095 f9 95d723c2; Seems like hex to me What is the name of the D language syntax feature illustrated in the following fragment of D code? /+ t = w * g; /+ t = 47; +/ +/ Those look like comments to me The test doesn't differentiate between human and robot. It tries to differentiate between human wanting to learn D and one not wanting.
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 19:42:39 UTC, Ary Borenszweig
wrote:
On 12/2/14, 6:41 PM, Vladimir Panteleev wrote:
Enter DCaptcha
I think this could work with just two or three variants of a
question. Always ask what's the return value of the function.
1. int foo() { return 8 % 3; }
I don't think non-programmers know what that '%' symbol is, but
programmers of any language would recognize this.
2. int foo() { int x = 8; x++; x++; return x; }
I don't think non-programmers would guess ++ is increment, but
programmers most probably know it.
These are very similar to two of the existing challenges.
3. bool foo() { return 42 != 30 };
I don't think non-programmers know what != is.
This one has the issue that it can have only two possible
answers. Should one spammer learn that true is a possible
answer, they can have 50% success solving this question.
(Probably not an issue in practice, considering there are other
challenges, though).
Re: forum.dlang.org is now using DCaptcha
On Thursday, 4 December 2014 at 04:02:49 UTC, Mike wrote: I had to maintain a technical forum last year that was getting spammed like crazy. I added the question how many bits are in a byte?, and the spam vanished. Based on that experience, I think the bar can be set very low. The Wiki had a similar question before DCaptcha. Got spammed.
Re: forum.dlang.org is now using DCaptcha
On Thursday, 4 December 2014 at 08:20:27 UTC, Kagamin wrote: On Thursday, 4 December 2014 at 02:29:39 UTC, Faux Amis wrote: tries to differentiate between human wanting to learn D and one not wanting. the latter is just a myth...
Re: forum.dlang.org is now using DCaptcha
On Thursday, 4 December 2014 at 10:39:25 UTC, eles wrote: On Thursday, 4 December 2014 at 08:20:27 UTC, Kagamin wrote: On Thursday, 4 December 2014 at 02:29:39 UTC, Faux Amis wrote: tries to differentiate between human wanting to learn D and one not wanting. the latter is just a myth... LOL
Re: forum.dlang.org is now using DCaptcha
On Tuesday, 2 December 2014 at 21:41:28 UTC, Vladimir Panteleev wrote: Enter DCaptcha, a question-answer challenge tailored for D programmers. Its goals are to challenge posters of suspicious-looking content with questions that should be easy to answer to D programmers, and impossible for non-technical people with no incentive to learn or research stuff (i.e. spammers). DCaptcha is already in use on the D wiki (wiki.dlang.org), with great success - DCaptcha's debut cut the short-lived explosion in wiki spam to zero. I think this is a bad idea because developers new to the language will be turned away. Also i think a lot of these 'easy' questions are just too hard. I've tried the demo and found it fustrating that i need a few trys to get them right.
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 08:24:46 UTC, Gary Willoughby wrote: On Tuesday, 2 December 2014 at 21:41:28 UTC, Vladimir Panteleev wrote: Enter DCaptcha, a question-answer challenge tailored for D programmers. Its goals are to challenge posters of suspicious-looking content with questions that should be easy to answer to D programmers, and impossible for non-technical people with no incentive to learn or research stuff (i.e. spammers). DCaptcha is already in use on the D wiki (wiki.dlang.org), with great success - DCaptcha's debut cut the short-lived explosion in wiki spam to zero. I think this is a bad idea because developers new to the language will be turned away. Also i think a lot of these 'easy' questions are just too hard. I've tried the demo and found it fustrating that i need a few trys to get them right. Got it. But we're not going back to reCAPTCHA either. I'm tired of deleting spam by hand. Please suggest some ideas (or better, send pull requests).
