Author

Topic: Suggestion: Make it just a little more difficult to create a new account. (Read 772 times)

copper member
Activity: 2562
Merit: 2510
Spear the bees
So then 'free' accounts would need longer timers than my suggested amounts.

And it may just succeed in normal good people saying fuck it. I won't bother.
That's the thing: when considering the implementation of new regulation or wide-scale changes, we should consider whether it's worth affecting every single person in order to stop a few. It makes it even more difficult to introduce some policy if there is an easy way of bypassing it, which makes our anti-abuse process turn into a game of cat & mouse.

What is the real intent of this?
What are the gains, and will they be temporary or permanent?
Are they worth making it more difficult for new users to register?

Questions to consider.
full member
Activity: 1134
Merit: 105
Implement guest/anonymous posting with no account IMO..
That was possible when the forum started (Anonymous Guest or Guest with name). My guess is it was disabled to reduce spam.



Many websites make it difficult to use them. More and more sites even require an account to be able to read something, some forums require an account to see posted attachments, and the last site I joined took several weeks to approve my account. I'm with theymos on this: these barriers are terrible! Most of the time I leave the site. Don't make it harder for real users!

These restrictions are mostly found when we join facebook groups where they want us to read or view video or perform a little survey before joining. This is just annoying and does not suit a forum which is about bitcoin and decentralized currencies. We already have enough measures in control so after making the account no one can misuse the system.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Implement guest/anonymous posting with no account IMO..
That was possible when the forum started (Anonymous Guest or Guest with name). My guess is it was disabled to reduce spam.



Many websites make it difficult to use them. More and more sites even require an account to be able to read something, some forums require an account to see posted attachments, and the last site I joined took several weeks to approve my account. I'm with theymos on this: these barriers are terrible! Most of the time I leave the site. Don't make it harder for real users!
legendary
Activity: 2296
Merit: 2262
BTC or BUST
Implement guest/anonymous posting with no account IMO..

Less barriers to free speech please and ty..  Wink
legendary
Activity: 3472
Merit: 1722
No, clearly. But the idea is to slow them down, not to stop them.
I'd add something extra: allow creation of only one account per computer/user/browser. Yeah, it's also weak, but it'll earn a few extra seconds too.

And as long as the forum keeps IP logs, I find all the discussion about extra privacy rather useless. I believe that the ones who want to enforce their privacy will research/know what to do with or without the mail confirmation requirements.

IP addresses aren't stored indefinitely, though.

https://bitcointalk.org/privacy.php

Some among the most clueless and/or careless of users might still want to have a little bit more anonymity, too.
legendary
Activity: 4256
Merit: 8551
'The right to privacy matters'
-snip-If you want to do things fast you can give money and a traceable confirmed email.

So fast sign up is money and verified email.

Slow unknown is play the adding and timing game.
Here's the crutch:

Assume we do implement the system of "wait and calculate" where we use numbers. Actually, let's make this a steel man and say there's a bit more involvement. If there is any route for this to become automated (I have seen data entry for captchas et al from years ago) then it absolutely will be - your bottleneck is not the wait time. One would need to determine the identity of the user that is registering the accounts, otherwise you could just open the registration in a different session (i.e. switching IP/fingerprint/etc).

This is what happens when the account spammers decide to attack your method: they take the 5 minute hit, and then start pumping out accounts past that point since concurrent registration is possible.

Which would be only worth while to do if coins take a bull run again.

I have a lot of pc's with different ip's scattered about nj

Lets say I want to make 15 'fake' anon accounts a day .
 I need 3 pc's doing it on 3 ip's I have 3 separate tips and internet accounts.
so there is the setup time.
Writing a script to do it.
 Once I do 3 on my ip i have to reset my ip's if i don't want to pay for owning an evil ip. 
Yeah I could do it at no gear cost as I have the gear.

I have separate pc's and internet services.

In fact i don't need a scrypt I could manually do 3 at a time using teamviewer for 2 not in my house and 1 using my house's ineter net.

So yeah 30 minutes to maybe 60 minute a day.  I could do 9 accounts.

I would think a lot of people have access to many more internet accounts then I do.

So then 'free' accounts would need longer timers than my suggested amounts.

And it may just succeed in normal good people saying fuck it. I won't bother.

copper member
Activity: 2562
Merit: 2510
Spear the bees
-snip-If you want to do things fast you can give money and a traceable confirmed email.

So fast sign up is money and verified email.

Slow unknown is play the adding and timing game.
Here's the crutch:

Assume we do implement the system of "wait and calculate" where we use numbers. Actually, let's make this a steel man and say there's a bit more involvement. If there is any route for this to become automated (I have seen data entry for captchas et al from years ago) then it absolutely will be - your bottleneck is not the wait time. One would need to determine the identity of the user that is registering the accounts, otherwise you could just open the registration in a different session (i.e. switching IP/fingerprint/etc).

This is what happens when the account spammers decide to attack your method: they take the 5 minute hit, and then start pumping out accounts past that point since concurrent registration is possible.
hero member
Activity: 2436
Merit: 877
Such junk accounts would likely get nuked eventually.
Or sold, although that isn't likely to happen these days since it would take a monumental effort to rank up multiple accounts from scratch.  And given that it is in fact almost impossible to farm accounts since the introduction of the merit system, I don't really think we need to make it more difficult for anyone to register here.  I'm not even sure people are creating 20, 30, or 100 accounts like they were back in 2015-17 when all it took to rank them up was to post regularly. 

