• Vladimir Panteleev (28/28) Dec 02 2014 I'm sure you all are as tired of the occasional spam that hits
• =?UTF-8?B?QWxpIMOHZWhyZWxp?= (7/12) Dec 02 2014 I hope this will not alienate complete beginners. They should be able to...
• Vladimir Panteleev (6/19) Dec 02 2014 I hope so too! The CAPTCHA only triggers on a spam check fail,
• =?UTF-8?B?QWxpIMOHZWhyZWxp?= (11/17) Dec 02 2014 It was this one:
• Brad Anderson (22/25) Dec 02 2014 I get the captcha every single time I post at home. I suspect
• Vladimir Panteleev (8/21) Dec 02 2014 Right, that's because StopForumSpam can't understand IPv6, and we
• Brad Anderson (4/8) Dec 02 2014 Ah yeah, that's right. I forgot that was your goal. I'm still
• Kagamin (11/23) Dec 03 2014 Bots don't write bots, lol.
• Eric (6/34) Dec 02 2014 I got stumped on the delimited string question, but I was
• Adam D. Ruppe (1/1) Dec 02 2014 I suppose one way to "cheat" is to just compile and run the code.
• bearophile (5/6) Dec 02 2014 Very nice, we can help spammers learn some D and become some day
• krzaq (27/40) Dec 02 2014 Asking for feature names is a very bad choice, you're essentially
• ketmar via Digitalmars-d-announce (4/10) Dec 02 2014 On Wed, 03 Dec 2014 01:48:55 +0000
• Dylan Allbee (4/4) Dec 02 2014 string k = x"2e dd 203F";
• Vladimir Panteleev (10/19) Dec 02 2014 The answers not being Google-able is a goal. The Wiki CAPTCHA was
• Brad Anderson (8/19) Dec 02 2014 I think it's a pretty good (albeit slightly advanced) question. 9
• Vladimir Panteleev (7/12) Dec 03 2014 Done. You can see this here:
• Brad Anderson (4/17) Dec 03 2014 I mentioned it a few times in IRC but you were probably asleep.
• Jacob Carlborg (5/25) Dec 02 2014 The "anonymous class" feature question, I was a bit stunned at first,
• novice2 (5/7) Dec 02 2014 i can't pass it too - only looking to sources.
• Gary Willoughby (6/14) Dec 03 2014 I think this is a bad idea because developers new to the language
• Vladimir Panteleev (5/21) Dec 03 2014 Got it. But we're not going back to reCAPTCHA either. I'm tired
• Gary Willoughby (16/19) Dec 03 2014 I got fed up of having spam on an old blog so i implemented a
• Vladimir Panteleev (11/32) Dec 03 2014 I'm seeing a very large variation of IPs here. The humans seem to
• Martin Krejcirik (4/6) Dec 03 2014 I think all code fragments should have just one exact answer
• Jacob Carlborg (7/8) Dec 03 2014 I agree. I try the demo at got a question about what this feature is cal...
• ketmar via Digitalmars-d-announce (5/15) Dec 03 2014 On Wed, 03 Dec 2014 14:47:09 +0100
• Vladimir Panteleev (5/20) Dec 03 2014 The type is anonymous.
• ketmar via Digitalmars-d-announce (5/25) Dec 03 2014 On Wed, 03 Dec 2014 20:22:31 +0000
• Vladimir Panteleev (3/21) Dec 03 2014 That's the name of the parent class :)
• Jacob Carlborg (4/5) Dec 03 2014 Or interface, if I recall correctly.
• MattCoder (4/8) Dec 03 2014 I agree.
• Ary Borenszweig (11/12) Dec 03 2014 I think this could work with just two or three variants of a question.
• Mike (13/25) Dec 03 2014 I had to maintain a technical forum last year that was getting
• Mike James (2/17) Dec 03 2014
• ketmar via Digitalmars-d-announce (4/7) Dec 03 2014 On Thu, 04 Dec 2014 04:02:46 +0000
• Rikki Cattermole (3/10) Dec 03 2014 Google is your friend.
• ketmar via Digitalmars-d-announce (4/15) Dec 03 2014 On Thu, 04 Dec 2014 20:31:47 +1300
• Vladimir Panteleev (2/6) Dec 04 2014 The Wiki had a similar question before DCaptcha. Got spammed.
• Vladimir Panteleev (8/20) Dec 04 2014 These are very similar to two of the existing challenges.
• Faux Amis (10/47) Dec 03 2014 Seems like hex to me
• Kagamin (4/16) Dec 04 2014 The test doesn't differentiate between human and robot. It tries
• eles (2/5) Dec 04 2014 the latter is just a myth...
• Paolo Invernizzi (2/7) Dec 04 2014 LOL
• MattCoder (5/10) Dec 03 2014 Coincidence? :)
• Vladimir Panteleev (3/13) Dec 04 2014 Yep. I've heard about it, but it would still allow non-bot
• Vladimir Panteleev (3/3) Dec 04 2014 I removed all the harder challenges, so y'all can now stop
• deadalnix (1/1) Dec 09 2014 Hijacking this thread. Captcha is still not working on https :(
• Vladimir Panteleev (5/6) Dec 10 2014 Sorry, had to revert to an earlier version due to an unrelated
• Martin Nowak (5/10) Dec 10 2014 Ha ha, my first thought was, can't you use something else than
• Vladimir Panteleev (2/16) Dec 11 2014 Ah, fixed. Broke that when I updated to the easy version.
• Martin Nowak (5/8) Dec 11 2014 Nice one, failed the first try :).
• Vladimir Panteleev (6/13) Dec 11 2014 This is a very simple demo page (you can even see the answers in
• Bill Baxter via Digitalmars-d-announce (15/32) Dec 11 2014 """
• Martin Nowak (4/6) Dec 11 2014 Let's hope the spammers don't get clever enough to let our machines

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

I'm sure you all are as tired of the occasional spam that hits 
these lists as I was deleting it. (Mailing list users in 
particular, I guess, since we can't delete an email once it was 
sent out.) Most of the spam was coming in through the forum, so I 
suppose I was responsible for [not] keeping it out.