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 08:28:25 UTC, Vladimir Panteleev wrote: Got it. But we're not going back to reCAPTCHA either. I'm tired of deleting spam by hand. Please suggest some ideas (or better, send pull requests). I got fed up of having spam on an old blog so i implemented a simple question, click on Darth Vader. Then i had lots of little images of film icons and would not post anything until Darth Vader was correctly selected. This sounds simple but the order of the images was randomised to stop bots and humans didn't seem to get it. Also if the wrong icon was selected, i presented a countdown on the page of 2 minutes letting them know this is a anti-spam measure and they can't post until the timer reached zero. Anyone managing to post spam to the blog was IP logged and always redirected to the countdown (once redirected and once the countdown reached zero it always reset forever to make it extremely frustrating for them). Yes you have to put in the effort to log IP's but i found there were very few persistent spammers. It honestly stopped all spam on my old blog.
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 07:46:42 UTC, Brad Anderson wrote: I could add links to DPaste and the #d IRC channel. Both good ideas. Done. You can see this here: http://forum.dlang.org/reply/qpfcqedcbkipjllnk...@forum.dlang.org (just click Send) If it's that low than I'm not worried about it anymore. The captcha was just very familiar to me before you fixed the IP address problem. It was caused by a bug, not some heuristic false positive... I'd have fixed it if I knew about it.
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 08:51:13 UTC, Gary Willoughby wrote: On Wednesday, 3 December 2014 at 08:28:25 UTC, Vladimir Panteleev wrote: Got it. But we're not going back to reCAPTCHA either. I'm tired of deleting spam by hand. Please suggest some ideas (or better, send pull requests). I got fed up of having spam on an old blog so i implemented a simple question, click on Darth Vader. Then i had lots of little images of film icons and would not post anything until Darth Vader was correctly selected. This sounds simple but the order of the images was randomised to stop bots and humans didn't seem to get it. Also if the wrong icon was selected, i presented a countdown on the page of 2 minutes letting them know this is a anti-spam measure and they can't post until the timer reached zero. Anyone managing to post spam to the blog was IP logged and always redirected to the countdown (once redirected and once the countdown reached zero it always reset forever to make it extremely frustrating for them). Yes you have to put in the effort to log IP's but i found there were very few persistent spammers. It honestly stopped all spam on my old blog. I'm seeing a very large variation of IPs here. The humans seem to be connecting through a botnet, or a large open proxy directory. 125 IPs banned so far on the forum, for all the good that did. I suppose I could now clear the banlist, so that any future visitors happening to have those IPs are not turned away. For my personal blog, the Anti-spam plugin (with no additional configuration) seems to work fine for now, but it relies on its relative obscurity. No canned solution would be suitable for an active forum, it's too high-profile of a target.
Re: forum.dlang.org is now using DCaptcha
For an idea of what sort of questions DCaptcha asks, you can demo it on the following page, so you don't have to clutter the I think all code fragments should have just one exact answer (like number or single word) a any programmer without specific D knowledge should be able to answer them correctly. Asking for D feature names in not good IMHO.
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 00:56:12 UTC, Brad Anderson
wrote:
Maybe make the ones on d.learn extremely simple.
---
What does the follow program print?
void main()
{
import std.stdio : writeln;
writeln(foo);
}
---
No algorithms, no math. Just extremely basic stuff. Nobody, not
even our weirdly efficient resident furniture spam bot is going
to take the time to write a bot to answer a question like that.
Bots don't write bots, lol.
I think, a little math doesn't hurt.
void main()
{
int a, b=2;
a++;
a = a+b+1;
writeln(foo,a);
}
Re: forum.dlang.org is now using DCaptcha
On 2014-12-03 14:02, Martin Krejcirik wrote:
Asking for D feature names in not good IMHO.
I agree. I try the demo at got a question about what this feature is called:
auto u = new class M {};
Exactly what is referred to here? The type inference or the anonymous
class? The answer is anonymous class.
--
/Jacob Carlborg
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 09:00:25 UTC, Vladimir Panteleev wrote: On Wednesday, 3 December 2014 at 07:46:42 UTC, Brad Anderson wrote: I could add links to DPaste and the #d IRC channel. Both good ideas. Done. You can see this here: http://forum.dlang.org/reply/qpfcqedcbkipjllnk...@forum.dlang.org (just click Send) If it's that low than I'm not worried about it anymore. The captcha was just very familiar to me before you fixed the IP address problem. It was caused by a bug, not some heuristic false positive... I'd have fixed it if I knew about it. I mentioned it a few times in IRC but you were probably asleep. Should have used .note.
