On 05/11/2007, Tracker <[EMAIL PROTECTED]> wrote:
>
> ACTIVITY SUMMARY (10/29/07 - 11/05/07)
> Tracker at http://bugs.python.org/
These seem to be getting sent out daily at the moment. Is that right?
Paul.
___
Python-Dev mailing list
Python-Dev@python.o
On 08/07/07, Steve Holden <[EMAIL PROTECTED]> wrote:
> This script appears to have been producing exactly the same output since
> June 9. I can't believe it's useful information.
It has one positive aspect for me - it's reassured me that the spate
of spam which hit the new tracker a month or two a
Brett Cannon wrote:
> On 7/7/07, Josiah Carlson <[EMAIL PROTECTED]> wrote:
>> Steve Holden <[EMAIL PROTECTED]> wrote:
>>> Tracker wrote:
ACTIVITY SUMMARY (07/01/07 - 07/08/07)
Tracker at http://bugs.python.org/
To view or respond to any of the issues listed b
On 7/7/07, Josiah Carlson <[EMAIL PROTECTED]> wrote:
>
> Steve Holden <[EMAIL PROTECTED]> wrote:
> > Tracker wrote:
> > >
> > > ACTIVITY SUMMARY (07/01/07 - 07/08/07)
> > >
> > >
> > > Tracker at http://bugs.python.org/
> > >
> > > To view or respond to any of the issues listed below, sim
Steve Holden <[EMAIL PROTECTED]> wrote:
> Tracker wrote:
> >
> > ACTIVITY SUMMARY (07/01/07 - 07/08/07)
> >
> >
> > Tracker at http://bugs.python.org/
> >
> > To view or respond to any of the issues listed below, simply click on
> > the issue ID. Do *not* respond to this message.
>
Tracker wrote:
>
> ACTIVITY SUMMARY (07/01/07 - 07/08/07)
>
>
> Tracker at http://bugs.python.org/
>
> To view or respond to any of the issues listed below, simply click on
> the issue ID. Do *not* respond to this message.
>
> 1645 open ( +0) / 8584 closed ( +0) / 10229 total ( +0)
talin> While it is true that there is an arms race between creators of
talin> social software applications and spammers, this arms race is only
talin> waged the largest scales - spammers simply won't spend the effort
talin> to go after individual sites, its not cost effective, espe
Terry Reedy wrote:
> Why not simply embargo any post with an off-site link? Tho there might
> have been some, I can't remember a single example of such at SF.
I have often posted links off-site because the SF tracker didn't allow
unrelated parties to attach things. I don't know whether the new
Talin <[EMAIL PROTECTED]> wrote:
> Josiah Carlson wrote:
> > Captchas like this are easily broken using computational methods, or
> > even the porn site trick that was already mentioned. Never mind
> > Stephen's stated belief, that you quoted, that he believes that even the
> > hard captchas are
> Do we know how these spam comments entered the system?
Through the web site. Submission through email is not an
issue: you need to use a registered email address, and
those are hard to guess.
> And has there been any spam submitted since that point?
One day after the tracker was renamed to bu
Talin wrote:
> Josiah Carlson wrote:
>> Captchas like this are easily broken using computational methods, or
>> even the porn site trick that was already mentioned. Never mind
>> Stephen's stated belief, that you quoted, that he believes that even the
>> hard captchas are going to be beaten by com
Josiah Carlson wrote:
> Captchas like this are easily broken using computational methods, or
> even the porn site trick that was already mentioned. Never mind
> Stephen's stated belief, that you quoted, that he believes that even the
> hard captchas are going to be beaten by computational methods
"Aaron Brady" <[EMAIL PROTECTED]> wrote:
> "Stephen J. Turnbull" <[EMAIL PROTECTED]> wrote:
> > If we're going to do CAPTCHA, what we're looking for is something that
> > any 4 year old does automatically, but machines can't do at all.
> > Visual recognition used to be one, but isn't any more. Th
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:python-
> [EMAIL PROTECTED] On Behalf Of Stephen J.
> Turnbull
> Sent: Friday, May 18, 2007 3:10 AM
> To: python-dev@python.org
> Subject: Re: [Python-Dev] Summary of Tracker Issues
>
> O.R.Senthil Kumaran
Terry Reedy writes:
> Why not simply embargo any post with an off-site link? Tho there might
> have been some, I can't remember a single example of such at SF.