Although forum.dlang.org has had a spam check and used reCAPTCHA 
since it was announced, it is only somewhat effective against 
fully-automated bots - it is powerless against humans paid to 
post spamverts on forums web-wide, which is what the current spam 
economy seems to be gravitating towards.

Enter DCaptcha, a question-answer challenge tailored for D 
programmers. Its goals are to challenge posters of 
suspicious-looking content with questions that should be easy to 
answer to D programmers, and impossible for non-technical people 
with no incentive to learn or research stuff (i.e. spammers). 
DCaptcha is already in use on the D wiki (wiki.dlang.org), with 
great success - DCaptcha's debut cut the short-lived explosion in 
wiki spam to zero.

For an idea of what sort of questions DCaptcha asks, you can demo 
it on the following page, so you don't have to clutter the forum 
with test posts:

http://wiki.dlang.org/extensions/DCaptcha/demo.php

Source code:

https://github.com/CyberShadow/dcaptcha

Pull requests for more challenges are welcome. You can find some 
goals for new challenges at the top of dcaptcha.d.

Previous discussion (w.r.t. the D wiki):

http://forum.dlang.org/post/tpflbvlfutjwyvqmowdx forum.dlang.org

=?UTF-8?B?QWxpIMOHZWhyZWxp?= <acehreli yahoo.com> writes:

On 12/02/2014 01:41 PM, Vladimir Panteleev wrote:

 impossible for non-technical people with no incentive to learn
 or research stuff

I hope this will not alienate complete beginners. They should be able to 
talk to us on the D.learn newsgroup.

 For an idea of what sort of questions DCaptcha asks, you can demo it on
 the following page, so you don't have to clutter the forum with test 

posts:
 http://wiki.dlang.org/extensions/DCaptcha/demo.php

Ouch. I could pass the first question in two tries but I can't pass the 
second one. :)

Ali

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Tuesday, 2 December 2014 at 21:53:15 UTC, Ali Çehreli wrote:
 On 12/02/2014 01:41 PM, Vladimir Panteleev wrote:

 impossible for non-technical people with no incentive to learn
 or research stuff

 I hope this will not alienate complete beginners. They should 
 be able to talk to us on the D.learn newsgroup.

I hope so too! The CAPTCHA only triggers on a spam check fail, 
which should not occur for normal forum content.

 For an idea of what sort of questions DCaptcha asks, you can

 demo it on
 the following page, so you don't have to clutter the forum

 with test posts:
 http://wiki.dlang.org/extensions/DCaptcha/demo.php

 Ouch. I could pass the first question in two tries but I can't 
 pass the second one. :)

They're randomly generated, so I don't know which one that would 
be. Either way, refresh to get a different one (this works on the 
forum, too).

=?UTF-8?B?QWxpIMOHZWhyZWxp?= <acehreli yahoo.com> writes:

On 12/02/2014 01:56 PM, Vladimir Panteleev wrote:

 The CAPTCHA only triggers on a spam check fail, which should
 not occur for normal forum content.

Ok, that sounds great.

 Ouch. I could pass the first question in two tries but I can't pass
 the second one. :)

 They're randomly generated, so I don't know which one that would be.

It was this one:

   https://github.com/CyberShadow/dcaptcha/blob/master/dcaptcha.d#L87

I think I figured it out: After two failed attempts, I accepted 
Firefox's "Prevent this page from creating additional dialogs" offer. 
The problem is, when I do that, I don't see the "Correct!" dialog either 
and remain on the page without any indication that I guessed correctly. :p

 Either way, refresh to get a different one (this works on the forum, 

too).

That worked.

Ali

"Brad Anderson" <eco gnuk.net> writes:

On Tuesday, 2 December 2014 at 21:56:31 UTC, Vladimir Panteleev 
wrote:
 [snip]

 I hope so too! The CAPTCHA only triggers on a spam check fail, 
 which should not occur for normal forum content.

I get the captcha every single time I post at home. I suspect 
it's because I'm on IPv6. Everything else about home and work is 
almost identical (same browser versions, same extensions, same 
ISP, same OS, almost the same hardware).


It frequently takes me a few attempts on these and I've been 
following the language for years (mostly because of simple 
mistake in my math or something like forgetting iota has an open 
right boundary).

Maybe make the ones on d.learn extremely simple.

---
What does the follow program print?

     void main()
     {
         import std.stdio : writeln;
         writeln("foo");
     }
---

No algorithms, no math. Just extremely basic stuff. Nobody, not 
even our weirdly efficient resident furniture spam bot is going 
to take the time to write a bot to answer a question like that.

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Wednesday, 3 December 2014 at 00:56:12 UTC, Brad Anderson 
wrote:
 On Tuesday, 2 December 2014 at 21:56:31 UTC, Vladimir Panteleev 
 wrote:
 [snip]

 I hope so too! The CAPTCHA only triggers on a spam check fail, 
 which should not occur for normal forum content.

 I get the captcha every single time I post at home. I suspect 
 it's because I'm on IPv6. Everything else about home and work 
 is almost identical (same browser versions, same extensions, 
 same ISP, same OS, almost the same hardware).

Right, that's because StopForumSpam can't understand IPv6, and we 
treated spam checking errors as spam just to be cautious. That 
should be fixed as of last night.

 No algorithms, no math. Just extremely basic stuff. Nobody, not 
 even our weirdly efficient resident furniture spam bot is going 
 to take the time to write a bot to answer a question like that.

As I said, it's not about bots any more. The wiki got flooded 
after one person solved the D-specific question, after which the 
old CAPTCHA became useless.

"Brad Anderson" <eco gnuk.net> writes:

On Wednesday, 3 December 2014 at 06:44:17 UTC, Vladimir Panteleev 
wrote:
 [snip]
 As I said, it's not about bots any more. The wiki got flooded 
 after one person solved the D-specific question, after which 
 the old CAPTCHA became useless.