Re: forum.dlang.org is now using DCaptcha
On 12/2/14, 6:41 PM, Vladimir Panteleev wrote:
Enter DCaptcha
I think this could work with just two or three variants of a question.
Always ask what's the return value of the function.
1. int foo() { return 8 % 3; }
I don't think non-programmers know what that '%' symbol is, but
programmers of any language would recognize this.
2. int foo() { int x = 8; x++; x++; return x; }
I don't think non-programmers would guess ++ is increment, but
programmers most probably know it.
3. bool foo() { return 42 != 30 };
I don't think non-programmers know what != is.
Re: forum.dlang.org is now using DCaptcha
On Wed, 03 Dec 2014 14:47:09 +0100
Jacob Carlborg via Digitalmars-d-announce
digitalmars-d-announce@puremagic.com wrote:
On 2014-12-03 14:02, Martin Krejcirik wrote:
Asking for D feature names in not good IMHO.
I agree. I try the demo at got a question about what this feature is called:
auto u = new class M {};
Exactly what is referred to here? The type inference or the anonymous
class? The answer is anonymous class.
besides, it's not anonymous, it has a name!
signature.asc
Description: PGP signature
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 20:19:34 UTC, ketmar via
Digitalmars-d-announce wrote:
On Wed, 03 Dec 2014 14:47:09 +0100
Jacob Carlborg via Digitalmars-d-announce
digitalmars-d-announce@puremagic.com wrote:
On 2014-12-03 14:02, Martin Krejcirik wrote:
Asking for D feature names in not good IMHO.
I agree. I try the demo at got a question about what this
feature is called:
auto u = new class M {};
Exactly what is referred to here? The type inference or the
anonymous class? The answer is anonymous class.
besides, it's not anonymous, it has a name!
The type is anonymous.
I agree that this is not a good question :) I'll remove it
(probably along with the rest of the name this feature ones).
Re: forum.dlang.org is now using DCaptcha
On Wed, 03 Dec 2014 20:22:31 +
Vladimir Panteleev via Digitalmars-d-announce
digitalmars-d-announce@puremagic.com wrote:
On Wednesday, 3 December 2014 at 20:19:34 UTC, ketmar via
Digitalmars-d-announce wrote:
On Wed, 03 Dec 2014 14:47:09 +0100
Jacob Carlborg via Digitalmars-d-announce
digitalmars-d-announce@puremagic.com wrote:
On 2014-12-03 14:02, Martin Krejcirik wrote:
Asking for D feature names in not good IMHO.
I agree. I try the demo at got a question about what this
feature is called:
auto u = new class M {};
Exactly what is referred to here? The type inference or the
anonymous class? The answer is anonymous class.
besides, it's not anonymous, it has a name!
The type is anonymous.
so what that M after `class` means then? anonymous with a name,
that's cool! ;-)
signature.asc
Description: PGP signature
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 21:26:19 UTC, ketmar via
Digitalmars-d-announce wrote:
On Wed, 03 Dec 2014 20:22:31 +
Vladimir Panteleev via Digitalmars-d-announce
digitalmars-d-announce@puremagic.com wrote:
On Wednesday, 3 December 2014 at 20:19:34 UTC, ketmar via
Digitalmars-d-announce wrote:
On Wed, 03 Dec 2014 14:47:09 +0100
Jacob Carlborg via Digitalmars-d-announce
digitalmars-d-announce@puremagic.com wrote:
auto u = new class M {};
Exactly what is referred to here? The type inference or the
anonymous class? The answer is anonymous class.
besides, it's not anonymous, it has a name!
The type is anonymous.
so what that M after `class` means then? anonymous with a
name,
that's cool! ;-)
That's the name of the parent class :)
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 13:02:35 UTC, Martin Krejcirik wrote: I think all code fragments should have just one exact answer (like number or single word) a any programmer without specific D knowledge should be able to answer them correctly. Asking for D feature names in not good IMHO. I agree. Matheus.
Re: forum.dlang.org is now using DCaptcha
This has to be a joke!
I couldn't answer a single question:
What is the name of the D language syntax feature illustrated in the following
fragment of D code?
string a = x5095 f9 95d723c2;
Seems like hex to me
What is the name of the D language syntax feature illustrated in the following
fragment of D code?