Fine by me; if it doesn't happen often, then embargoing them would be
fine. My occasional experience with distro reporting processes
On 5/18/07, Terry Reedy <[EMAIL PROTECTED]> wrote:
"Stephen J. Turnbull" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
| I think it would be better to do content. URLs come to mind; without
| something clickable, most commercial spam would be hamstrung. But
| few bug reports and
"Stephen J. Turnbull" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
| I think it would be better to do content. URLs come to mind; without
| something clickable, most commercial spam would be hamstrung. But
| few bug reports and patches need to contain URLs, except for
| specializ
O.R.Senthil Kumaran writes:
> :-) My idea was, a human got to answer it unscrambled as 'fourth' as he
> "understands" what the question is and gives the proper answer.
> Agreed, there could be confusion at first.
But for any given user, there's only going to be a first. Either they
pass the
* Greg Ewing <[EMAIL PROTECTED]> [2007-05-18 13:06:41]:
>
> > Site: What is the futorh word of tihs scnnteee?
> > Answer: fourth.
>
> Are you sure it isn't "futorh"?-)
>
:-) My idea was, a human got to answer it unscrambled as 'fourth' as he
"understands" what the question is and gives the pro
O.R.Senthil Kumaran wrote:
> Site: What is the futorh word of tihs scnnteee?
>
> Answer: fourth.
Are you sure it isn't "futorh"?-)
--
Greg
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe
* Andrew McNamara <[EMAIL PROTECTED]> [2007-05-17 15:30:43 +1000]:
> technique could be used, but my suspicion is that real people are being
> paid a pittance to sit in front of a PC and spam anything that moves.
http://www.mturk.com/mturk/welcome
Complete simple tasks that people do better than
O.R.Senthil Kumaran schrieb:
> * Scott Dial <[EMAIL PROTECTED]> [2007-05-17 11:04:46]:
>
>> However, it may also be because instead of using a graphic (which is
>> easily transplanted to another page), it uses ascii art which would
>> require more effort to extract and move to another page.
>
>
* Scott Dial <[EMAIL PROTECTED]> [2007-05-17 11:04:46]:
> However, it may also be because instead of using a graphic (which is
> easily transplanted to another page), it uses ascii art which would
> require more effort to extract and move to another page.
Another approach would be a 'text scram
Hrvoje Niksic wrote:
> On Wed, 2007-05-16 at 22:17 -0700, Talin wrote:
>> Here's a simple method: Put up a free porn site [...]
>
> Is it known that someone actually implemented this?
I moderate a discussion forum which was abused with this exact attack.
At the time, it was a phpBB forum which h
On 5/17/07, Hrvoje Nikšić <[EMAIL PROTECTED]> wrote:
> On Wed, 2007-05-16 at 22:17 -0700, Talin wrote:
> > Here's a simple method: Put up a free porn site [...]
>
> Is it known that someone actually implemented this? It's a neat trick,
> but as far as I know, it started as a thought experiment of
Talin wrote:
> Here's a simple method: Put up a free porn site, with a front page that
> says "you must be 18 or older to enter". The page also has a captcha to
> verify that you are a real person. But here's the trick: The captcha is
> actually a proxy to some other site that the spammer is try
On Wed, 2007-05-16 at 22:17 -0700, Talin wrote:
> Here's a simple method: Put up a free porn site [...]
Is it known that someone actually implemented this? It's a neat trick,
but as far as I know, it started as a thought experiment of what *could*
be done to fairly easily defeat the captchas, as
>> However - once you knock these out, there is still a steady stream of
>> what are clearly human generated spams. The mind boggles at the economics
>> or desperation that make this worthwhile.
>
>Actually, it doesn't cost that much, because typically the spammer can
>trick other humans into doin
Andrew McNamara wrote:
>> Typically spammers don't go through the effort to do a custom login
>> script for each different site. Instead, they do a custom login script
>> for each of the various software applications that support end-user
>> comments. So for example, there's a script for WordPre
>Typically spammers don't go through the effort to do a custom login
>script for each different site. Instead, they do a custom login script
>for each of the various software applications that support end-user
>comments. So for example, there's a script for WordPress, and one for
>PHPNuke, and
On Thursday 17 May 2007, Aahz wrote:
> On Wed, May 16, 2007, Josiah Carlson wrote:
> > I'm not sure how effective the question/answer stuff is, but a
> > bit of javascript seems to be a good idea.