Ah yeah, that's right. I forgot that was your goal. I'm still 
worried it'll turn people away though.

"Kagamin" <spam here.lot> writes:

On Wednesday, 3 December 2014 at 00:56:12 UTC, Brad Anderson 
wrote:
 Maybe make the ones on d.learn extremely simple.

 ---
 What does the follow program print?

     void main()
     {
         import std.stdio : writeln;
         writeln("foo");
     }
 ---

 No algorithms, no math. Just extremely basic stuff. Nobody, not 
 even our weirdly efficient resident furniture spam bot is going 
 to take the time to write a bot to answer a question like that.

Bots don't write bots, lol.

I think, a little math doesn't hurt.

void main()
{
     int a, b=2;
     a++;
     a = a+b+1;
     writeln("foo",a);
}

"Eric" <eric makechip.com> writes:

I got stumped on the delimited string question, but I was
able to get the answer by viewing the page source in my web 
browser.

-Eric


On Tuesday, 2 December 2014 at 21:41:28 UTC, Vladimir Panteleev 
wrote:
 I'm sure you all are as tired of the occasional spam that hits 
 these lists as I was deleting it. (Mailing list users in 
 particular, I guess, since we can't delete an email once it was 
 sent out.) Most of the spam was coming in through the forum, so 
 I suppose I was responsible for [not] keeping it out.

 Although forum.dlang.org has had a spam check and used 
 reCAPTCHA since it was announced, it is only somewhat effective 
 against fully-automated bots - it is powerless against humans 
 paid to post spamverts on forums web-wide, which is what the 
 current spam economy seems to be gravitating towards.

 Enter DCaptcha, a question-answer challenge tailored for D 
 programmers. Its goals are to challenge posters of 
 suspicious-looking content with questions that should be easy 
 to answer to D programmers, and impossible for non-technical 
 people with no incentive to learn or research stuff (i.e. 
 spammers). DCaptcha is already in use on the D wiki 
 (wiki.dlang.org), with great success - DCaptcha's debut cut the 
 short-lived explosion in wiki spam to zero.

 For an idea of what sort of questions DCaptcha asks, you can 
 demo it on the following page, so you don't have to clutter the 
 forum with test posts:

 http://wiki.dlang.org/extensions/DCaptcha/demo.php

 Source code:

 https://github.com/CyberShadow/dcaptcha

 Pull requests for more challenges are welcome. You can find 
 some goals for new challenges at the top of dcaptcha.d.

 Previous discussion (w.r.t. the D wiki):

 http://forum.dlang.org/post/tpflbvlfutjwyvqmowdx forum.dlang.org

"Adam D. Ruppe" <destructionator gmail.com> writes:

I suppose one way to "cheat" is to just compile and run the code.

"bearophile" <bearophileHUGS lycos.com> writes:

Vladimir Panteleev:

 http://wiki.dlang.org/extensions/DCaptcha/demo.php

Very nice, we can help spammers learn some D and become some day 
valid D developers :-)

Bye,
bearophile

"krzaq" <dlangmailinglist krzaq.cc> writes:

Asking for feature names is a very bad choice, you're essentially 
excluding all beginners and it's almost impossible to google the 
answers (you want to exclude lazy uninterested humans, not all of 
them, right?). Besides, I thought D was supposed to be the type 
of language one should be able to successfully program with 
without the knowledge of formal names.

For example, apparently calling the following a "raw string" or 
"raw string literal" is faux pas in the D language.

 What is the name of the D language syntax feature illustrated 
 in the following fragment of D code?
 
 string A = q"DELIM
 `Why with an anxious look at the
 door-- Pray, what is the Project (and
 any other medium if you please!
 "William the Conqueror, whose cause
 was favoured by the carrier,' she
 thought; `and how funny it'll seem to
 see that she let the jury--'
 DELIM";

There were others and I don't think they were right either. Sure, 
I got slices right (oh wait, "slices" wouldn't be a valid answer, 
actually), but I was sure the "anonymous class" was meant to be 
"constructor" - it is that, right? This feels a lot like poetry 
in the high school: "what did the author mean"?

As for math/algorithms, this one feels too advanced:
 return iota(9).reduce!"a+b";

So you need to know what `iota` and `reduce` do (okay, that can 
be googled), understand this weird lambda syntax and know that 
`iota(n)` will not generate an element equal to `n` just to know 
that it will return sum of numbers from 1 to 8. And then you're 
required either to calculate it the tedious way or know that sum 
from 1 to n equals `n*(n+1)/2`.

Sure, this will eliminate spammers. But I wonder what the word of 
mouth will be:
<A> Have you tried asking on the D forum?
<B> Yeah, but they thought I was a spammer and wouldn't let me 
post.
<A> Oh, well, maybe try to do it in python.

tl;dr: waaaaaaaaaaay too difficult

ketmar via Digitalmars-d-announce <digitalmars-d-announce puremagic.com> writes:

On Wed, 03 Dec 2014 01:48:55 +0000
krzaq via Digitalmars-d-announce <digitalmars-d-announce puremagic.com>
wrote:

 Sure, this will eliminate spammers. But I wonder what the word of=20
 mouth will be:
 <A> Have you tried asking on the D forum?
 <B> Yeah, but they thought I was a spammer and wouldn't let me=20
 post.
 <A> Oh, well, maybe try to do it in python.

ah, the perfect filter!

"Dylan Allbee" <dylan linux.com> writes:

string k = x"2e dd 203F";

This seems severely punishing to people trying to learn D, 
especially as a first programming language. Is that really the 
right approach?

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Wednesday, 3 December 2014 at 01:48:57 UTC, krzaq wrote:
 Asking for feature names is a very bad choice, you're 
 essentially excluding all beginners and it's almost impossible 
 to google the answers (you want to exclude lazy uninterested 
 humans, not all of them, right?).

