string k = x"2e dd 203F";

This seems severely punishing to people trying to learn D, especially as a first programming language. Is that really the right approach?

On Wednesday, 3 December 2014 at 00:56:12 UTC, Brad Anderson wrote:
> On Tuesday, 2 December 2014 at 21:56:31 UTC, Vladimir Panteleev wrote:
>> [snip]
>>
>> I hope so too! The CAPTCHA only triggers on a spam check fail, which should not occur for normal forum content.
>
> I get the captcha every single time I post at home. I suspect it's because I'm on IPv6. Everything else about home and work is almost identical (same browser versions, same extensions, same ISP, same OS, almost the same hardware).

Right, that's because StopForumSpam can't understand IPv6, and we treated spam checking errors as spam just to be cautious. That should be fixed as of last night.

> No algorithms, no math. Just extremely basic stuff. Nobody, not even our weirdly efficient resident furniture spam bot is going to take the time to write a bot to answer a question like that.

As I said, it's not about bots any more. The wiki got flooded after one person solved the D-specific question, after which the old CAPTCHA became useless.

On Wednesday, 3 December 2014 at 01:48:57 UTC, krzaq wrote:
> Asking for feature names is a very bad choice, you're essentially excluding all beginners and it's almost impossible to google the answers (you want to exclude lazy uninterested humans, not all of them, right?).

The answers not being Google-able is a goal. The Wiki CAPTCHA was easily defeated when a spammer Googled the answer.

> For example, apparently calling the following a "raw string" or "raw string literal" is faux pas in the D language.

There are many acceptable answers for that question.

> As for math/algorithms, this one feels too advanced:
>> return iota(9).reduce!"a+b";

I could add links to DPaste and the #d IRC channel.

> tl;dr: waaaaaaaaaaay too difficult

Well, pull requests are welcome. However, I should add that the rate of false positives for spam detection is extremely low. Yesterday, four valid posting attempts were challenged with a CAPTCHA, and all were caused by StopForumSpam not understanding the IP address, which has now been fixed.

On 2014-12-02 22:41, Vladimir Panteleev wrote:
> I'm sure you all are as tired of the occasional spam that hits these
> lists as I was deleting it. (Mailing list users in particular, I guess,
> since we can't delete an email once it was sent out.) Most of the spam
> was coming in through the forum, so I suppose I was responsible for
> [not] keeping it out.
>
> Although forum.dlang.org has had a spam check and used reCAPTCHA since
> it was announced, it is only somewhat effective against fully-automated
> bots - it is powerless against humans paid to post spamverts on forums
> web-wide, which is what the current spam economy seems to be gravitating
> towards.
>
> Enter DCaptcha, a question-answer challenge tailored for D programmers.
> Its goals are to challenge posters of suspicious-looking content with
> questions that should be easy to answer to D programmers, and impossible
> for non-technical people with no incentive to learn or research stuff
> (i.e. spammers). DCaptcha is already in use on the D wiki
> (wiki.dlang.org), with great success - DCaptcha's debut cut the
> short-lived explosion in wiki spam to zero.
>
> For an idea of what sort of questions DCaptcha asks, you can demo it on
> the following page, so you don't have to clutter the forum with test posts:
>
> http://wiki.dlang.org/extensions/DCaptcha/demo.php

The "anonymous class" feature question, I was a bit stunned at first, before I saw what it actually was.

-- 
/Jacob Carlborg

On Wednesday, 3 December 2014 at 06:44:17 UTC, Vladimir Panteleev wrote:
> [snip]
> As I said, it's not about bots any more. The wiki got flooded after one person solved the D-specific question, after which the old CAPTCHA became useless.

Ah yeah, that's right. I forgot that was your goal. I'm still worried it'll turn people away though.

On Wednesday, 3 December 2014 at 06:52:23 UTC, Vladimir Panteleev wrote:
> On Wednesday, 3 December 2014 at 01:48:57 UTC, krzaq wrote:
>> [snip>
>> As for math/algorithms, this one feels too advanced:
>>> return iota(9).reduce!"a+b";

I think it's a pretty good (albeit slightly advanced) question. 9 is a bit high though. iota(4) would probably suffice.

> I could add links to DPaste and the #d IRC channel.

Both good ideas.

>> tl;dr: waaaaaaaaaaay too difficult
>
> Well, pull requests are welcome. However, I should add that the rate of false positives for spam detection is extremely low. Yesterday, four valid posting attempts were challenged with a CAPTCHA, and all were caused by StopForumSpam not understanding the IP address, which has now been fixed.

If it's that low than I'm not worried about it anymore. The captcha was just very familiar to me before you fixed the IP address problem.

On Wednesday, 3 December 2014 at 07:29:25 UTC, Jacob Carlborg wrote:
> The "anonymous class" feature question, I was a bit stunned at first, before I saw what it actually was.

i can't pass it too - only looking to sources.
i tried "auto type deduction", "type deduction" etc...
imho, "name of feature" - bad question choice.

On Tuesday, 2 December 2014 at 21:41:28 UTC, Vladimir Panteleev
wrote:
> Enter DCaptcha, a question-answer challenge tailored for D programmers. Its goals are to challenge posters of suspicious-looking content with questions that should be easy to answer to D programmers, and impossible for non-technical people with no incentive to learn or research stuff (i.e. spammers). DCaptcha is already in use on the D wiki (wiki.dlang.org), with great success - DCaptcha's debut cut the short-lived explosion in wiki spam to zero.

I think this is a bad idea because developers new to the language
will be turned away. Also i think a lot of these 'easy' questions
are just too hard. I've tried the demo and found it fustrating
that i need a few trys to get them right.

On Wednesday, 3 December 2014 at 08:24:46 UTC, Gary Willoughby wrote:
> On Tuesday, 2 December 2014 at 21:41:28 UTC, Vladimir Panteleev
> wrote:
>> Enter DCaptcha, a question-answer challenge tailored for D programmers. Its goals are to challenge posters of suspicious-looking content with questions that should be easy to answer to D programmers, and impossible for non-technical people with no incentive to learn or research stuff (i.e. spammers). DCaptcha is already in use on the D wiki (wiki.dlang.org), with great success - DCaptcha's debut cut the short-lived explosion in wiki spam to zero.
>
> I think this is a bad idea because developers new to the language
> will be turned away. Also i think a lot of these 'easy' questions
> are just too hard. I've tried the demo and found it fustrating
> that i need a few trys to get them right.

Got it. But we're not going back to reCAPTCHA either. I'm tired of deleting spam by hand.

Please suggest some ideas (or better, send pull requests).

On Wednesday, 3 December 2014 at 08:28:25 UTC, Vladimir Panteleev wrote:
> Got it. But we're not going back to reCAPTCHA either. I'm tired of deleting spam by hand.
>
> Please suggest some ideas (or better, send pull requests).

I got fed up of having spam on an old blog so i implemented a simple question, click on Darth Vader. Then i had lots of little images of film icons and would not post anything until Darth Vader was correctly selected. This sounds simple but the order of the images was randomised to stop bots and humans didn't seem to get it. Also if the wrong icon was selected, i presented a countdown on the page of 2 minutes letting them know this is a anti-spam measure and they can't post until the timer reached zero. Anyone managing to post spam to the blog was IP logged and always redirected to the countdown (once redirected and once the countdown reached zero it always reset forever to make it extremely frustrating for them). Yes you have to put in the effort to log IP's but i found there were very few persistent spammers. It honestly stopped all spam on my old blog.