>
> Just for the record (and to few people's surprise, I'm sure), I
> am entirely opposed to any use o
On Wed, May 16, 2007, Josiah Carlson wrote:
>
> I'm not sure how effective the question/answer stuff is, but a bit of
> javascript seems to be a good idea.
Just for the record (and to few people's surprise, I'm sure), I am
entirely opposed to any use of JavaScript.
--
Aahz ([EMAIL PROTECTED])
> My underlying point: seeing porno spam on the practice site gave me a bad
> itch both because I detest spammers in general and because I would not want
> visitors turned off to Python by something that is completely out of place
> and potentially offensive to some. So I am willing to help us
Talin <[EMAIL PROTECTED]> wrote:
> Terry Reedy wrote:
> > My underlying point: seeing porno spam on the practice site gave me a bad
> > itch both because I detest spammers in general and because I would not want
> > visitors turned off to Python by something that is completely out of place
> >
Kristján Valur Jónsson wrote:
>> -Original Message-
>>> ISTM you need one only question requiring human attention at a time,
>>> because once a spammer assigns a human (or inhuman of equivalent
>>> intelligence) to cracking you, you're toast.
>> I can't believe this is still profitable. It
Martin v. Löwis wrote:
> This question I could not answer, because I don't know what an orb is
An orb is a sphere.
--
Greg
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.py
> -Original Message-
> From: Stephen J. Turnbull [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, May 16, 2007 5:10 AM
> To: Aaron Brady
> Cc: 'Georg Brandl'; python-dev@python.org
> Subject: Re: [Python-Dev] Summary of Tracker Issues
>
> Aaron Brady writes
Aaron Brady writes:
> > ISTM you need one only question requiring human attention at a time,
> > because once a spammer assigns a human (or inhuman of equivalent
> > intelligence) to cracking you, you're toast.
>
> I can't believe this is still profitable. It's either lucrative or
> fulfil
> -Original Message-
> > ISTM you need one only question requiring human attention at a time,
> > because once a spammer assigns a human (or inhuman of equivalent
> > intelligence) to cracking you, you're toast.
>
> I can't believe this is still profitable. It's either lucrative or
> fulfi
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:python-
> [EMAIL PROTECTED] On Behalf Of Stephen J.
> Turnbull
>
> ISTM you need one only question requiring human attention at a time,
> because once a spammer assigns a human (or inhuman of equivalent
> intelligence) to cracking you
Georg Brandl writes:
> By requesting a registration form over and over, and recording all
> questions. A human would then answer them, which is easily done for
> 50 questions (provided that they are *not* targeted at experienced
> Python programmers, which shouldn't be done).
We are not going
Terry Reedy schrieb:
> "Georg Brandl" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
> | Terry Reedy schrieb:
> | > How about asking a Python specific question, with answered filled in
> rather
> | > that multiple choice selected: I would be willing to make up a bunch.
>
> And I
Terry Reedy wrote:
> My underlying point: seeing porno spam on the practice site gave me a bad
> itch both because I detest spammers in general and because I would not want
> visitors turned off to Python by something that is completely out of place
> and potentially offensive to some. So I am
""Martin v. Löwis"" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
|> If we anticipate users rather than programmers to register (as if so, it
| > would be nice to collect that info to formulate sensible responses),
then
| > questions like
| > The orb that shines in the sky during t
"Georg Brandl" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
| Terry Reedy schrieb:
| > How about asking a Python specific question, with answered filled in
rather
| > that multiple choice selected: I would be willing to make up a bunch.
And I would spend longer than a couple of
[EMAIL PROTECTED] writes:
> >> The orb that shines in the sky during the day.
>
> Martin> This question I could not answer, because I don't know what an
> Martin> orb is (it's not an object request broker, right?)
>
> Martin> Is the answer "sun"?
>
> It is indeed.
On 15-May-07, at 12:32 AM, Georg Brandl wrote:
>
> There are two problems with this:
> * The set of questions is limited, and bots can be programmed to
> know them all.
Sure, but if someone is customizing their bot to python's issue
tracker, in all likelyhood they would have to be dealt with
>> The orb that shines in the sky during the day.