The answers not being Google-able is a goal. The Wiki CAPTCHA was 
easily defeated when a spammer Googled the answer.

 For example, apparently calling the following a "raw string" or 
 "raw string literal" is faux pas in the D language.

There are many acceptable answers for that question.

 As for math/algorithms, this one feels too advanced:
 return iota(9).reduce!"a+b";


I could add links to DPaste and the #d IRC channel.

 tl;dr: waaaaaaaaaaay too difficult

Well, pull requests are welcome. However, I should add that the 
rate of false positives for spam detection is extremely low. 
Yesterday, four valid posting attempts were challenged with a 
CAPTCHA, and all were caused by StopForumSpam not understanding 
the IP address, which has now been fixed.

"Brad Anderson" <eco gnuk.net> writes:

On Wednesday, 3 December 2014 at 06:52:23 UTC, Vladimir Panteleev 
wrote:
 On Wednesday, 3 December 2014 at 01:48:57 UTC, krzaq wrote:
 [snip>
 As for math/algorithms, this one feels too advanced:
 return iota(9).reduce!"a+b";



I think it's a pretty good (albeit slightly advanced) question. 9 
is a bit high though. iota(4) would probably suffice.

 I could add links to DPaste and the #d IRC channel.

Both good ideas.

 tl;dr: waaaaaaaaaaay too difficult

 Well, pull requests are welcome. However, I should add that the 
 rate of false positives for spam detection is extremely low. 
 Yesterday, four valid posting attempts were challenged with a 
 CAPTCHA, and all were caused by StopForumSpam not understanding 
 the IP address, which has now been fixed.

If it's that low than I'm not worried about it anymore. The 
captcha was just very familiar to me before you fixed the IP 
address problem.

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Wednesday, 3 December 2014 at 07:46:42 UTC, Brad Anderson 
wrote:
 I could add links to DPaste and the #d IRC channel.

 Both good ideas.

Done. You can see this here:

http://forum.dlang.org/reply/qpfcqedcbkipjllnkyum forum.dlang.org

(just click "Send")

 If it's that low than I'm not worried about it anymore. The 
 captcha was just very familiar to me before you fixed the IP 
 address problem.

It was caused by a bug, not some heuristic false positive... I'd 
have fixed it if I knew about it.

"Brad Anderson" <eco gnuk.net> writes:

On Wednesday, 3 December 2014 at 09:00:25 UTC, Vladimir Panteleev 
wrote:
 On Wednesday, 3 December 2014 at 07:46:42 UTC, Brad Anderson 
 wrote:
 I could add links to DPaste and the #d IRC channel.

 Both good ideas.

 Done. You can see this here:

 http://forum.dlang.org/reply/qpfcqedcbkipjllnkyum forum.dlang.org

 (just click "Send")

 If it's that low than I'm not worried about it anymore. The 
 captcha was just very familiar to me before you fixed the IP 
 address problem.

 It was caused by a bug, not some heuristic false positive... 
 I'd have fixed it if I knew about it.

I mentioned it a few times in IRC but you were probably asleep. 
Should have used .note.

Jacob Carlborg <doob me.com> writes:

On 2014-12-02 22:41, Vladimir Panteleev wrote:
 I'm sure you all are as tired of the occasional spam that hits these
 lists as I was deleting it. (Mailing list users in particular, I guess,
 since we can't delete an email once it was sent out.) Most of the spam
 was coming in through the forum, so I suppose I was responsible for
 [not] keeping it out.

 Although forum.dlang.org has had a spam check and used reCAPTCHA since
 it was announced, it is only somewhat effective against fully-automated
 bots - it is powerless against humans paid to post spamverts on forums
 web-wide, which is what the current spam economy seems to be gravitating
 towards.

 Enter DCaptcha, a question-answer challenge tailored for D programmers.
 Its goals are to challenge posters of suspicious-looking content with
 questions that should be easy to answer to D programmers, and impossible
 for non-technical people with no incentive to learn or research stuff
 (i.e. spammers). DCaptcha is already in use on the D wiki
 (wiki.dlang.org), with great success - DCaptcha's debut cut the
 short-lived explosion in wiki spam to zero.

 For an idea of what sort of questions DCaptcha asks, you can demo it on
 the following page, so you don't have to clutter the forum with test posts:

 http://wiki.dlang.org/extensions/DCaptcha/demo.php

The "anonymous class" feature question, I was a bit stunned at first, 
before I saw what it actually was.

-- 
/Jacob Carlborg

"novice2" <sorry noem.ail> writes:

On Wednesday, 3 December 2014 at 07:29:25 UTC, Jacob Carlborg 
wrote:
 The "anonymous class" feature question, I was a bit stunned at 
 first, before I saw what it actually was.

i can't pass it too - only looking to sources.
i tried "auto type deduction", "type deduction" etc...
imho, "name of feature" - bad question choice.

"Gary Willoughby" <dev nomad.so> writes:

On Tuesday, 2 December 2014 at 21:41:28 UTC, Vladimir Panteleev
wrote:
 Enter DCaptcha, a question-answer challenge tailored for D 
 programmers. Its goals are to challenge posters of 
 suspicious-looking content with questions that should be easy 
 to answer to D programmers, and impossible for non-technical 
 people with no incentive to learn or research stuff (i.e. 
 spammers). DCaptcha is already in use on the D wiki 
 (wiki.dlang.org), with great success - DCaptcha's debut cut the 
 short-lived explosion in wiki spam to zero.

I think this is a bad idea because developers new to the language
will be turned away. Also i think a lot of these 'easy' questions
are just too hard. I've tried the demo and found it fustrating
that i need a few trys to get them right.

