GitLab OpenBeagle SPAM Sign-up

GitLab and Google Recapture is completely broken, so we end up with tons of new users with default permissions. So today users have to ping users in the forum.

GitLab / freedesktop does this: Explore groups · GitLab

Due to an influx of spam, we have had to impose restrictions on new accounts. Please see this wiki page for instructions on how to get full permissions. Sorry for the inconvenience.

Can we merge something similar?

Would some user want to jump on this an submit a procedure?

@RobertCNelson: I would love to help, but I’m unclear on what exactly it is that you want done…

We want a process as automated as possible to validate new users are human beings that have interest in engaging on-topic, but not so automated that spambots can exploit the process. The implementation documented at https://gitlab.freedesktop.org/freedesktop/freedesktop/-/wikis/home seems like a at least somewhat reasoned approach.

We are looking for someone to help us implement something like this.

Should we consider paying Cloudflare? I don’t like some of their practices. I have personally seen them[1] intercept google.com traffic, presumably to monitor search while under the auspices of performance.

[1] By “them” I mean it seems their DNS servers were the ones answering my cable modem’s requests based upon the reported IP address of the DNS servers.

I am with you on that 100%
Not sure what your exact needs are, would digitalocean cover your requirements?

Should we move this Sign-Up to Discord, for users to sign-in to Discord, request access in a special channel, that admin’s can monitor?

For reference we have 243 Pending Approvals, some are real, 80% are spam…

You will not get away from that regardless of the platform.

One solution is to voice message and enter a code, then a text security code, then a ping back on the email.

Its not unreasonable to ask for that level of vetting, our company email is choked to the point of totally useless. We bounce back a message to call to our office due to the spam, the ones that do are serious customers…

If prospective users can jump the hoops then it should be okay. Then you will also have a trail for LE to follow if they turn into bad actors. After the initial moat and draw bridge allow normal logins.

We live in sad sad times, where we need to spend time devising ever more elaborate
schemes to combat bad actors like this.
To think that some people have nothing better to do with their lives makes me very frustrated.

Don’t they have a rainforest to save somewhere or combat famine in Africa?!

A large portion of the nefarious activity can be directly attributed to leadership by example.

When you see the political corruption and big tech living VERY large while they have exploited others, can you really blame the bad actors for trying to get rich too. They are only called out for it because they are small and broke, a/k/a low hanging fruit. I most certainly do not approve of the bad actors, however when you do root cause analysis of their actions it is directly attributed to the actions of those above them, socially, politcally and economically.