/+ t = w * g; /+ t = 47; +/ +/
Those look like comments to me
What is the name of the D language syntax feature illustrated in the following
fragment of D code?
auto h = new class C {};
Ah, finally one I understand. Wait, you want the name? No clue, have to
look it up.
What will be the return value of the following function?
int b()
{
return iota(29).reduce!max;
}
iota.. yeah I have heard of it, never used it though.
CAPTCHAs: Simple for humans, difficult for computer; Or the other way
around apparently.
On Tue 02/12/2014 22:41, Vladimir Panteleev wrote:
I'm sure you all are as tired of the occasional spam that hits these
lists as I was deleting it. (Mailing list users in particular, I guess,
since we can't delete an email once it was sent out.) Most of the spam
was coming in through the forum, so I suppose I was responsible for
[not] keeping it out.
Although forum.dlang.org has had a spam check and used reCAPTCHA since
it was announced, it is only somewhat effective against fully-automated
bots - it is powerless against humans paid to post spamverts on forums
web-wide, which is what the current spam economy seems to be gravitating
towards.
Enter DCaptcha, a question-answer challenge tailored for D programmers.
Its goals are to challenge posters of suspicious-looking content with
questions that should be easy to answer to D programmers, and impossible
for non-technical people with no incentive to learn or research stuff
(i.e. spammers). DCaptcha is already in use on the D wiki
(wiki.dlang.org), with great success - DCaptcha's debut cut the
short-lived explosion in wiki spam to zero.
For an idea of what sort of questions DCaptcha asks, you can demo it on
the following page, so you don't have to clutter the forum with test posts:
http://wiki.dlang.org/extensions/DCaptcha/demo.php
Source code:
https://github.com/CyberShadow/dcaptcha
Pull requests for more challenges are welcome. You can find some goals
for new challenges at the top of dcaptcha.d.
Previous discussion (w.r.t. the D wiki):
http://forum.dlang.org/post/tpflbvlfutjwyvqmo...@forum.dlang.org
Re: forum.dlang.org is now using DCaptcha
On Tuesday, 2 December 2014 at 21:41:28 UTC, Vladimir Panteleev wrote: Although forum.dlang.org has had a spam check and used reCAPTCHA since it was announced, it is only somewhat effective against fully-automated bots - it is powerless against humans paid to post spamverts on forums web-wide, which is what the current spam economy seems to be gravitating towards. Coincidence? :) http://googleonlinesecurity.blogspot.com.br/2014/12/are-you-robot-introducing-no-captcha.html Matheus.
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 19:42:39 UTC, Ary Borenszweig
wrote:
On 12/2/14, 6:41 PM, Vladimir Panteleev wrote:
Enter DCaptcha
I think this could work with just two or three variants of a
question. Always ask what's the return value of the function.
1. int foo() { return 8 % 3; }
I don't think non-programmers know what that '%' symbol is, but
programmers of any language would recognize this.
2. int foo() { int x = 8; x++; x++; return x; }
I don't think non-programmers would guess ++ is increment, but
programmers most probably know it.
3. bool foo() { return 42 != 30 };
I don't think non-programmers know what != is.
I had to maintain a technical forum last year that was getting
spammed like crazy. I added the question how many bits are in a
byte?, and the spam vanished. Based on that experience, I think
the bar can be set very low.
I prefer something like the examples above. Honestly, I don't
know what the names of many syntax features are, but I usually
know how to use and interpret them. But, one positive side
effect of this is that if I ever do get challenged with a what
is the name of this feature? question, I will finally be
motivated to go look it up.