Having a bunch of Jr. Member accounts doesn't really get you all that much nowadays, right?  I guess you could still participate in bounties, but the whole reason people were farming accounts a few years ago was to maximize earnings for signature campaigns if I'm not mistaken--and the only way a newcomer can hope to control a Hero or Legendary account right now is if they buy one. 



There is no reason for anyone to create multiple accounts or bulk accounts because they wont be able to rank up. There might be few people who still making accounts to participate in the bounties but even if they are doing it, they are just wasting their time and efforts.
If anyone wants to earn money from bounty or campaigns, a better option is to have a single account and focus on it to get high ranks. It takes a lifetime to rank one account from Newbie to Legendary now-a-days.
legendary
Activity: 4256
Merit: 8551
'The right to privacy matters'
Making new account harder to create will only scare genuine new people, and it will not stop scammers and spammers.
Even now lot of people report that they can't create account until they pay evil fee, as they probable use shared IP address.
But adding some sign up quiz random questions can maybe slow spammers down


answering 3 Questions that need a little research may work.

or better yet 3 math problems.
add three 3 digit numbers

111+123+140 =   374    

or four problems

add four 4 digit numbers

1001+1002+1003+1004 = 4010

Yeah have a script generate 4 random number tell the person add the 4.

once a correct answer is given have a 60 second clock count down to next set of four 4 digit numbers

This wouldn’t be difficult to implement, but it also would not be difficult to bypass via a bot parsing the numbers being displayed and solving the problem. Parsing handwritten numbers is considered the “hello world” of neural networks (machine learning models often used on images), and the bar to beat this countermeasure would be low.

The only real way to prevent bots from solving problems is to use a Adversarial network that adds noise to images that the user needs to classify. This is difficult without knowing the model a potential adversary is using to classify the image via automation. 

It is not so much that the numbers can be added quickly as it is the delay from

question 1 correct answer to question 2
 correct answer to question 3
correct answer to question 4

the bot will have to wait 60 seconds to answer next question  it can not speed the delay of 60 seconds.

so that is 3 minutes no matter what.

you could also have a hidden timer.  say 5234 + 1284 + 7345 + 4567 = ?  a real human would have a calculator and add the 4 numbers in about 10 seconds to 30 seconds  the answer is 18430


So first question gives 4 numbers randomly  and randomly assigns a time slot to give answer in  30 to 55 seconds

so first question pops up  person adds 4 numbers and wait for time slot this is at least 30+ seconds.
then 1 minute timer for second question to appear.   now we are up to 90+ seconds add random time slot we are past 2 minutes

wait 1 minute to see third question assign random time slot  3 minutes and 30=50 seconds more and 4 minutes time minimum has past.

wait 1 minute for last question up to 5 minutes assign random time slot and close to 6 minutes to do a free unknown account.

If you want to do things fast you can give money and a traceable confirmed email.

So fast sign up is money and verified email.

Slow unknown is play the adding and timing game.
legendary
Activity: 2114
Merit: 2248
Playgram - The Telegram Casino
I'm not even sure people are creating 20, 30, or 100 accounts like they were back in 2015-17 when all it took to rank them up was to post regularly. 
I also don't think so, the period you cited was when Bitcoin had the most buzz around it and ICOs were benefiting from the hype, hence creating multiple low-ranked accounts on the forum must have been productive as some of the ICO bounties I've seen accepted Jr members who did not need a single merit to rank up even after the merit system was initiated.

The buzz of that period have quietened down and ICOs are not as popular anymore, the enhanced newbie restrictions has also worked to limit the growth of account farms, there may still be a few from back then, but it's a diminishing system.
legendary
Activity: 3500
Merit: 6981
Top Crypto Casino
Such junk accounts would likely get nuked eventually.
Or sold, although that isn't likely to happen these days since it would take a monumental effort to rank up multiple accounts from scratch.  And given that it is in fact almost impossible to farm accounts since the introduction of the merit system, I don't really think we need to make it more difficult for anyone to register here.  I'm not even sure people are creating 20, 30, or 100 accounts like they were back in 2015-17 when all it took to rank them up was to post regularly. 

Having a bunch of Jr. Member accounts doesn't really get you all that much nowadays, right?  I guess you could still participate in bounties, but the whole reason people were farming accounts a few years ago was to maximize earnings for signature campaigns if I'm not mistaken--and the only way a newcomer can hope to control a Hero or Legendary account right now is if they buy one. 

copper member
Activity: 1652
Merit: 1901
Amazon Prime Member #7
This wouldn’t be difficult to implement, but it also would not be difficult to bypass via a bot parsing the numbers being displayed and solving the problem. Parsing handwritten numbers is considered the “hello world” of neural networks (machine learning models often used on images), and the bar to beat this countermeasure would be low.
Any arithmetic or word re-entry question would be an easy workaround for account spammers. Specific image recognition is harder considering one would have to have input material to gauge the data. I certainly wouldn't mind a "this IP is evil" marker ere to account registration, though: you might say that it would be a tool better used by those that are mass-creating accounts, but given that the difference for them is changing usernames and exit node connections for their network, I think the benefits are more in the Newbies' favor.

What would your reaction be, if your first experience signing up to the forum was to be slammed in the face with a paywall? There goes that username, by the way... unless you want to pay up!
It is not difficult to classify images using a neural network. Take a look at this competition in kaggle. Data scientists created models to classify pictures of flowers into one of 100 different types of flowers. I don’t think even most flower experts would be able to classify flowers as well as some of the models created were able to. There are publicly available models that can classify images into one of a broad range of categories.

