[aur-dev] [aur-general] Fighting spam on the AUR
Lukas Fleischer
archlinux at cryptocrack.de
Mon Mar 18 18:07:07 EDT 2013
On Mon, Mar 18, 2013 at 09:36:46PM +0100, Lukas Fleischer wrote:
> On Sat, Mar 16, 2013 at 05:26:31PM +0100, Pierre Schmitz wrote:
> > Am 16.03.2013 17:07, schrieb Florian Dejonckheere:
> > > The bot could easily be adjusted to execute the command and pass the form.
> > > There seems to be only one command (on the wiki). If multiple commands were
> > > to be used (maybe including interactive ones), I think the probability of
> > > automation would be greatly decreased.
> >
> > The script is configurable to display different questions and answers.
> > You can even set multiple and a random one will be picked.
> >
> > Till now no bot was programmed to bypass the forum or wiki
> > registration, even though both are a way more viable target than the
> > AUR. Therefor I would suggest to just try it; the code is already
> > written. We can gradually extend it later if needed. It's actually
> > important to not go with the best solution we can come up with right
> > from the start.
>
> I just added a very hacky CAPTCHA implementation to the AUR production
> system -- let's see what happens.
The spammer worked around this pretty quickly. I disabled the
registration form until we come up with a better solution.
>
> >
> > Greetings,
> >
> > Pierre
> >
> > --
> > Pierre Schmitz, https://pierre-schmitz.com
More information about the aur-dev
mailing list