TheSQLGuru (9/21/2014)
I'm not sure why you think Captcha or similar won't help/stop the attacks. Unless someone has come up with a way for the images to be properly recognized, that is.1) Force EVERY EXISTING USER to do a Captcha ONCE on the next login, then allow them to login and post as usual from that point forward. Give users a message as to why this action is being required once.
2) Force every NEWLY CREATED USER to do a Captcha before said user is actually created.
Would this not be workable?
As it is, SSC.com is being relegated to non-functionality and it won't take long for users to abandon it in droves (if that hasn't already happened).
Regarding captcha recognition, a google search for "captcha recognition tool" returend more links than I expected...
For the one-time solution there's a "hole": how about a user answer the captcha and then starts to send spam? For such a scenario, it doesn't matter if it's applied only to new users or to all listed users: neither approach would prevent using the login as a spam source starting after answering the captcha (programmatically or manually)...