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Wednesday, 3 December 2014 at 08:24:46 UTC, Gary Willoughby 
wrote:
 On Tuesday, 2 December 2014 at 21:41:28 UTC, Vladimir Panteleev
 wrote:
 Enter DCaptcha, a question-answer challenge tailored for D 
 programmers. Its goals are to challenge posters of 
 suspicious-looking content with questions that should be easy 
 to answer to D programmers, and impossible for non-technical 
 people with no incentive to learn or research stuff (i.e. 
 spammers). DCaptcha is already in use on the D wiki 
 (wiki.dlang.org), with great success - DCaptcha's debut cut 
 the short-lived explosion in wiki spam to zero.

 I think this is a bad idea because developers new to the 
 language
 will be turned away. Also i think a lot of these 'easy' 
 questions
 are just too hard. I've tried the demo and found it fustrating
 that i need a few trys to get them right.

Got it. But we're not going back to reCAPTCHA either. I'm tired 
of deleting spam by hand.

Please suggest some ideas (or better, send pull requests).

"Gary Willoughby" <dev nomad.so> writes:

On Wednesday, 3 December 2014 at 08:28:25 UTC, Vladimir Panteleev 
wrote:
 Got it. But we're not going back to reCAPTCHA either. I'm tired 
 of deleting spam by hand.

 Please suggest some ideas (or better, send pull requests).

I got fed up of having spam on an old blog so i implemented a 
simple question, click on Darth Vader. Then i had lots of little 
images of film icons and would not post anything until Darth 
Vader was correctly selected. This sounds simple but the order of 
the images was randomised to stop bots and humans didn't seem to 
get it. Also if the wrong icon was selected, i presented a 
countdown on the page of 2 minutes letting them know this is a 
anti-spam measure and they can't post until the timer reached 
zero. Anyone managing to post spam to the blog was IP logged and 
always redirected to the countdown (once redirected and once the 
countdown reached zero it always reset forever to make it 
extremely frustrating for them). Yes you have to put in the 
effort to log IP's but i found there were very few persistent 
spammers. It honestly stopped all spam on my old blog.

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Wednesday, 3 December 2014 at 08:51:13 UTC, Gary Willoughby 
wrote:
 On Wednesday, 3 December 2014 at 08:28:25 UTC, Vladimir 
 Panteleev wrote:
 Got it. But we're not going back to reCAPTCHA either. I'm 
 tired of deleting spam by hand.

 Please suggest some ideas (or better, send pull requests).

 I got fed up of having spam on an old blog so i implemented a 
 simple question, click on Darth Vader. Then i had lots of 
 little images of film icons and would not post anything until 
 Darth Vader was correctly selected. This sounds simple but the 
 order of the images was randomised to stop bots and humans 
 didn't seem to get it. Also if the wrong icon was selected, i 
 presented a countdown on the page of 2 minutes letting them 
 know this is a anti-spam measure and they can't post until the 
 timer reached zero. Anyone managing to post spam to the blog 
 was IP logged and always redirected to the countdown (once 
 redirected and once the countdown reached zero it always reset 
 forever to make it extremely frustrating for them). Yes you 
 have to put in the effort to log IP's but i found there were 
 very few persistent spammers. It honestly stopped all spam on 
 my old blog.

I'm seeing a very large variation of IPs here. The humans seem to 
be connecting through a botnet, or a large open proxy directory.

125 IPs banned so far on the forum, for all the good that did. I 
suppose I could now clear the banlist, so that any future 
visitors happening to have those IPs are not turned away.

For my personal blog, the "Anti-spam" plugin (with no additional 
configuration) seems to work fine for now, but it relies on its 
relative obscurity. No canned solution would be suitable for an 
active forum, it's too high-profile of a target.

"Martin Krejcirik" <mk-junk i-line.cz> writes:

 For an idea of what sort of questions DCaptcha asks, you can 
 demo it on the following page, so you don't have to clutter the

I think all code fragments should have just one exact answer 
(like number or single word) a any programmer without specific D 
knowledge should be able to answer them correctly. Asking for D 
feature names in not good IMHO.

Jacob Carlborg <doob me.com> writes:

On 2014-12-03 14:02, Martin Krejcirik wrote:

 Asking for D feature names in not good IMHO.

I agree. I try the demo at got a question about what this feature is called:

auto u = new class M {};

Exactly what is referred to here? The type inference or the anonymous 
class? The answer is "anonymous class".

-- 
/Jacob Carlborg

ketmar via Digitalmars-d-announce <digitalmars-d-announce puremagic.com> writes:

On Wed, 03 Dec 2014 14:47:09 +0100
Jacob Carlborg via Digitalmars-d-announce
<digitalmars-d-announce puremagic.com> wrote:

 On 2014-12-03 14:02, Martin Krejcirik wrote:
=20
 Asking for D feature names in not good IMHO.

=20
 I agree. I try the demo at got a question about what this feature is call=

ed:
=20
 auto u =3D new class M {};
=20
 Exactly what is referred to here? The type inference or the anonymous=20
 class? The answer is "anonymous class".

besides, it's not "anonymous", it has a name!

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Wednesday, 3 December 2014 at 20:19:34 UTC, ketmar via 
Digitalmars-d-announce wrote:
 On Wed, 03 Dec 2014 14:47:09 +0100
 Jacob Carlborg via Digitalmars-d-announce
 <digitalmars-d-announce puremagic.com> wrote:

 On 2014-12-03 14:02, Martin Krejcirik wrote:
 
 Asking for D feature names in not good IMHO.

 
 I agree. I try the demo at got a question about what this 
 feature is called:
 
 auto u = new class M {};
 
 Exactly what is referred to here? The type inference or the 
 anonymous class? The answer is "anonymous class".

 besides, it's not "anonymous", it has a name!

The type is anonymous.

