As many of you may have noticed, both Crystal Cosmo and The Glass Prison got hammered with Spam Bots recently.

Steps are being brought forth to remedy this situation.

Here, we have changed our Human Verification system and that seems to have worked, however, TGP is not as fortunate.

The Glass Prison now has Registration disabled because of this, and we will be working to get upgraded as soon as possible so we can re-enable Registrations with stronger Human Verification.

If you would like to join TGP, then you’ll need to first contact either myself or Teim here, and we will create an account for you.

Now, on from official site news, let me elaborate on why I’m getting pissed off about this.

Don’t get me wrong, the vBulletin Developers are good at what they do. The reason this problem occurs is due to the Visible Source nature of vBulletin. Meaning once you purchase the software you can view all of the source code, including any Human Verification systems in place (Captcha, Question and Answer, etc.)

What this means is, it is incredibly easy for Spammers to buy the product, view the source, and reverse engineer any Spam Prevention measures that is put into vBulletin.

The vBulletin Support Staff (who are, unfortunately, some of the biggest vBulletin Fanboys you will ever meet, save for one or two) refuse to accept the fact that the built-in Image Verification System (the vBulletin Captcha) has been breached.

They continue to insist that the Registrations were made by humans then turned over to the Bots.

This is bullshit.

In a few hours time, both FFCC and TGP saw roughly 200 Spam Bot registrations in total (that is the amounts from both sites combined into one). Both sites were running the Built-In Captcha. Other sites also running a similar set up saw similar numbers.

It wasn’t until a vBulletin Developer stepped up and confirmed that the built-in vBulletin Captcha had been thwarted, and (of course) the Support Staff immediately changed their tone.

I advise to all forum owners running phpBB, Invision Power Board, and vBulletin to switch to some other form of human verification. Those three were on the list of verification systems that were broken. Gmail is also on the list.

TGP will remain closed to new registrations until we upgrade and get a better system in place. Until that time please contact either myself or Teim if you wish to join.