I don’t think it is unreasonable to have a cheap paywall for certain IP addresses. Most people are able to pay a few dollars to sign up for a forum account, but this is prohibitively expensive for a spammer signing up hundreds/thousands of accounts.
full member
Activity: 1134
Merit: 105
One can create 30 accounts here in probably 5 minutes or less.  There isn't even an email confirmation needed to create an account so one can just put in a random anything.  At least confirm someone's registration email actually exists. I think that will help avoid a lot of junk users.  Def not foolproof but way better than not even confirming an email one uses even if it's a "throwaway" email.



As far as I know you cannot create 30 accounts at the same time and that too in 5 mins  Cheesy A super human can be that fast.

If you are using a clean IP, after creating 3 or 4 accounts you will get an IP ban (Evil IP) on the account and to activate those accounts you need to pay a small portion of bitcoins. So you have to pay for those accounts if you want to post from them.
copper member
Activity: 2562
Merit: 2510
Spear the bees
This wouldn’t be difficult to implement, but it also would not be difficult to bypass via a bot parsing the numbers being displayed and solving the problem. Parsing handwritten numbers is considered the “hello world” of neural networks (machine learning models often used on images), and the bar to beat this countermeasure would be low.
Any arithmetic or word re-entry question would be an easy workaround for account spammers. Specific image recognition is harder considering one would have to have input material to gauge the data. I certainly wouldn't mind a "this IP is evil" marker ere to account registration, though: you might say that it would be a tool better used by those that are mass-creating accounts, but given that the difference for them is changing usernames and exit node connections for their network, I think the benefits are more in the Newbies' favor.

What would your reaction be, if your first experience signing up to the forum was to be slammed in the face with a paywall? There goes that username, by the way... unless you want to pay up!
copper member
Activity: 1652
Merit: 1901
Amazon Prime Member #7
Making new account harder to create will only scare genuine new people, and it will not stop scammers and spammers.
Even now lot of people report that they can't create account until they pay evil fee, as they probable use shared IP address.
But adding some sign up quiz random questions can maybe slow spammers down


answering 3 Questions that need a little research may work.

or better yet 3 math problems.
add three 3 digit numbers

111+123+140 =   374    

or four problems

add four 4 digit numbers

1001+1002+1003+1004 = 4010

Yeah have a script generate 4 random number tell the person add the 4.

once a correct answer is given have a 60 second clock count down to next set of four 4 digit numbers

This wouldn’t be difficult to implement, but it also would not be difficult to bypass via a bot parsing the numbers being displayed and solving the problem. Parsing handwritten numbers is considered the “hello world” of neural networks (machine learning models often used on images), and the bar to beat this countermeasure would be low.

The only real way to prevent bots from solving problems is to use a Adversarial network that adds noise to images that the user needs to classify. This is difficult without knowing the model a potential adversary is using to classify the image via automation. 
legendary
Activity: 1918
Merit: 3047
LE ☮︎ Halving es la purga
I do not think the problem is a new account, but the use that is given to each one, if!.So is only a matter of time to determine who is misusing the accounts, how kindly the forum allows.

The forum has its rules and in the practical it is the best defense for useless accounts or those who want to cheat, I think it is preferable to motivate users to make reports to the moderator.
legendary
Activity: 4256
Merit: 8551
'The right to privacy matters'
Making new account harder to create will only scare genuine new people, and it will not stop scammers and spammers.
Even now lot of people report that they can't create account until they pay evil fee, as they probable use shared IP address.
But adding some sign up quiz random questions can maybe slow spammers down


answering 3 Questions that need a little research may work.

or better yet 3 math problems.
add three 3 digit numbers

111+123+140 =   374    

or four problems

add four 4 digit numbers

1001+1002+1003+1004 = 4010

Yeah have a script generate 4 random number tell the person add the 4.

once a correct answer is given have a 60 second clock count down to next set of four 4 digit numbers

so time delay between the random generated math problems

slow it down

1 wait 60 second for second
2 wait 60 second for third
3 wait 60 second for fourth

that is 3 minutes and the added time to add the four problems up so  5 or more minutes to do an anonymous email account

seems pretty doable but as I have said before I can't code and have zero idea how hard this would be to code.

it would make for a delay for every new account.
Every new account could still be  anonymous!
legendary
Activity: 3696
Merit: 2219
💲🏎️💨🚓
I like this forum because we are many, if our population is reduced to thousands from the present millions,

Although there are well over two million (and closing in on three million) registered users here on bitcointalk, the actual numbers of day-to-day participation is closer to around ten thousand UID's (and that includes all the scammers with the farmed accounts)
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
In my opinion, the merit system is enough to shapen this forum, even  creating two accounts will be hard for newbies to develop, it takes time to even develop one account to Hero rank not to talk of Legendary. Most of the new accounts are for bounties but if not for bounties, it will be hard for a single person to develop two accounts.

I like this forum because we are many, if our population is reduced to thousands from the present millions, this forum will actually not be in balance, many signature campaigns will leave, many people will not be able to join or register for bounty campaigns, in a negative feedback, many of us will leave, the members will reduce until Bitcointalk fold up.
legendary
Activity: 3696
Merit: 2219
💲🏎️💨🚓
Another suggestion I'd agree with is to withdraw the Copper Membership in it's entirety - Newbies just see it as a fast track to post with images and then boost their accounts with bells and whistles while lacking substance in their posts.
They risk losing $24 by buying a Copper Membership and getting it banned. I don't think they'll keep buying new Memberships.

You can make $24 in one week participating in a SigCamp.

Registering by email or phone number will not solve the problems with fraud. There are many services on the Internet with temporary emails and phone numbers, they are either free or very cheap.