I agree that this is not a good question :) I'll remove it 
(probably along with the rest of the "name this feature" ones).

ketmar via Digitalmars-d-announce <digitalmars-d-announce puremagic.com> writes:

On Wed, 03 Dec 2014 20:22:31 +0000
Vladimir Panteleev via Digitalmars-d-announce
<digitalmars-d-announce puremagic.com> wrote:

 On Wednesday, 3 December 2014 at 20:19:34 UTC, ketmar via=20
 Digitalmars-d-announce wrote:
 On Wed, 03 Dec 2014 14:47:09 +0100
 Jacob Carlborg via Digitalmars-d-announce
 <digitalmars-d-announce puremagic.com> wrote:

 On 2014-12-03 14:02, Martin Krejcirik wrote:
=20
 Asking for D feature names in not good IMHO.

=20
 I agree. I try the demo at got a question about what this=20
 feature is called:
=20
 auto u =3D new class M {};
=20
 Exactly what is referred to here? The type inference or the=20
 anonymous class? The answer is "anonymous class".

 besides, it's not "anonymous", it has a name!

=20
 The type is anonymous.

so what that "M" after `class` means then? anonymous with a name,
that's cool! ;-)

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Wednesday, 3 December 2014 at 21:26:19 UTC, ketmar via 
Digitalmars-d-announce wrote:
 On Wed, 03 Dec 2014 20:22:31 +0000
 Vladimir Panteleev via Digitalmars-d-announce
 <digitalmars-d-announce puremagic.com> wrote:

 On Wednesday, 3 December 2014 at 20:19:34 UTC, ketmar via 
 Digitalmars-d-announce wrote:
 On Wed, 03 Dec 2014 14:47:09 +0100
 Jacob Carlborg via Digitalmars-d-announce
 <digitalmars-d-announce puremagic.com> wrote:
 auto u = new class M {};
 
 Exactly what is referred to here? The type inference or the 
 anonymous class? The answer is "anonymous class".

 besides, it's not "anonymous", it has a name!

 
 The type is anonymous.

 so what that "M" after `class` means then? anonymous with a 
 name,
 that's cool! ;-)

That's the name of the parent class :)

Jacob Carlborg <doob me.com> writes:

On 2014-12-03 23:39, Vladimir Panteleev wrote:

 That's the name of the parent class :)

Or interface, if I recall correctly.

-- 
/Jacob Carlborg

"MattCoder" <stopthespam mail.com> writes:

On Wednesday, 3 December 2014 at 13:02:35 UTC, Martin Krejcirik 
wrote:
 I think all code fragments should have just one exact answer 
 (like number or single word) a any programmer without specific 
 D knowledge should be able to answer them correctly. Asking for 
 D feature names in not good IMHO.

I agree.

Matheus.

Ary Borenszweig <ary esperanto.org.ar> writes:

On 12/2/14, 6:41 PM, Vladimir Panteleev wrote:

 Enter DCaptcha

I think this could work with just two or three variants of a question. 
Always ask what's the return value of the function.

1. int foo() { return 8 % 3; }

I don't think non-programmers know what that '%' symbol is, but 
programmers of any language would recognize this.

2. int foo() { int x = 8; x++; x++; return x; }

I don't think non-programmers would guess ++ is increment, but 
programmers most probably know it.

3. bool foo() { return 42 != 30 };

I don't think non-programmers know what "!=" is.

"Mike" <none none.com> writes:

On Wednesday, 3 December 2014 at 19:42:39 UTC, Ary Borenszweig 
wrote:
 On 12/2/14, 6:41 PM, Vladimir Panteleev wrote:

 Enter DCaptcha

 I think this could work with just two or three variants of a 
 question. Always ask what's the return value of the function.

 1. int foo() { return 8 % 3; }

 I don't think non-programmers know what that '%' symbol is, but 
 programmers of any language would recognize this.

 2. int foo() { int x = 8; x++; x++; return x; }

 I don't think non-programmers would guess ++ is increment, but 
 programmers most probably know it.

 3. bool foo() { return 42 != 30 };

 I don't think non-programmers know what "!=" is.

I had to maintain a technical forum last year that was getting 
spammed like crazy.  I added the question "how many bits are in a 
byte?", and the spam vanished.  Based on that experience, I think 
the bar can be set very low.

I prefer something like the examples above.  Honestly, I don't 
know what the names of many syntax features are, but I usually 
know how to use and interpret them.  But, one positive side 
effect of this is that if I ever do get challenged with a "what 
is the name of this feature?" question, I will finally be 
motivated to go look it up.

Mike

"Mike James" <foo bar.com> writes:

On Thursday, 4 December 2014 at 04:02:49 UTC, Mike wrote:
 On Wednesday, 3 December 2014 at 19:42:39 UTC, Ary Borenszweig 
 wrote:
 On 12/2/14, 6:41 PM, Vladimir Panteleev wrote:

...

 I had to maintain a technical forum last year that was getting 
 spammed like crazy.  I added the question "how many bits are in 
 a byte?", and the spam vanished.  Based on that experience, I 
 think the bar can be set very low.

Surely you mean "how many bits in an octet" ;-)

 I prefer something like the examples above.  Honestly, I don't 
 know what the names of many syntax features are, but I usually 
 know how to use and interpret them.  But, one positive side 
 effect of this is that if I ever do get challenged with a "what 
 is the name of this feature?" question, I will finally be 
 motivated to go look it up.

 Mike

ketmar via Digitalmars-d-announce <digitalmars-d-announce puremagic.com> writes:

On Thu, 04 Dec 2014 04:02:46 +0000
Mike via Digitalmars-d-announce <digitalmars-d-announce puremagic.com>
wrote:

 I had to maintain a technical forum last year that was getting=20
 spammed like crazy.  I added the question "how many bits are in a=20
 byte?"

six. am i failed?

Rikki Cattermole <alphaglosined gmail.com> writes:

On 4/12/2014 8:13 p.m., ketmar via Digitalmars-d-announce wrote:
 On Thu, 04 Dec 2014 04:02:46 +0000
 Mike via Digitalmars-d-announce <digitalmars-d-announce puremagic.com>
 wrote:

 I had to maintain a technical forum last year that was getting
 spammed like crazy.  I added the question "how many bits are in a
 byte?"

 six. am i failed?

