As you can see, there is a massive spam wave going on on Lemmey based instances.

This can be avoided by enabling CAPTCHA with signup and also LIMIT the registers per X seconds!

Currently the accounts are idle but this can change soon… Please take action NOW!

    • stux⚡ @geddit.socialOPM
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Ofc there are bot nets that can defeat it but it should always be an option since the “cheaper ones” cannot and beat in term some spam

      The rate limit for signup is a way better option and should also be explored

    • CoderKat@kbin.social
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      edit-2
      1 year ago

      I gotta be honest, I don’t see why they’re pushing mCaptcha so hard. Honestly, any form of captcha will stop the vast majority of bots (I found this out myself when running an old school forum ages ago).

      For the remaining bots, I don’t see why a proof of work captcha would do any better than an image captcha. If anything, it seems like proof of work captchas are guaranteed and trivially solvable by machines. The only catch for bots is that they must expend a bit more computational power to do so. I don’t think you can possibly limit bots (which can optimize their hardware) by a significant amount without very negatively impacting legitimate users.

      I’m not sure how that is more effective than an image that many bots struggle with automatically solving. They seem to especially struggle with the “select all the traffic lights” style problems (which is why those are used – despite being admittedly kinda annoying).

      To go a step further, this feels like a proof of work (crypto) fan looking for a problem to solve. Is there any evidence it works? Cause I googled “mcaptcha effectiveness” and there isn’t really any results. I’m very skeptical that it works by any means other than seemingly being niche enough that bot writers likely aren’t targeting it.