Not to mention the temporary phone number services already offered here in the bitcointalk forum "services" sub-section and probably other places, less obvious.
full member
Activity: 1232
Merit: 186
Registering by email or phone number will not solve the problems with fraud. There are many services on the Internet with temporary emails and phone numbers, they are either free or very cheap.
Yeah you're right. It really seems that it doesn't make any contributions at all because at the end of the day the fraudsters will always find a way but I don't see with improving the forum's system as well. So why not Cheesy? Fraudsters might not be affected but I think spammers will do. They may realize that undergoing several stages just to make an account for spamming is not worth of their time anymore — this means less pollution inside.
legendary
Activity: 1932
Merit: 4602
Buy on Amazon with Crypto
One can create 30 accounts here in probably 5 minutes or less.  There isn't even an email confirmation needed to create an account so one can just put in a random anything.  At least confirm someone's registration email actually exists. I think that will help avoid a lot of junk users.  Def not foolproof but way better than not even confirming an email one uses even if it's a "throwaway" email.
Registering by email or phone number will not solve the problems with fraud. There are many services on the Internet with temporary emails and phone numbers, they are either free or very cheap. One user said a brilliant phrase: “Why make scammers smarter?”
A fraudster can create a new account, but he still uses old accounts on social networks. It will be caught and painted in red.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Another suggestion I'd agree with is to withdraw the Copper Membership in it's entirety - Newbies just see it as a fast track to post with images and then boost their accounts with bells and whistles while lacking substance in their posts.
They risk losing $24 by buying a Copper Membership and getting it banned. I don't think they'll keep buying new Memberships.
legendary
Activity: 3696
Merit: 2219
💲🏎️💨🚓
Another suggestion I'd agree with is to withdraw the Copper Membership in it's entirety - Newbies just see it as a fast track to post with images and then boost their accounts with bells and whistles while lacking substance in their posts.
sr. member
Activity: 1918
Merit: 370
If performing the simple task of verifying your registration email is to difficult for someone they are going to have a real hard time getting involved in crypto or anything in life for that matter. Sandy's point is valid, considering the only people this would really affect are people creating multiple low level accounts for spamming, or posting malware links.

But would e-mail verification really stop them? Even if the forum started requiring a unique e-mail address for each account - creating an e-mail address requires less effort than passing the captcha. Just add "+" to gmail.
I couldn't agree more on this, the only way to catch them all is on the inside which is from the forum. A person can register a single phone number for 5 gmail accounts, so it would just take 6 sim cards to possibly create 30 accounts in the forum. I think we need active members that is constantly reporting any suspicious action or shilling posts, it's not just the moderators work to find these people right ?

I also think that not all new registrants do not want to add contribution but just to read some discussions in here, I think we should have a guest membership?
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
I remember when I was newbie, I couldn't do a thing without waiting every few minutes in between. Although, email confirmation would be helpful but don't think it's much harmful in current stat. Newbie accounts will have to work up to do anything on the forum.

When I was a newbie, after making a post, I switched to searching for another interesting topic to read and did not have to wait before making new post. Dont know why waiting 120 sec before making another post is a problem. I think that is enough time to superficially go through the topic and post, but if reading carefully (what is why newbies should do, instead of just reading last post in topic and quote), then time gap between posts is not a problem at all.

If we talk about normal beginners who come to the forum with pure intentions, then they do not pursue the number of writing posts. These people first read, and if they happen to add or supplement something, only then they write.
But if we talk about those who open new accounts in order to rock the account, then of course 120 seconds is not enough for them. Thoughts about future millionaire bounty companies rush them to write all kinds of garbage.

Actually getting 1 merit is not that hard. Allowing Jr.Members in signature bounty will start signature spam/shitposting just to meet weekly minimum required. I'm 200% sure in that.

And here I can bet. If we talk about bounty hunters, then these people, except for bounty reports, write nothing clever. There are accounts with activity by the age of the legend, but they do not have single merit.

https://bitcointalk.org/index.php?topic=5219641.40
legendary
Activity: 2492
Merit: 1215
I remember when I was newbie, I couldn't do a thing without waiting every few minutes in between. Although, email confirmation would be helpful but don't think it's much harmful in current stat. Newbie accounts will have to work up to do anything on the forum.

When I was a newbie, after making a post, I switched to searching for another interesting topic to read and did not have to wait before making new post. Dont know why waiting 120 sec before making another post is a problem. I think that is enough time to superficially go through the topic and post, but if reading carefully (what is why newbies should do, instead of just reading last post in topic and quote), then time gap between posts is not a problem at all.
hero member
Activity: 2520
Merit: 952
I remember when I was newbie, I couldn't do a thing without waiting every few minutes in between. Although, email confirmation would be helpful but don't think it's much harmful in current stat. Newbie accounts will have to work up to do anything on the forum.
legendary
Activity: 3696
Merit: 2219
💲🏎️💨🚓
SMF has the capabilities to do email verification at the time of registering along with questions/answers and enter text in a box, waiting times after registering (then again a scammer will be in no hurry) even waiting for approval from a mod/admin - those kinds of capabilities can be enabled with just a few key strokes by an admin/mod.

Suggesting a white list or similar brings us backwards to the very early mega threads "please sir, can I be whitelisted?"

There are units of evil (or, at least there *was*) for those utilising the same IP to register too many UID's too quickly, but if they are spaced out time-wise then that's not a concern for scammers.