Google is your friend.

https://www.google.co.nz/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=1+byte+to+bits

ketmar via Digitalmars-d-announce <digitalmars-d-announce puremagic.com> writes:

On Thu, 04 Dec 2014 20:31:47 +1300
Rikki Cattermole via Digitalmars-d-announce
<digitalmars-d-announce puremagic.com> wrote:

 On 4/12/2014 8:13 p.m., ketmar via Digitalmars-d-announce wrote:
 On Thu, 04 Dec 2014 04:02:46 +0000
 Mike via Digitalmars-d-announce <digitalmars-d-announce puremagic.com>
 wrote:

 I had to maintain a technical forum last year that was getting
 spammed like crazy.  I added the question "how many bits are in a
 byte?"

 six. am i failed?

=20
 Google is your friend.

why not Knuth? Knuth is my friend, and MIX byte is of 6 bits.

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Thursday, 4 December 2014 at 04:02:49 UTC, Mike wrote:
 I had to maintain a technical forum last year that was getting 
 spammed like crazy.  I added the question "how many bits are in 
 a byte?", and the spam vanished.  Based on that experience, I 
 think the bar can be set very low.

The Wiki had a similar question before DCaptcha. Got spammed.

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Wednesday, 3 December 2014 at 19:42:39 UTC, Ary Borenszweig 
wrote:
 On 12/2/14, 6:41 PM, Vladimir Panteleev wrote:

 Enter DCaptcha

 I think this could work with just two or three variants of a 
 question. Always ask what's the return value of the function.

 1. int foo() { return 8 % 3; }

 I don't think non-programmers know what that '%' symbol is, but 
 programmers of any language would recognize this.

 2. int foo() { int x = 8; x++; x++; return x; }

 I don't think non-programmers would guess ++ is increment, but 
 programmers most probably know it.

These are very similar to two of the existing challenges.

 3. bool foo() { return 42 != 30 };

 I don't think non-programmers know what "!=" is.

This one has the issue that it can have only two possible 
answers. Should one spammer learn that "true" is a possible 
answer, they can have 50% success solving this question. 
(Probably not an issue in practice, considering there are other 
challenges, though).

Faux Amis <faux amis.com> writes:

This has to be a joke!

I couldn't answer a single question:

 What is the name of the D language syntax feature illustrated in the following
fragment of D code?

 string a = x"5095 f9 95d723c2";

Seems like hex to me

 What is the name of the D language syntax feature illustrated in the following
fragment of D code?

 /+ t = w * g; /+ t = 47; +/ +/

Those look like comments to me

 What is the name of the D language syntax feature illustrated in the following
fragment of D code?

 auto h = new class C {};

Ah, finally one I understand. Wait, you want the name? No clue, have to 
look it up.

 What will be the return value of the following function?

 int b()
 {
   return iota(29).reduce!max;
 }

iota.. yeah I have heard of it, never used it though.

CAPTCHAs: Simple for humans, difficult for computer; Or the other way 
around apparently.



On Tue 02/12/2014 22:41, Vladimir Panteleev wrote:
 I'm sure you all are as tired of the occasional spam that hits these
 lists as I was deleting it. (Mailing list users in particular, I guess,
 since we can't delete an email once it was sent out.) Most of the spam
 was coming in through the forum, so I suppose I was responsible for
 [not] keeping it out.

 Although forum.dlang.org has had a spam check and used reCAPTCHA since
 it was announced, it is only somewhat effective against fully-automated
 bots - it is powerless against humans paid to post spamverts on forums
 web-wide, which is what the current spam economy seems to be gravitating
 towards.

 Enter DCaptcha, a question-answer challenge tailored for D programmers.
 Its goals are to challenge posters of suspicious-looking content with
 questions that should be easy to answer to D programmers, and impossible
 for non-technical people with no incentive to learn or research stuff
 (i.e. spammers). DCaptcha is already in use on the D wiki
 (wiki.dlang.org), with great success - DCaptcha's debut cut the
 short-lived explosion in wiki spam to zero.

 For an idea of what sort of questions DCaptcha asks, you can demo it on
 the following page, so you don't have to clutter the forum with test posts:

 http://wiki.dlang.org/extensions/DCaptcha/demo.php

 Source code:

 https://github.com/CyberShadow/dcaptcha

 Pull requests for more challenges are welcome. You can find some goals
 for new challenges at the top of dcaptcha.d.

 Previous discussion (w.r.t. the D wiki):

 http://forum.dlang.org/post/tpflbvlfutjwyvqmowdx forum.dlang.org

"Kagamin" <spam here.lot> writes:

On Thursday, 4 December 2014 at 02:29:39 UTC, Faux Amis wrote:
 This has to be a joke!

 I couldn't answer a single question:

 What is the name of the D language syntax feature illustrated 
 in the following fragment of D code?

 string a = x"5095 f9 95d723c2";

 Seems like hex to me

 What is the name of the D language syntax feature illustrated 
 in the following fragment of D code?

 /+ t = w * g; /+ t = 47; +/ +/

 Those look like comments to me

The test doesn't differentiate between human and robot. It tries 
to differentiate between human wanting to learn D and one not 
wanting.

"eles" <eles eles.com> writes:

On Thursday, 4 December 2014 at 08:20:27 UTC, Kagamin wrote:
 On Thursday, 4 December 2014 at 02:29:39 UTC, Faux Amis wrote:

 tries to differentiate between human wanting to learn D and one 
 not wanting.

the latter is just a myth...

"Paolo Invernizzi" <paolo.invernizzi no.address> writes:

On Thursday, 4 December 2014 at 10:39:25 UTC, eles wrote:
 On Thursday, 4 December 2014 at 08:20:27 UTC, Kagamin wrote:
 On Thursday, 4 December 2014 at 02:29:39 UTC, Faux Amis wrote:

 tries to differentiate between human wanting to learn D and 
 one not wanting.

 the latter is just a myth...