Mike
Re: forum.dlang.org is now using DCaptcha
On Thu, 04 Dec 2014 04:02:46 + Mike via Digitalmars-d-announce digitalmars-d-announce@puremagic.com wrote: I had to maintain a technical forum last year that was getting spammed like crazy. I added the question how many bits are in a byte? six. am i failed? signature.asc Description: PGP signature
Re: forum.dlang.org is now using DCaptcha
On 4/12/2014 8:13 p.m., ketmar via Digitalmars-d-announce wrote: On Thu, 04 Dec 2014 04:02:46 + Mike via Digitalmars-d-announce digitalmars-d-announce@puremagic.com wrote: I had to maintain a technical forum last year that was getting spammed like crazy. I added the question how many bits are in a byte? six. am i failed? Google is your friend. https://www.google.co.nz/webhp?sourceid=chrome-instantion=1espv=2ie=UTF-8#q=1+byte+to+bits
Re: forum.dlang.org is now using DCaptcha
On 2014-12-03 23:39, Vladimir Panteleev wrote: That's the name of the parent class :) Or interface, if I recall correctly. -- /Jacob Carlborg
Re: forum.dlang.org is now using DCaptcha
On Thu, 04 Dec 2014 20:31:47 +1300 Rikki Cattermole via Digitalmars-d-announce digitalmars-d-announce@puremagic.com wrote: On 4/12/2014 8:13 p.m., ketmar via Digitalmars-d-announce wrote: On Thu, 04 Dec 2014 04:02:46 + Mike via Digitalmars-d-announce digitalmars-d-announce@puremagic.com wrote: I had to maintain a technical forum last year that was getting spammed like crazy. I added the question how many bits are in a byte? six. am i failed? Google is your friend. why not Knuth? Knuth is my friend, and MIX byte is of 6 bits. signature.asc Description: PGP signature
Re: forum.dlang.org is now using DCaptcha
On 12/02/2014 01:41 PM, Vladimir Panteleev wrote: impossible for non-technical people with no incentive to learn or research stuff I hope this will not alienate complete beginners. They should be able to talk to us on the D.learn newsgroup. For an idea of what sort of questions DCaptcha asks, you can demo it on the following page, so you don't have to clutter the forum with test posts: http://wiki.dlang.org/extensions/DCaptcha/demo.php Ouch. I could pass the first question in two tries but I can't pass the second one. :) Ali
Re: forum.dlang.org is now using DCaptcha
On Tuesday, 2 December 2014 at 21:53:15 UTC, Ali Çehreli wrote: On 12/02/2014 01:41 PM, Vladimir Panteleev wrote: impossible for non-technical people with no incentive to learn or research stuff I hope this will not alienate complete beginners. They should be able to talk to us on the D.learn newsgroup. I hope so too! The CAPTCHA only triggers on a spam check fail, which should not occur for normal forum content. For an idea of what sort of questions DCaptcha asks, you can demo it on the following page, so you don't have to clutter the forum with test posts: http://wiki.dlang.org/extensions/DCaptcha/demo.php Ouch. I could pass the first question in two tries but I can't pass the second one. :) They're randomly generated, so I don't know which one that would be. Either way, refresh to get a different one (this works on the forum, too).
Re: forum.dlang.org is now using DCaptcha
On 12/02/2014 01:56 PM, Vladimir Panteleev wrote: The CAPTCHA only triggers on a spam check fail, which should not occur for normal forum content. Ok, that sounds great. Ouch. I could pass the first question in two tries but I can't pass the second one. :) They're randomly generated, so I don't know which one that would be. It was this one: https://github.com/CyberShadow/dcaptcha/blob/master/dcaptcha.d#L87 I think I figured it out: After two failed attempts, I accepted Firefox's Prevent this page from creating additional dialogs offer. The problem is, when I do that, I don't see the Correct! dialog either and remain on the page without any indication that I guessed correctly. :p Either way, refresh to get a different one (this works on the forum, too). That worked. Ali
Re: forum.dlang.org is now using DCaptcha
I got stumped on the delimited string question, but I was able to get the answer by viewing the page source in my web browser. -Eric On Tuesday, 2 December 2014 at 21:41:28 UTC, Vladimir Panteleev wrote: I'm sure you all are as tired of the occasional spam that hits these lists as I was deleting it. (Mailing list users in particular, I guess, since we can't delete an email once it was sent out.) Most of the spam was coming in through the forum, so I suppose I was responsible for [not] keeping it out. Although forum.dlang.org has had a spam check and used reCAPTCHA since it was announced, it is only somewhat effective against fully-automated bots - it is powerless against humans paid to post spamverts on forums web-wide, which is what the current spam economy seems to be gravitating towards. Enter DCaptcha, a question-answer challenge tailored for D programmers. Its goals are to challenge posters of suspicious-looking content with questions that should be easy to answer to D programmers, and impossible for non-technical people with no incentive to learn or research stuff (i.e. spammers). DCaptcha is already in use on the D wiki (wiki.dlang.org), with great success - DCaptcha's debut cut the short-lived explosion in wiki spam to zero. For an idea of what sort of questions DCaptcha asks, you can demo it on the following page, so you don't have to clutter the forum with test posts: http://wiki.dlang.org/extensions/DCaptcha/demo.php Source code: https://github.com/CyberShadow/dcaptcha Pull requests for more challenges are welcome. You can find some goals for new challenges at the top of dcaptcha.d. Previous discussion (w.r.t. the D wiki): http://forum.dlang.org/post/tpflbvlfutjwyvqmo...@forum.dlang.org
Re: forum.dlang.org is now using DCaptcha
I suppose one way to cheat is to just compile and run the code.