All of the things that can prevent scammers creating scores of UID's have been quietly disabled over time.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Instead of verifying that the email exists, it would be a better idea to implement a waiting period between registrations, like 5 or 10 minutes long. Maybe such a waiting period already exists, as I'm not willing to create a bunch of accounts to test this.
sr. member
Activity: 1232
Merit: 379
I think over this in time why new registrants aren't asked for email confirmation to reduce spammers, scammers, noise making but probably that's not the aim of the forum as stated by theymos. In other perspectives, despite email confirmation, fraudulent users can still make some silly approaches, dropping some irrelevant links and all sorts of nonsense in the community.
So allowing accounts to be registered without confirmation via mails justifies the purpose of the forum, as it maintain her economic, cultural value of the forum.
legendary
Activity: 2492
Merit: 1215
I don’t think any campaigns have accepted newbies in years. It has been nearly as long since any campaign has accepted junior members, and it is very unusual for a campaign to accept members...

2 years ago there were plenty of campaigns, that accepted newbies for signature campaign. I've even had a topic with them Top signature campaigns for NEWBIE

As for Jr.Member - bounty managers do not accept Jr.Member usually now, but if a projects manages bounty campaign by themselves, they usually accept everyone.

If campaign managers start to accept only Jr Members+, that would reduce this problem as you need at least 1 merit to become Jr...

Actually getting 1 merit is not that hard. Allowing Jr.Members in signature bounty will start signature spam/shitposting just to meet weekly minimum required. I'm 200% sure in that.
legendary
Activity: 1919
Merit: 1230
AKA Ms-overzealous-condecsending-explitive-account
Well, it wouldn't affect EVERYONE just those creating a lot of accounts at once. For the "real" new user it would take an extra 30 seconds to go to their email and click on a link. 99.9% of all websites do it so it probably isn't too much inconvenience for those people since they would only do it once.
You will have the arbitrary number of "lots of accounts being made" in your implementation. The use of mass email creation has been around for years and that will not change any time soon: you essentially make it slightly trickier for account spammers.

What does it prove? What is the intent of the email verification, and how does it resolve the problem? Or does it just merely shift the issue to a different problem?

Well, it's not meant to "prove" anything other than to make it just a small bit more difficult to create multiple accounts.  I just don't see the big deal for asking someone to verify an email they post as it just makes it a bit more inconvenient for those trying to create a lot of accounts in minutes maybe think twice. As I said before virtually every forum does it. The legit forum user will only be inconvenienced ONCE. It's not the ability to CREATE mass emails it's making it harder for that person to have to go find that mass created email he used to create the account, click on it and be verified.

WHY then even the need to enter an email as anyone can enter a random bunch of letters with dot something after it and still have forum access?  Email entry should then be totally eliminated under the "no need to confirm it exists" method of operation.


I wouldn't mind if there were some minor restrictions put in place for Newbies such as being required to buy a Copper Membership or having to gain 1 merit in order to create topics in the following sections: Goods, Services, Currency exchange, Gambling, Lending, Securities, Auctions, Service Announcements, and in all child-boards of these sections, Gambling discussion excepted.


I'll 2nd that!  Or +1 that!
copper member
Activity: 1652
Merit: 1901
Amazon Prime Member #7
I guess the thing is with captchas is they are too easily bypassed either through getting an automated service to do them for you
I don't believe that google reCaptcha can be bypassed via the use of a machine learning model (or ensemble of models). There may be some services that employ people from third world countries to solve reCaptcha's for next to nothing, but this is a cost.
I've seen them offered for a few dollars per thousand captchas.
In my list of usernames, there are 13937 usernames that start with "MrFudged" and several other usernames that have thousands of combinations. All current restrictions didn't stop these guys to create that many accounts.
The captcha was added in August 2017, while the accounts you cited were created on October 21, 2015 and the following day. I think my above explication would still apply.
sr. member
Activity: 1820
Merit: 436
One can create 30 accounts here in probably 5 minutes or less.  There isn't even an email confirmation needed to create an account so one can just put in a random anything.  At least confirm someone's registration email actually exists. I think that will help avoid a lot of junk users.  Def not foolproof but way better than not even confirming an email one uses even if it's a "throwaway" email.



Already forgot if registering needed an confirmation in your email, but if it not need. Then I guess we need to fix it a little bit.

Having at least a confirmation in the registration email could at least confirmed or verify if its really his email, if we don't have that everyone could just put anybody's email.

Of course, that could not stop other members from creating an alt account but still could at least secure emails.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
Limiting the registration of bots is very difficult to stop. No matter how many decisions are made to ban mass registration, all restrictions will be violated by scammers. Today I know the working telegram channels on which thousands of accounts of our forum are sold.
A good proposal was written limiting the acceptance in Bounties, due to which it is possible to some extent kill motivation to senselessly register a bunch of accounts. But today's Bounties are rarely promising, so managers accept everyone
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I guess the thing is with captchas is they are too easily bypassed either through getting an automated service to do them for you
I don't believe that google reCaptcha can be bypassed via the use of a machine learning model (or ensemble of models). There may be some services that employ people from third world countries to solve reCaptcha's for next to nothing, but this is a cost.
I've seen them offered for a few dollars per thousand captchas.
In my list of usernames, there are 13937 usernames that start with "MrFudged" and several other usernames that have thousands of combinations. All current restrictions didn't stop these guys to create that many accounts.



I don't think spam is that bad anymore though. There are much less posts being made than a few years ago, and I don't find long lists of spammers to ban anymore.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
But would e-mail verification really stop them?

No, clearly. But the idea is to slow them down, not to stop them.
I'd add something extra: allow creation of only one account per computer/user/browser. Yeah, it's also weak, but it'll earn a few extra seconds too.