LOL

"MattCoder" <stopthespam mail.com> writes:

On Tuesday, 2 December 2014 at 21:41:28 UTC, Vladimir Panteleev 
wrote:
 Although forum.dlang.org has had a spam check and used 
 reCAPTCHA since it was announced, it is only somewhat effective 
 against fully-automated bots - it is powerless against humans 
 paid to post spamverts on forums web-wide, which is what the 
 current spam economy seems to be gravitating towards.

Coincidence? :)

http://googleonlinesecurity.blogspot.com.br/2014/12/are-you-robot-introducing-no-captcha.html

Matheus.

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Thursday, 4 December 2014 at 02:48:07 UTC, MattCoder wrote:
 On Tuesday, 2 December 2014 at 21:41:28 UTC, Vladimir Panteleev 
 wrote:
 Although forum.dlang.org has had a spam check and used 
 reCAPTCHA since it was announced, it is only somewhat 
 effective against fully-automated bots - it is powerless 
 against humans paid to post spamverts on forums web-wide, 
 which is what the current spam economy seems to be gravitating 
 towards.

 Coincidence? :)

 http://googleonlinesecurity.blogspot.com.br/2014/12/are-you-robot-introducing-no-captcha.html

Yep. I've heard about it, but it would still allow non-bot 
spammers in.

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

I removed all the harder challenges, so y'all can now stop 
complaining. Sorry.

There are now only 2 simple questions. Pull requests welcome.

"deadalnix" <deadalnix gmail.com> writes:

Hijacking this thread. Captcha is still not working on https :(

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Tuesday, 9 December 2014 at 18:23:26 UTC, deadalnix wrote:
 Hijacking this thread. Captcha is still not working on https :(

Sorry, had to revert to an earlier version due to an unrelated 
regression. It's back on reCaptcha now.

The new one should work on HTTPS once I'll find and fix the 
regression, though.

Martin Nowak <code+news.digitalmars dawg.eu> writes:

On 12/02/2014 10:41 PM, Vladimir Panteleev wrote:
 Although forum.dlang.org has had a spam check and used reCAPTCHA since
 it was announced, it is only somewhat effective against fully-automated
 bots - it is powerless against humans paid to post spamverts on forums
 web-wide, which is what the current spam economy seems to be gravitating
 towards.

Ha ha, my first thought was, can't you use something else than 
reCAPTCHA, which is also known for tracking.

Good idea, but the demo site is down right now :(.
http://wiki.dlang.org/extensions/DCaptcha/demo.php

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Thursday, 11 December 2014 at 00:35:13 UTC, Martin Nowak wrote:
 On 12/02/2014 10:41 PM, Vladimir Panteleev wrote:
 Although forum.dlang.org has had a spam check and used 
 reCAPTCHA since
 it was announced, it is only somewhat effective against 
 fully-automated
 bots - it is powerless against humans paid to post spamverts 
 on forums
 web-wide, which is what the current spam economy seems to be 
 gravitating
 towards.

 Ha ha, my first thought was, can't you use something else than 
 reCAPTCHA, which is also known for tracking.

 Good idea, but the demo site is down right now :(.
 http://wiki.dlang.org/extensions/DCaptcha/demo.php

Ah, fixed. Broke that when I updated to the easy version.

"Martin Nowak" <code dawg.eu> writes:

 Good idea, but the demo site is down right now :(.
 http://wiki.dlang.org/extensions/DCaptcha/demo.php

 Ah, fixed. Broke that when I updated to the easy version.

Nice one, failed the first try :).
You should probably reload on failure, or maybe only after the 
3rd attempt or so.
Looks like you ruled out at least half of the spammers.
http://blog.codinghorror.com/separating-programming-sheep-from-non-programming-goats/

"Vladimir Panteleev" <vladimir thecybershadow.net> writes:

On Thursday, 11 December 2014 at 11:04:09 UTC, Martin Nowak wrote:
 Good idea, but the demo site is down right now :(.
 http://wiki.dlang.org/extensions/DCaptcha/demo.php

 Ah, fixed. Broke that when I updated to the easy version.

 Nice one, failed the first try :).
 You should probably reload on failure, or maybe only after the 
 3rd attempt or so.

This is a very simple demo page (you can even see the answers in 
the HTML source code). The forum will give you a different 
question on a wrong answer, as well as invite the user to reload 
the page to get a different challenge.

Hopefully I can find the regression and make it live again soon.

Bill Baxter via Digitalmars-d-announce writes:

"""
What will be the return value of the following function?

int y()
{
  int d = 31, baz = 5;
  baz--;
  d /= baz;
  return d;
}

"""
Oh, the irony! Asking people to prove they're human by making them to
complete a task that is usually done by machines.  :-)

--bb

On Thu, Dec 11, 2014 at 4:26 AM, Vladimir Panteleev via
Digitalmars-d-announce <digitalmars-d-announce puremagic.com> wrote:

 On Thursday, 11 December 2014 at 11:04:09 UTC, Martin Nowak wrote:

 Good idea, but the demo site is down right now :(.
 http://wiki.dlang.org/extensions/DCaptcha/demo.php

 Ah, fixed. Broke that when I updated to the easy version.

 Nice one, failed the first try :).
 You should probably reload on failure, or maybe only after the 3rd
 attempt or so.

 This is a very simple demo page (you can even see the answers in the HTML
 source code). The forum will give you a different question on a wrong
 answer, as well as invite the user to reload the page to get a different
 challenge.

 Hopefully I can find the regression and make it live again soon.

Martin Nowak <code+news.digitalmars dawg.eu> writes:

On 12/11/2014 07:51 PM, Bill Baxter via Digitalmars-d-announce wrote:
 Oh, the irony! Asking people to prove they're human by making them to
 complete a task that is usually done by machines.  :-)

Let's hope the spammers don't get clever enough to let our machines 
(dpaste or drepl) solve that task for them.
You should add random syntax mistakes Vladimir ;).