December 11, 2004

Foul, evil spam

My spam count had gotten up to around two thousand per week (!), and I decided I needed to do something about it. Although the spam never made it to the outside world (well, usually), I still had to go through and scan it for false positives, which were frequent. For two thousand spam, this can take a while.

Several blogs (e.g. A Partially Examined Life) have taken the tactic of posting a (generated) graphic of numerals, which the user needs to type in. Which blocks bots, blind people, and lynx users. And the bots seem to be getting smarter. So I was reluctant to go that route, although I was ready to give in and install such a plugin anyway.

Then it occurred to me. Duh! What's one of the things that is most difficult for computers? Language understanding. As I should well know. What I needed to do was write something kind of like the graphical "only a human could do this" bot blockers, but instead take a random number and wrap it up into a question. Something easy for humans to process, like "adding one" or "even or odd", but couched in a textual question that would be tricky for bots to understand (and easy to rephrase if someone just hard-codes it).

Voilà BotBlock. It is currently installed on this blog and available for download. Let me know if you have any problems with it. (And especially let me know if you have trouble posting comments as a result of it!)

UPDATE: I changed the link to go to a page about BotBlock, rather than be a direct download.

And the Lord said unto them, "Thou shalt not exceed the speed of Light." And the people did leap and flap their arms, and did run about in circles, and did race though the desert in chariots, yea, even until the wheels did fall off. Yet none could move more swiftly than the Light, and so did the people obey the Lord's command.

Posted by blahedo at 11:46pm on 11 Dec 2004
Comments
Cool idea! Color me testing. I wonder how far you could get with just translating a 2-5 digit number into words, and then requiring the user to type the digits. Like "ten thousand three hundred fifty-seven." That should be sort of tough to detect with a bot. Posted by Paul at 4:44am on 12 Dec 2004
This is far less annoying than those warped graphics of texted. I have trouble reading some of them. Posted by lee at 4:47am on 12 Dec 2004
The written-out-numbers idea was actually the first thing I thought of, and something like it will probably make its way into the question list, but the initial batch were easier to crank out code for. :)

Generally, it seems to be working---only two spam since I installed it. I forgot to account for the fact that I'd still have as many attempts as before, so I had to bump up the number of temp files (and decrease the timeout, to about an hour, which should still be sufficient).

Posted by blahedo at 2:42pm on 12 Dec 2004
Second attempt to write a response here. My last one from a few hours ago never appeared. Posted by David at 4:32pm on 12 Dec 2004
Is add one to this number always first? Posted by lee at 9:24pm on 13 Dec 2004
No, should be random. Posted by blahedo at 1:41am on 14 Dec 2004
Well, aren't you the clever one. Now I have to get Ben to install it. Posted by Kimmitt at 8:41pm on 14 Dec 2004
Testing v1.1. Posted by blahedo at 1:59pm on 15 Dec 2004
What did you change? Posted by lee at 12:13am on 16 Dec 2004
Testing v1.2 Posted by blahedo at 1:41am on 16 Dec 2004
Nothing visible to the user (aside from adding a new questions), but a bunch of stuff to make the internals cleaner, and questions easier to edit and add. You can read more details in the full version history. Posted by blahedo at 1:52am on 16 Dec 2004
Testing v1.2.1 Posted by blahedo at 12:31pm on 16 Dec 2004
a test! Posted by Clara at 12:34pm on 10 Sep 2006
a test! Posted by Clara at 12:37pm on 10 Sep 2006
Instead of hitting the preview to get another question, why not just have a "change question" button? Great idea though. I might give it a shot (if I can find the time...) Thanks! Keith D Commiskey http://kdcinfo.com Posted by Keith D Commiskey at 10:42pm on 18 Sep 2006
Instead of hitting the preview to get another question, why not just have a "change question" button? Great idea though. I might give it a shot (if I can find the time...) Oh, well, I answered the question right, and it told me I got it wrong. So, then I answered it wrong, and I was still wrong. Then it told me I had to wait. But for how long? An indication would be great (a 60-second counter would be even greater). Thanks! Keith D Commiskey http://kdcinfo.com Posted by Keith D Commiskey at 10:45pm on 18 Sep 2006
Приколь! Posted by Avram Lyon at 4:18am on 27 Nov 2006
That's pretty cool. Are there any concerns about questions being too difficult to understand though? Posted by Me at 6:36pm on 25 Mar 2007
Not really. At the moment the questions are "type this number", "add one to this number", "is this number even or odd", and "is this year in the future or the past". The goal is questions that are nearly trivial for humans—making the problem building the NLP engine that could have enough understanding to pass them.

Did you have trouble with one of the questions?

Posted by blahedo at 7:39pm on 25 Mar 2007
l;m'm, ./ Posted by njlk at 6:37am on 13 May 2011
Post a comment









Say whether the tens digit of this number is even or odd: 453
 [?]

Remember personal info?






Valid XHTML 1.0!