And as long as the forum keeps IP logs, I find all the discussion about extra privacy rather useless. I believe that the ones who want to enforce their privacy will research/know what to do with or without the mail confirmation requirements.
copper member
Activity: 1652
Merit: 1901
Amazon Prime Member #7

I am also not sure what type of accounts you are concerned about. If someone is creating boatloads of accounts to farm/spam low quality posts with, they would still need to wait 6 minutes between posts initially.

I guess the thing is with captchas is they are too easily bypassed either through getting an automated service to do them for you or by bypassing it using the sound system that some of them offer. I'm not sure the best way of going about this. There's been quizzes that have been suggested in the past, which could have randomized answers. Although, even then this could eventually be automated by those that find it worthwhile to make new accounts.
I don't believe that google reCaptcha can be bypassed via the use of a machine learning model (or ensemble of models). There may be some services that employ people from third world countries to solve reCaptcha's for next to nothing, but this is a cost.

One other solution might be to put people in a modified newbie jail after say 7 posts unless they have been whitelisted. The mods (and maybe also merit sources, and maybe others) would review all newbie posts, and whitelist the account the post makes a sufficiently good post. Ideally, most new users would make posts at a slow enough pace (and mods will review posts quickly enough) so that users who are not posting junk will be able to make 8 posts without ever being in newbie jail. Those in modified newbie jail could buy a premium account (maybe at a cost that is less than a Copper Membership), or wait to get whitelisted (which may require they make additional posts in a subset of subs).
staff
Activity: 3304
Merit: 4115

I am also not sure what type of accounts you are concerned about. If someone is creating boatloads of accounts to farm/spam low quality posts with, they would still need to wait 6 minutes between posts initially.

I guess the thing is with captchas is they are too easily bypassed either through getting an automated service to do them for you or by bypassing it using the sound system that some of them offer. I'm not sure the best way of going about this. There's been quizzes that have been suggested in the past, which could have randomized answers. Although, even then this could eventually be automated by those that find it worthwhile to make new accounts.
legendary
Activity: 3472
Merit: 1722
I wouldn't mind if there were some minor restrictions put in place for Newbies such as being required to buy a Copper Membership or having to gain 1 merit in order to create topics in the following sections: Goods, Services, Currency exchange, Gambling, Lending, Securities, Auctions, Service Announcements, and in all child-boards of these sections, Gambling discussion excepted.
legendary
Activity: 2688
Merit: 2297
I don’t think any campaigns have accepted newbies in years. It has been nearly as long since any campaign has accepted junior members, and it is very unusual for a campaign to accept members...
Here
copper member
Activity: 2996
Merit: 2374
If campaign managers start to accept only Jr Members+, that would reduce this problem as you need at least 1 merit to become Jr..

It's more difficult to get a merit than to solve a captcha or create an email.
I don’t think any campaigns have accepted newbies in years. It has been nearly as long since any campaign has accepted junior members, and it is very unusual for a campaign to accept members...
legendary
Activity: 2688
Merit: 2297
If campaign managers start to accept only Jr Members+, that would reduce this problem as you need at least 1 merit to become Jr..

It's more difficult to get a merit than to solve a captcha or create an email.
copper member
Activity: 2562
Merit: 2510
Spear the bees
Well, it wouldn't affect EVERYONE just those creating a lot of accounts at once. For the "real" new user it would take an extra 30 seconds to go to their email and click on a link. 99.9% of all websites do it so it probably isn't too much inconvenience for those people since they would only do it once.
You will have the arbitrary number of "lots of accounts being made" in your implementation. The use of mass email creation has been around for years and that will not change any time soon: you essentially make it slightly trickier for account spammers.

What does it prove? What is the intent of the email verification, and how does it resolve the problem? Or does it just merely shift the issue to a different problem?
legendary
Activity: 3052
Merit: 1273
Nah, verifying email simply means it's gonna be attached to your identity and hence would kill the privacy you might want to have! Hence in my opinion, its a big no to this suggestion!

Lolz, how can it be "attached to your identity", dude? Are you doing a KYC check here? Be it this forum or the email itself, you can create both for free without even giving your real phone number (go buy a virtual number for verification dude). And I ROFL'd hard when you said that this would kill the privacy we want to have. Wow, so you've got anything better than this to stop those new (but fake) registrations that are just coming here with the sole purpose of making money or scamming? Don't tell me you'd rather ask for a KYC  Grin
legendary
Activity: 1919
Merit: 1230
AKA Ms-overzealous-condecsending-explitive-account
The captcha will probably prevent this many accounts from being created that quickly, especially if you include the time required to login for the first tine.

A solution to many junk/spam accounts might be to require a captcha for some of the first x posts at random unless the account is whitelisted.

I am also not sure what type of accounts you are concerned about. If someone is creating boatloads of accounts to farm/spam low quality posts with, they would still need to wait 6 minutes between posts initially.

I created 2 accounts in less than 20 seconds and was never asked for a captcha.  I was asked AFTER they were created when I logged back in from another device

Making new account harder to create will only scare genuine new people, and it will not stop scammers and spammers.
Even now lot of people report that they can't create account until they pay evil fee, as they probable use shared IP address.
But adding some sign up quiz random questions can maybe slow spammers down

THAT would be just as good a feature.

Any solution which impacts everyone in order to stop a few people probably needs some more work. Need to stop trying to implement regulations and rules, assuming that the target cannot adapt to them. It's not something that only happens once and is then something mass account creators can't learn to circumvent.

