Hacker News new | past | comments | ask | show | jobs | submit login

Can you give an example of some of the "darker" projects?



Automated forum account creation/posting, blog comment spamming, craigslist account creation/posting to name a few.

Some other famous sites that are doing this since the mid 2000s - http://decaptcher.com

They integrate with just about every famous spam tool.

UPDATE: Automated Gmail, Yahoo, Hotmail account creation, etc. They create accounts in bulk and then spam through the gmail, yahoo, and hotmail accounts by tools that are being sold.


forum spamming is far too expensive if you're paying for captchas. There is an extremely famous/popular forum spamming software on the market (made by russians) that internally solves captchas.

If you're going to forum profile spam, you'll go broke paying for captchas.


Ok I stand corrected, the economics of paying for forum spamming does not make sense and the software you mentioned (I don't want to name it here) does solve many captchas automatically (It is even rumored to solve Google's captchas)

But for other stuff that I mentioned in my previous comment, it does make sense for them economically and they do use it.


I'm not sure why you wouldn't want to provide names or links here. I'm sure if HN users want to spam we're resourceful enough to figure it out for ourselves and for those of us who don't care to spam it would be helpful to see what we're up against.


Yes I did mean that. I didn't mean to insult the intelligence of HNers though. Just thought it wouldn't be prudent to mention here!


Oh you mean XRumer?


sure. Familiar with a link wheel? Basically creating accounts at major authority sites (wordpress.com, blogger, blog.com, etc) and then posting articles to those sites that link back to your site you're trying to rank for.

Using something like Celerity or Watir for Ruby, combined with this captcha service, you can essentially automate the entire process.

Building a bot to do something like that really teaches you a ton about how you would prevent such activity on your own systems.


> Building a bot to do something like that really teaches you a ton about how you would prevent such activity on your own systems.

Care to share some of what you've learned? Or is this an exercise left to the reader?


Two of the bigger ones:

1) if you're using a popular CMS platform, ELIMINATE ALL FOOTPRINTS. Change all url strings from the default, remove standard text/descriptions on signup and comment forms. Kill anything that can be scraped against the rest of the installs to hide your own sites from the scrapers the spammers use to find you.

2) Tap into distributed spam prevention systems. Akismet is probably the most popular example. Your single site will most likely miss the indicators of a spammer, but a system like Akismet can see the 10000 links all pointing to the same url in one hour and lock things down for you.

I've legitimately thought about doing a talk at a Wordcamp one day called "How I Spam You" that just walks people through how to spam wordpress, so they can then go protect their sites.


I bet the talk would be popular, even though you personally might not be :D




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: