View Full Version : Using Silverlight to deter spam
05-17-2010, 02:13 PM
Please share your thoughts. . .
My Contact page was getting spammed to death.
I do log visitors and IP addresses but that wasn't enough.
DASP offers some very cool tools to handle spam and tracking as well.
(Smarter Stats and Smarter Mail both have some very good features.)
I decided to add a static Silverlight image with a simply mouse click event.
I'm still getting contact Emails but the spam is down by a good 90%.
It appears these lower lifeforms are not willing to install Silverlight. :rolleyes:
05-17-2010, 02:55 PM
Great idea. Plus everyday Im becoming more and more a fan of Silverlight. :)
05-17-2010, 04:09 PM
Thx, Me too...If only what SL4 has came out of the gate at first. ;-)
05-17-2010, 05:50 PM
Its moving really fast. Before I even got a chance to look at Silverlight as the View in MVC, Silverlight went MVP then MVVM and RIA. I think I will be spending a lot of time in silverlight the next few months. Its really really cool. MVC on the other hand - I cant wait for it to go away :)
05-17-2010, 10:05 PM
An unexpected side effect of Silverlight content on a web page..very good.
As further measures you could perhaps consider using reCaptcha (http://recaptcha.net/plugins/aspnet/) and nobot (http://www.asp.net/ajax/ajaxcontroltoolkit/Samples/NoBot/NoBot.aspx) together. I suppose it's a trade off between getting rid of losers whilst not deterring genuine people but I think anyone who does want to get in touch, shouldn't mind typing a couple of verification words before sending their message.
05-18-2010, 05:03 AM
...Good notes mate.
The Contact page is using the ASP.NET RequiredFieldValidator.
I'm using Ajax on it so adding nobot is something I had considered.
To be honest, not sure if it's just my age, all of the Captcha methods are annoying.
(Yes I honestly do find it annoying to try and read those darn things.)
All the best,
05-18-2010, 09:18 AM
I think actually requiring Silverlight is a brilliant idea, as you stated, spammer won't want to install it. Don't they usually use scripts anyways to spam anyways? So if you have Silverlight, it should disable a lot of their functions and well.... they just won't want to use it.
I liked the Captchas before, but since they're so popular a lot of the spammers are able to get past those now a days, and as Wisemx stated, they are very annoying because I still can't read it sometimes lol.
+1 on the Silverlight on my book. I might even consider setting that up on one of my sites.
05-18-2010, 10:51 AM
...Good discussion going here gents, thanks.
I'd like to see an in-depth study about things like Captcha and eye color.
Having asked around for many years I already find developers with dark eyes like dark themes in VS.
My baby blue eyes lean more towards the old Borland IDE colors.
I've chatted with devs about the ASP.NET blog Captcha's being used...
At times I can't even make out some of them.
I really am curious if eye color has anything to do with this, especially on LCD screens.
All the best,
05-18-2010, 12:12 PM
I agree that captchas can be a pain but are a line of defense against spam & automated attack. Also I'm with Jose so far as it could be possible for a determined spammer to get past a captcha with OCR techniques though it's probably more likely for an army of low paid 3rd world hired hands to be more successful and cheaper than a spammer going to be trouble of developing an automated method to beat a system like reCaptcha.
Google seem to have confidence in reCaptcha since their acquisition in 09/09; personally I'm not convinced it's completely redundant but would go with the view that it is somewhat useful and not a silver bullet.
Another cheap and cheerful approach might be to include an input text on the page that's hidden via css. If this input gets populated then it can be considered to have been populated by some automated script and the form data can safely be ignored. It won't deter all automated scripts but could catch some.
05-18-2010, 01:03 PM
...That hidden method does work, I used to do that with Dreamweaver.
I'm an admin on dotnetkicks and we recently caught someone using that method for spamming incoming visitors, it was a PHP site with some very tricky CSS.
My prediction is we are about to see some HTML5 hacks against site visitors.
Yes I'm going to fault Google for that. :-)
it's probably more likely for an army of low paid 3rd world hired hands to be more successful and cheaper than a spammer going to be trouble of developing an automated method to beat a system like reCaptcha.That is exactly how they spam forums and blogs that use reCaptcha. Human eyes. But the average dork spammer can't afford to do that, so reCaptcha weeds out tons of trash.
I can give you a pretty convincing picture reCaptcha at work. These are stats for a forum that started in January of 2006. It had typical growth for about a year and a half, then spammers found it. By the first quarter of 2008 the spammers were becoming a drag to deal with every day, so at the end of April I turned on reCaptcha:
Picture, thousand words, etc.
08-25-2010, 04:10 PM
I'm trying to do the validation step 2 for reCAPTCHA in the link you provided.
Do I have to use the Visual Web Studio, or can I just create new folder with path on root?
vBulletin® ©Jelsoft Enterprises Ltd.