Surface-level patches don't fix the root problem.
Well, it wouldn't affect EVERYONE just those creating a lot of accounts at once. For the "real" new user it would take an extra 30 seconds to go to their email and click on a link. 99.9% of all websites do it so it probably isn't too much inconvenience for those people since they would only do it once. Of course it could be circumvented but that would take even more work. I'm pretty sure software like this would have a simple switch to turn the feature off or on already built in so it would require zero effort to enable it if it was wanted..

legendary
Activity: 2086
Merit: 1282
Logo Designer ⛨ BSFL Division1
Making new account harder to create will only scare genuine new people, and it will not stop scammers and spammers.
Even now lot of people report that they can't create account until they pay evil fee, as they probable use shared IP address.
But adding some sign up quiz random questions can maybe slow spammers down
copper member
Activity: 1652
Merit: 1901
Amazon Prime Member #7
One can create 30 accounts here in probably 5 minutes or less. 


The captcha will probably prevent this many accounts from being created that quickly, especially if you include the time required to login for the first tine.

A solution to many junk/spam accounts might be to require a captcha for some of the first x posts at random unless the account is whitelisted.

I am also not sure what type of accounts you are concerned about. If someone is creating boatloads of accounts to farm/spam low quality posts with, they would still need to wait 6 minutes between posts initially.
copper member
Activity: 2562
Merit: 2510
Spear the bees
Any solution which impacts everyone in order to stop a few people probably needs some more work. Need to stop trying to implement regulations and rules, assuming that the target cannot adapt to them. It's not something that only happens once and is then something mass account creators can't learn to circumvent.

Surface-level patches don't fix the root problem.
full member
Activity: 1022
Merit: 133
Nah, verifying email simply means it's gonna be attached to your identity and hence would kill the privacy you might want to have! Hence in my opinion, its a big no to this suggestion!
legendary
Activity: 1919
Merit: 1230
AKA Ms-overzealous-condecsending-explitive-account
If performing the simple task of verifying your registration email is to difficult for someone they are going to have a real hard time getting involved in crypto or anything in life for that matter. Sandy's point is valid, considering the only people this would really affect are people creating multiple low level accounts for spamming, or posting malware links.

But would e-mail verification really stop them? Even if the forum started requiring a unique e-mail address for each account - creating an e-mail address requires less effort than passing the captcha. Just add "+" to gmail.

Probably not worth it considering potential downsides. For example legitimate users getting their verification e-mails lost in spam filters. Or subverting the confirmations to email-bomb someone.
 Definitely would not STOP them but would slow them down. Even easy to generate random emails like protonmail would at least make them have to go through a few "inconvenient" time wasting steps to verify.  If 100% anonymity is what the goal is why even bother requiring registration of a username?  Just come on in, make a post and add a name as you go. Virtually 99% of websites require some sort of confirmation on signup even the ones whose sole purpose is nefarious.  Sure, it's easy to fake it but it makes one more inconvenient step.

hero member
Activity: 2184
Merit: 891
Leading Crypto Sports Betting and Casino Platform
One can create 30 accounts here in probably 5 minutes or less.  There isn't even an email confirmation needed to create an account so one can just put in a random anything.  At least confirm someone's registration email actually exists. I think that will help avoid a lot of junk users.  Def not foolproof but way better than not even confirming an email one uses even if it's a "throwaway" email.

As most have agreed, email verification isn't that a difficulty but rather a bit of a hard work for theymos and the forum's administration. Even if they make new accounts, what could they do to it? If there are a lot of spammers why not instead report them rather than making a suggestion that would do good only for nothing. If you really wanted to make a one account - one person policy, KYC is the best way to do it. Also, IP addresses can be detected hence once a user made accounts for that 5 mins, I don't think his accounts would even last a second after the management notices such suspicious activities.

But then avoiding junk users isn't the forum's responsibility alone, but rather our (users) choice as well if we would give an attention to those junk users or just rather let them play their own games.
hero member
Activity: 2352
Merit: 905
Metawin.com - Truly the best casino ever
There is no way to prevent spammers from registering, believe me, it will only make situation uncomfortable for those who really need to become a member of bitcointalk. There are a lot of email services that allow you to easily create a lot of email accounts. Well, even nothing to talk about that, if someone wants, he/she can buy very cheap domain and cheap hosting for 1-2$ month and get unlimited email accounts on particular domain.

Have you an example of any famous forum where they made registration hard and prevented spammers?

The one thing that you suggested is included here, so I guess Theymos would have a look on it: https://wiki.simplemachines.org/smf/Spam_-_my_forum_is_flooded_with_spam,_what_can_I_do

The restrictions that may work at some point are: 1 account per IP, using list proxy/vpn adresses. But again, that's uncomfortable and against privacy.

So, everything will be left the way it was before.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I've read before some other comments as well, i'll dig more when I have time.
Looking for this post?
The things on the forum which encourage spam are allowed mainly because it's part of the forum's mission to be as free as possible. Eg. banning bounties would undoubtedly reduce spam, but that'd be destroying an entire economy/population/culture which has been able to develop due to the forum's freedom. I am willing to take this sort of action, but only as an absolute last resort. It's always preferable to handle these problems by reshaping the environment to make them non-problems, rather than removing some freedom.

It's wonderful when someone is able to constructively do something on the forum instead of continuing with whatever they were expected to do under the status quo. Enabling that sort of thing is exactly why Bitcoin and this forum were created. Though bitcointalk.org is not a worldwide welfare organization, and people are not entitled to make money.