Re: forum.dlang.org is now using DCaptcha
Vladimir Panteleev: http://wiki.dlang.org/extensions/DCaptcha/demo.php Very nice, we can help spammers learn some D and become some day valid D developers :-) Bye, bearophile
Re: forum.dlang.org is now using DCaptcha
On Tuesday, 2 December 2014 at 21:56:31 UTC, Vladimir Panteleev
wrote:
[snip]
I hope so too! The CAPTCHA only triggers on a spam check fail,
which should not occur for normal forum content.
I get the captcha every single time I post at home. I suspect
it's because I'm on IPv6. Everything else about home and work is
almost identical (same browser versions, same extensions, same
ISP, same OS, almost the same hardware).
It frequently takes me a few attempts on these and I've been
following the language for years (mostly because of simple
mistake in my math or something like forgetting iota has an open
right boundary).
Maybe make the ones on d.learn extremely simple.
---
What does the follow program print?
void main()
{
import std.stdio : writeln;
writeln(foo);
}
---
No algorithms, no math. Just extremely basic stuff. Nobody, not
even our weirdly efficient resident furniture spam bot is going
to take the time to write a bot to answer a question like that.
Re: forum.dlang.org is now using DCaptcha
Asking for feature names is a very bad choice, you're essentially excluding all beginners and it's almost impossible to google the answers (you want to exclude lazy uninterested humans, not all of them, right?). Besides, I thought D was supposed to be the type of language one should be able to successfully program with without the knowledge of formal names. For example, apparently calling the following a raw string or raw string literal is faux pas in the D language. What is the name of the D language syntax feature illustrated in the following fragment of D code? string A = qDELIM `Why with an anxious look at the door-- Pray, what is the Project (and any other medium if you please! William the Conqueror, whose cause was favoured by the carrier,' she thought; `and how funny it'll seem to see that she let the jury--' DELIM; There were others and I don't think they were right either. Sure, I got slices right (oh wait, slices wouldn't be a valid answer, actually), but I was sure the anonymous class was meant to be constructor - it is that, right? This feels a lot like poetry in the high school: what did the author mean? As for math/algorithms, this one feels too advanced: return iota(9).reduce!a+b; So you need to know what `iota` and `reduce` do (okay, that can be googled), understand this weird lambda syntax and know that `iota(n)` will not generate an element equal to `n` just to know that it will return sum of numbers from 1 to 8. And then you're required either to calculate it the tedious way or know that sum from 1 to n equals `n*(n+1)/2`. Sure, this will eliminate spammers. But I wonder what the word of mouth will be: A Have you tried asking on the D forum? B Yeah, but they thought I was a spammer and wouldn't let me post. A Oh, well, maybe try to do it in python. tl;dr: waaay too difficult
Re: forum.dlang.org is now using DCaptcha
On Wed, 03 Dec 2014 01:48:55 + krzaq via Digitalmars-d-announce digitalmars-d-announce@puremagic.com wrote: Sure, this will eliminate spammers. But I wonder what the word of mouth will be: A Have you tried asking on the D forum? B Yeah, but they thought I was a spammer and wouldn't let me post. A Oh, well, maybe try to do it in python. ah, the perfect filter! signature.asc Description: PGP signature
Re: forum.dlang.org is now using DCaptcha
string k = x2e dd 203F; This seems severely punishing to people trying to learn D, especially as a first programming language. Is that really the right approach?
