Big Drama Llamas…
User @th3raid0r@tucson.social posted a call to pressure the devs to return CAPTCHA support before v.0.18 arrives on the community !technology@beehaw.org.
Mixed response from users and beehaw admins.
Lemmy issue #2922 is where it was removed 2 weeks ago due to its effectiveness being limited, Lemmy issue #3200 is the issue where it is suggested to have it return. Repo maintainers are somewhat perceptive to reverting it but would be more willing to accept a full implementation of graphical CAPTCHA over the previous version.
Alternative links: https://lemmy.ca/post/793011, https://beehaw.org/post/667199. (Note that if you view from a defed instance with Beehaw you will only see a handful of comments).
Discussion welcome here.
I have an instance that I created just for testing the software. It’s not being used. In fact, since it’s for testing only, it’s not even federated (federation turned off) because I don’t want to inflict my testing on anyone else. Also, the URL is not published anywhere. Since it’s just for testing, I had it with open registrations. A couple of days ago I woke up to find twenty new accounts. Somehow spammers got to it (again, no federation, URL unpublished anywhere). My theory is that since it was lemmy.<domain> that they were trying that kind of subdomain randomly. Anyway, manually removing 20 accounts from Lemmy is a pain. Moderation tools in Lemmy are severely lacking yet. I mean, it’s alpha software, we know it’s still a work in progress, so some issues like this are to be expected. But my point is that they shouldn’t be removing the very few tools to prevent spammers that instance admins have.
I agree with that. Things change quickly too, what was not a problem at all 2 weeks ago (when the CAPTCHA removal PR was put in) is a big problem now as the Lemmy Threadiverse is more than 10x its previous size.
I wouldn’t put it past people probing every domain for lemmy using a dictionary attack and TLDs. (lemmyhub.site, lemmyclub.xyz, lemmystation.pictures, etc.)