Martin> This question I could not answer, because I don't know what an
Martin> orb is (it's not an object request broker, right?)
Martin> Is the answer "sun"?
It is indeed. I would use "star" instead of "orb". It might be
> If we anticipate users rather than programmers to register (as if so, it
> would be nice to collect that info to formulate sensible responses), then
> questions like
> The orb that shines in the sky during the day.
This question I could not answer, because I don't know what an orb is
(it'
>> On Mon, May 14, 2007, "Martin v. L?wis" wrote:
>>> Skip(?):
In the meantime (thinking out loud here), would it be possible to
keep search engines from seeing a submission or an edit until a
trusted person has had a chance to approve it?
>>> It would be pos
Terry Reedy schrieb:
> "Andrew McNamara" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
> | I'm reluctant to mention the name of one particular tool I'm aware
> | of, but as well as the above, it also has OCR to defeat CAPTCHA, and
>
> How about asking a Python specific question, w
"Andrew McNamara" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
| I'm reluctant to mention the name of one particular tool I'm aware
| of, but as well as the above, it also has OCR to defeat CAPTCHA, and
How about asking a Python specific question, with answered filled in rather
t
""Martin v. Löwis"" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
|> I'm reluctant to mention the name of one particular tool I'm aware
| > of, but as well as the above, it also has OCR to defeat CAPTCHA, and
| > automatically creates throw-away e-mail accounts with a range of free
> I'm reluctant to mention the name of one particular tool I'm aware
> of, but as well as the above, it also has OCR to defeat CAPTCHA, and
> automatically creates throw-away e-mail accounts with a range of free
> web-mail providers for registration purposes.
Right. We considered CAPTCHA, but some
Aahz schrieb:
> On Mon, May 14, 2007, "Martin v. L?wis" wrote:
>> Skip(?):
>>> In the meantime (thinking out loud here), would it be possible to keep
>>> search engines from seeing a submission or an edit until a trusted person
>>> has had a chance to approve it?
>> It would be possible, but I woul
>> I think a single-click button "Spammer"
>> should allow committers to lock an account and hide all messages
>> and files that he sent, but that still requires somebody to implement
>> it.
>
>I'd expect that to be pretty effective -- like graffiti artists,
>spammers want their work to be seen, an
On Mon, May 14, 2007, "Martin v. L?wis" wrote:
> Skip(?):
>>
>> In the meantime (thinking out loud here), would it be possible to keep
>> search engines from seeing a submission or an edit until a trusted person
>> has had a chance to approve it?
>
> It would be possible, but I would strongly oppo
> In the meantime (thinking out loud here), would it be possible to keep
> search engines from seeing a submission or an edit until a trusted person
> has had a chance to approve it?
It would be possible, but I would strongly oppose it. A bug tracker
where postings need to be approved is just unac
>> Now it's up to volunteers to do ongoing spam clearing, and we don't
>> have that much volunteers. I think a single-click button "Spammer"
>> should allow committers to lock an account and hide all messages and
>> files that he sent, but that still requires somebody to implement
On 5/13/07, "Martin v. Löwis" <[EMAIL PROTECTED]> wrote:
> Now it's up to volunteers to do ongoing spam clearing, and we don't
> have that much volunteers. I think a single-click button "Spammer"
> should allow committers to lock an account and hide all messages
> and files that he sent, but that s
> I clicked on the tracker link out of curiosity noticed that the
> tracker has been spammed -- issues 1028, 1029 and 1030 are all spam
> (1028 seems a test by the spammer).
>
> These issues should be deleted and their creator's accounts disabled.
(Notice that the spammer hasn't been as successfu
On 5/12/07, Guido van Rossum <[EMAIL PROTECTED]> wrote:
On 5/12/07, Tracker <[EMAIL PROTECTED]> wrote:
[...]
I clicked on the tracker link out of curiosity noticed that the
tracker has been spammed -- issues 1028, 1029 and 1030 are all spam
(1028 seems a test by the spammer).
We know. Skip
On 5/12/07, Tracker <[EMAIL PROTECTED]> wrote:
[...]
I clicked on the tracker link out of curiosity noticed that the
tracker has been spammed -- issues 1028, 1029 and 1030 are all spam
(1028 seems a test by the spammer).
These issues should be deleted and their creator's accounts disabled.
BTW W
63 matches
Mail list logo
