perl script to annoy spammers
Steve Poling
sdpoling at attbi.com
Tue Feb 4 23:46:47 CST 2003
As for corporate types like Rapist, i could care less. I thought of using a true type font
with this hack for prettiness sake, but thought it didn't contribute enough to justify the
hassle. This is PROTOTYPE code to demonstrate the idea and gauge its utility. The
technique is not intended for corporate types, but your teenage nephew who's got a web
page of Quake cheat codes.
I plan to put this on a web page of mine (steve.poling.info) as a freebie web app and
>>>>1) convert input text string to a bitmap.
>>>>2) randomly jizzle the individual letter positions
>>>>3) xor a patterned background
>>>>4) blast some random lines atop the letters
>>>>5) generate a bmp, gif, png output file.
>>>>6) mail the file to the specified address.
>>>>7) sell the address to spammers???? Horrors, NO!
Martin L. Shoemaker wrote:
> Interesting. I'm pretty perl-illiterate; but your style was clear enough
> for me to figure out what you were up to about half way through. It
> helped that, while I haven't seen the PayPal example, I saw a Web
> article (don't recall where) that discussed this obfuscated-image
> approach to ensure that only humans could read something. From my
> position of ignorance, it looks like you implemented the idea nicely.
>
> For now, it seems like overkill to me. I'm not up on spammer tech. Do
> they OCR bitmaps now? If so, then no, it's not overkill at all. But if
> they don't, then an unobfuscated bitmap would be easier to create
> (though not nearly as clever and fun).
>
> The big problem that I see, though, is usability. Are people accepting
> the PayPal usage? That would be one point in your favor for usability.
> But I believe users like to click an email link, not type an email
> address. You might make the bitmap a link; but that invites them to
> write an HTML scraper.
>
> There's also a "polish" factor. Some "respectable" corporations
> (cough-Rapistan-cough) would never be caught dead with such a graphical
> image that hadn't been approved by fifteen different layers of managers,
> executives, graphics techs, and high-priced consultants.
>
> I don't remember any discussion of this from the article, but I'd be
> curious how these images are perceived by people with color blindness
> and other vision disorders.
>
> The solution to email scraping that Shaw has settled on is work, but it
> works: he has a contact form only, and no email addresses anywhere on
> the site. This may annoy some who want to bypass the form and go
> straight to dialogue, but we haven't noticed that yet. (Many of the
> spammers themselves use a similar technique to remain untraceable: the
> spam mail contains a link to an illegally-registered server; and the
> contact form on that server then forwards to their real machine
> somewhere else, using server-side Java instead of HTML so the real
> machine address is never visible.)
>
> Martin L. Shoemaker
>
> Martin L. Shoemaker Consulting, Software Design and UML Training
> Martin at MartinLShoemaker.com
> http://www.MartinLShoemaker.com
> http://www.UMLBootCamp.com
>
>
>
>>-----Original Message-----
>>From: Steve Poling [mailto:sdpoling at attbi.com]
>>Sent: Wednesday, February 05, 2003 12:09 AM
>>To: Shoemaker at EmeraldSoftwareInc.com
>>Cc: grand-rapids-pm-announce at happyfunball.pm.org; Ed van der
>>Maas; Mark Madrilejo; Greg Brander; Keith McCreery;
>>Shoemaker at EmeraldSoftwareInc.com; Tina Mancuso; Fred Laxton;
>>doctorow at craphound.com; dwz at zeitlerhome.net;
>>lbrader at nullfire.com; pfoley at aptica.com
>>Subject: perl script to annoy spammers
>>
>>
>>Consider the following prototype Perl script. It is not
>>intended to be clever. Just get
>>the job done. I'd appreciate any commentary. This has been
>>tested under ActiveState/Win32,
>>I'll test under Linux shortly. Thanks to Al and Chris and Paul.