Limiting newbie participation is very harmful for a community. Newbie jail will never return: I consider the newbie-jail period to have been extremely damaging to the forum. When barriers to participation are too high, then the best people often just won't go to the trouble of joining, and the people who are willing to jump through the hoops are often people who aren't good for the community: people with nothing better to do, scammers, get-rick-quickers, etc. Having a permanent newbie jail policy would improve things a lot in the short-term, but would end up being a fatal poison to the community.

The low signal-to-noise is a real issue which seriously annoys me and is often on my mind. But as you mention, fixing it non-destructively is difficult.
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
Is that the actual reasoning behind why we don't have it though? I don't think I've seen theymos (or satoshi) mention that.
I don't see that mentioned either but that's the impression I get after reading some of the comments:
Reading that > https://bitcointalk.org/first_topics/4.pdf
gives me an impression that the email confirmation is only useful to prevent from spam but satoshi had a better option so the email verification was unnecessary.

Here it confirms it too>
Email verification is useless. Anyone with access to a domain name can receive an unlimited number of verifications until that service is blocked, and then they can move on to another domain name.

IP blocking works alright if you spend a lot of time building proxy blocklists, but SMF doesn't have the tools to do it properly.

So all is about freedom and anonymity, isn't it?

I've read before some other comments as well, i'll dig more when I have time.


Looking for this post?
Yes, IIRC there were a few places where anonymity was disscused. This was one of them.
legendary
Activity: 2954
Merit: 3060
Join the world-leading crypto sportsbook NOW!
I think it is far too easy for bots and spammers to create accounts here en masse, but bots and spammers could just as easily create email accounts en masse too, so it probably won't really do much apart from give them another hoop to jump through. It may deter some but not the worse offenders.

It's simple, there is no email confirmation just to keep a higher level of anonymity. No strings attached.
This was the real Satoshi vision (not referring to the scammy shitcoin here) - freedom and anonymity!
And theymos is following this vision greatly, except for the ClouldFlare drawback but there he has no other option to protect the forum from DDoS attacks.

Is that the actual reasoning behind why we don't have it though? I don't think I've seen theymos (or satoshi) mention that.
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
It's simple, there is no email confirmation just to keep a higher level of anonymity. No strings attached.
This was the real Satoshi vision (not referring to the scammy shitcoin here) - freedom and anonymity!
And theymos is following this vision greatly, except for the ClouldFlare drawback but there he has no other option to protect the forum from DDoS attacks.
legendary
Activity: 2128
Merit: 1775
email: not, prevent one person from creating an account at once in one day 30-40 accounts directly in this forum, gmail: provided on google for free.
Nobody knows how much Gmail you have right now, for sure.

If, the Forum creates rules and limits new accounts to one person for example: one person can use 1-3 accounts, which are officially owned by each member in this forum, by complying with all applicable rules, does not violate the existing rules in accordance with the wishes of the forum, maybe, this method can be done through a valid data process (KYC), but not sure, kyc can be applied by the admin in this forum.

Logically, kyc can limit anything, for anyone who wants to register anywhere, forum, bank, crypto market, crypto exchange etc.

Besides Kyc, Gmail: can not be limited for someone to do 'action' even though it must be confirmed and verified.
legendary
Activity: 3654
Merit: 8909
https://bpip.org
If performing the simple task of verifying your registration email is to difficult for someone they are going to have a real hard time getting involved in crypto or anything in life for that matter. Sandy's point is valid, considering the only people this would really affect are people creating multiple low level accounts for spamming, or posting malware links.

But would e-mail verification really stop them? Even if the forum started requiring a unique e-mail address for each account - creating an e-mail address requires less effort than passing the captcha. Just add "+" to gmail.

Probably not worth it considering potential downsides. For example legitimate users getting their verification e-mails lost in spam filters. Or subverting the confirmations to email-bomb someone.
legendary
Activity: 1554
Merit: 2037
But if the registration process get difficult, I think we would loss potential user too.
If performing the simple task of verifying your registration email is to difficult for someone they are going to have a real hard time getting involved in crypto or anything in life for that matter. Sandy's point is valid, considering the only people this would really affect are people creating multiple low level accounts for spamming, or posting malware links.
You can see it from time to time when a massive number of old threads you've commented in get bumped by some random post with a business link is spouting the same garbage, or multiple accounts at the same time.
legendary
Activity: 2114
Merit: 2248
Playgram - The Telegram Casino
I do not know what is the purpose of allowing any email which may not exist in registration process but it may be one of the reason of allowing anonymous details.
Using an email address which you think does not exist to register your account is risky, it's usually better to create a random email address for your account if you want it to stay anonymous.

One can create 30 accounts here in probably 5 minutes or less.
Creating 30 accounts is not against the forum rules per se. The forum is designed to be as free as possible and welcoming to new members. Such junk accounts would likely get nuked eventually.
legendary
Activity: 2156
Merit: 2100
Marketing Campaign Manager |Telegram ID- @LT_Mouse
I do not know what is the purpose of allowing any email which may not exist in registration process but it may be one of the reason of allowing anonymous details.
But if the registration process get difficult, I think we would loss potential user too. There is nothing wrong with having a lot of junk account, they are treated as per. But for getting rid of them, why would we make the process harder for the potential users?
legendary
Activity: 1919
Merit: 1230
AKA Ms-overzealous-condecsending-explitive-account
One can create 30 accounts here in probably 5 minutes or less.  There isn't even an email confirmation needed to create an account so one can just put in a random anything.  At least confirm someone's registration email actually exists. I think that will help avoid a lot of junk users.  Def not foolproof but way better than not even confirming an email one uses even if it's a "throwaway" email.

Jump to: