• Tiff@reddthat.com
          link
          fedilink
          arrow-up
          5
          ·
          1 year ago

          As I said in another comment. The captcha system was dependent on websockets, and exactly what the Devs have said, the captcha system was easy to break. I’m sure my old OCR python 2 code could have broken it.

          So when we ditched the inefficient websocket system the captcha system stopped working

      • Artemis@sh.itjust.works
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        What is the theory around the prevalence of bots? Is it people trying to snatch up desirable names or what?

        • Tiff@reddthat.com
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          Who knows. They are not even good names, the usernames are usually part of the email. It’s usually super easy to figure out. Captcha’s were dependent on web sockets, so once the Devs got rid of those the captchas broke anyway.

          Tinfoil hat mode With enough accounts you could influence the algorithm by voting up content you want vs content you don’t want. Or basically DDoS servers. As every like on a post for a community is sent to every other instance that federates with that community.

          Or it could be people creating accounts to inflate the numbers of the fediverse to write this content and make silly headlines like these.

        • Acetamide@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          1 year ago

          I think most of the bots at the moment don’t have any real purpose other than showing that it is possible to create so many bots. Gathering from posts on the subject and the modlog, many bots have far from a natural name in the form of [random word][long number]. I suspect many of these hots have been created by the same person and/or script.

          It will be a matter of time though before real problems start occuring if the sign up process does not become more secure. Fortunately, several pull requests exist for this at the Lemmy GitHub.