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 00:56:12 UTC, Brad Anderson wrote: On Tuesday, 2 December 2014 at 21:56:31 UTC, Vladimir Panteleev wrote: [snip] I hope so too! The CAPTCHA only triggers on a spam check fail, which should not occur for normal forum content. I get the captcha every single time I post at home. I suspect it's because I'm on IPv6. Everything else about home and work is almost identical (same browser versions, same extensions, same ISP, same OS, almost the same hardware). Right, that's because StopForumSpam can't understand IPv6, and we treated spam checking errors as spam just to be cautious. That should be fixed as of last night. No algorithms, no math. Just extremely basic stuff. Nobody, not even our weirdly efficient resident furniture spam bot is going to take the time to write a bot to answer a question like that. As I said, it's not about bots any more. The wiki got flooded after one person solved the D-specific question, after which the old CAPTCHA became useless.
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 01:48:57 UTC, krzaq wrote: Asking for feature names is a very bad choice, you're essentially excluding all beginners and it's almost impossible to google the answers (you want to exclude lazy uninterested humans, not all of them, right?). The answers not being Google-able is a goal. The Wiki CAPTCHA was easily defeated when a spammer Googled the answer. For example, apparently calling the following a raw string or raw string literal is faux pas in the D language. There are many acceptable answers for that question. As for math/algorithms, this one feels too advanced: return iota(9).reduce!a+b; I could add links to DPaste and the #d IRC channel. tl;dr: waaay too difficult Well, pull requests are welcome. However, I should add that the rate of false positives for spam detection is extremely low. Yesterday, four valid posting attempts were challenged with a CAPTCHA, and all were caused by StopForumSpam not understanding the IP address, which has now been fixed.
Re: forum.dlang.org is now using DCaptcha
On 2014-12-02 22:41, Vladimir Panteleev wrote: I'm sure you all are as tired of the occasional spam that hits these lists as I was deleting it. (Mailing list users in particular, I guess, since we can't delete an email once it was sent out.) Most of the spam was coming in through the forum, so I suppose I was responsible for [not] keeping it out. Although forum.dlang.org has had a spam check and used reCAPTCHA since it was announced, it is only somewhat effective against fully-automated bots - it is powerless against humans paid to post spamverts on forums web-wide, which is what the current spam economy seems to be gravitating towards. Enter DCaptcha, a question-answer challenge tailored for D programmers. Its goals are to challenge posters of suspicious-looking content with questions that should be easy to answer to D programmers, and impossible for non-technical people with no incentive to learn or research stuff (i.e. spammers). DCaptcha is already in use on the D wiki (wiki.dlang.org), with great success - DCaptcha's debut cut the short-lived explosion in wiki spam to zero. For an idea of what sort of questions DCaptcha asks, you can demo it on the following page, so you don't have to clutter the forum with test posts: http://wiki.dlang.org/extensions/DCaptcha/demo.php The anonymous class feature question, I was a bit stunned at first, before I saw what it actually was. -- /Jacob Carlborg
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 06:44:17 UTC, Vladimir Panteleev wrote: [snip] As I said, it's not about bots any more. The wiki got flooded after one person solved the D-specific question, after which the old CAPTCHA became useless. Ah yeah, that's right. I forgot that was your goal. I'm still worried it'll turn people away though.
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 06:52:23 UTC, Vladimir Panteleev wrote: On Wednesday, 3 December 2014 at 01:48:57 UTC, krzaq wrote: [snip As for math/algorithms, this one feels too advanced: return iota(9).reduce!a+b; I think it's a pretty good (albeit slightly advanced) question. 9 is a bit high though. iota(4) would probably suffice. I could add links to DPaste and the #d IRC channel. Both good ideas. tl;dr: waaay too difficult Well, pull requests are welcome. However, I should add that the rate of false positives for spam detection is extremely low. Yesterday, four valid posting attempts were challenged with a CAPTCHA, and all were caused by StopForumSpam not understanding the IP address, which has now been fixed. If it's that low than I'm not worried about it anymore. The captcha was just very familiar to me before you fixed the IP address problem.
Re: forum.dlang.org is now using DCaptcha
On Wednesday, 3 December 2014 at 07:29:25 UTC, Jacob Carlborg wrote: The anonymous class feature question, I was a bit stunned at first, before I saw what it actually was. i can't pass it too - only looking to sources. i tried auto type deduction, type deduction etc... imho, name of feature - bad question choice.