>>
>>#!/usr/bin/perl
>>#
>>#this program takes a string (email address) and generates a
>>PNG file holding an image #of that string. #the image is
>>designed to annoying OCR programs. The purpose is to make
>>#it relatively hard for spammers to scrape email addresses
>>off webpages. # use GD;
>>
>>if (@ARGV != 1) {
>> die ("Usage: enter your email address that you want
>>obscurified.\n"
>> ,"e.g. addr2img.pl sdp\@i2k.com\n");
>>}
>>if (length($ARGV[0])==0){
>> die ("Usage: You must enter a non-empty string as an
>>email address.\n"
>> ,"e.g. addr2img.pl sdp\@i2k.com\n");
>>}
>>
>>$string = $ARGV[0];
>>$font = gdGiantFont;
>>$fontX = 9;
>>$fontY = 15;
>>
>>$imageX = (1.2*$fontX)*(length($string)+2);
>>$imageY = $fontY*2;
>>$startX = $fontX/2 + rand()*$fontX;
>>$startY = rand()*$fontY/3;
>>$increment = ($imageX-$startX)/(length($string)+1);
>>
>>$im = new GD::Image($imageX,$imageY);
>>
>>$black = $im->colorAllocate(0,0,0);
>>$ivory = $im->colorAllocate(255,255,191);
>>$seagreen = $im->colorAllocate(191,255,255);
>>
>>my $i;
>>my $toggle = 1;
>>for ($i=0;$i<length($string);$i++)
>>{
>> if ($toggle==0)
>> {
>> $im->fill($startX,0,$ivory);
>> }
>> else
>> {
>> $im->fill($startX,0,$seagreen);
>> }
>> $toggle = 1 - $toggle;
>>
>> $char = substr($string,$i,1);
>> $im->string($font,$startX +
>>($fontX/3)*rand(),$startY+($fontY/2)*rand(),$char,$black);
>> $x = rand()*$fontX + $startX;
>> for ($j=0;$j<$imageY;$j++)
>> {
>> $pixel = $im->getPixel($x,$j);
>> $im->setPixel($x,$j, $black);
>> if ($pixel==0)
>> {
>> $j = $imageY;
>> }
>> }
>> $x = rand()*$fontX + $startX;
>> for ($j=$imageY-1;$j>=0;$j--)
>> {
>> $pixel = $im->getPixel($x,$j);
>> $im->setPixel($x,$j, $black);
>> if ($pixel==0)
>> {
>> $j = 0;
>> }
>> }
>> $startX += $increment;
>>
>>}
>>$im->rectangle(0,0,$imageX-1,$imageY-1,$black);
>>
>># make sure we are writing to a binary stream
>>binmode STDOUT;
>>
>># Convert the image to PNG and print it on standard output
>>print $im->png;
>>
>>
>>
>>Al Tobey wrote:
>>
>>>What you want will be pretty easy with GD. It is available on just
>>>about every default linux install. I believe you can get it on
>>>ActiveState, too. You may need to emply ImageMagick to get
>>
>>your bmp &
>>
>>>gif files since GD only outputs jpg & png due to patent
>>
>>issues on gif.
>>
>>>http://www.cpan.org/authors/id/L/LD/LDS/GD-2.06.tar.gz
>>>http://www.cpan.org/authors/id/L/LD/LDS/GD-2.06.readme
>>>http://www.cpan.org/authors/id/M/MV/MVERB/GDTextUtil-0.83.tar.gz
>>>http://www.cpan.org/authors/id/M/MV/MVERB/GDTextUtil-0.83.readme
>>>
>>>-Al Tobey
>>>
>>>On Tue, 2003-02-04 at 11:08, Steve Poling wrote:
>>>
>>>
>>>>Hey guys, it's me lowering the bar again.
>>>>
>>>>I'm looking for a Perl module that inputs a short bit of
>>
>>text and then
>>
>>>>outputs a bitmap image thereof. Anybody know if such a
>>
>>critter exists?
>>
>>>>I have an insidious plan for thwarting spammers and this
>>
>>capability is
>>
>>>>the first step. If you have ever purchased something via PayPal,
>>>>you'll note that they make an image of some authorization
>>
>>numbers and
>>
>>>>ask you to type in the authorization code. This prevents
>>
>>crooks from
>>
>>>>writing programs that "scrape" the authorization code automatically.
>>>>
>>>>Why do I want to mess with this? I want to apply this technique to
>>>>personal email addresses. Goto http://steve.poling.info and
>>
>>you'll see
>>
>>>>my personal email address rendered in a hard-to-scrape
>>
>>format. (Hehe,
>>
>>>>I hyperlink a sacrificial "spam-target" address in the
>>
>>mailto target.)
>>
>>>>If I can get this module to work, I'll setup a freebie
>>
>>service to give
>>
>>>>my friends nifty little hard-to-scrape gif files of their email
>>>>addresses.
>>>>
>>>>My module would do this:
>>>>1) convert input text string to a bitmap.
>>>>2) randomly jizzle the individual letter positions
>>>>3) xor a patterned background
>>>>4) blast some random lines atop the letters
>>>>5) generate a bmp, gif, png output file.
>>>>6) mail the file to the specified address.
>>>>7) sell the address to spammers???? Horrors, NO!
>>>>
>>>>I figure there is probably an image processing Perl module
>>
>>that does
>>
>>>>most all these steps individually. Does anybody know of any?
>>>>
>>>>I'd rather not do this in C++ as a matter of principle.
>>>>
>>>>smiles and cheers,
>>>>
>>>>steve
>>
>>
>
>
More information about the grand-rapids-pm-announce
mailing list