2007-11-01 23:04:15.071372+00 by Dan Lyke 2 comments
So I'm seeing various spam with randomly generated strings, and I know I shouldn't say this publicly but I'm wondering if anyone's thought yet to take the Markov chains of a well trained spam filter and use those to create text strings that are as anti-spam as possible.
[ related topics: Interactive Drama Spam Monty Python ]
comments in ascending chronological order (reverse):
#Comment Re: made: 2007-11-02 00:50:26.917459+00 by: ebradway
I've recently been wondering if anyone has used a "crowd-sourcing" attack on those human-validators that require you to enter the string of obscured in a graphic. It seems that if you snagged each graphic and used it on a site you controlled, say of free porn or MS key-gen programs, you could get humans authenticating to your site to automatically validate a robot going into the original site.
But it's these kind of systems that use one signal as input into another system that usually escape common awareness.
#Comment Re: made: 2007-11-02 02:18:17.742529+00 by: Dan Lyke
My impression is that there are several such exploits in the wild, but my guess is that the reward for that is fairly small, like maybe subscribing to a Yahoo Groups or free mail account, or posting on a weblog, where other spam detection systems are in place that'd be harder to circumvent in conjunction with a CAPTCHA system (ie: just throttling requests from a given IP).