> but they should definitely have a captcha of sorts to limit bot accounts
Captchas don't do much, they're super cheap to solve with services like 2captcha, capmonster, etc.
You can get recaptcha solved for $0.6/1k, hcaptcha for $0.8/1k or cheaper. (email is pretty cheap too, but still more expensive than captcha solving)
Requiring phone verification would be the most effective out of those because it's pretty expensive for the attacker, something like $0.02-$0.11 per verification is usually what I see
I feel strongly about privacy and I always loved the fact that I can post pretty much anonymously on HN (I don't mean this account - it's pseudonymous at best). It's sad bad actors get to ruin this.
I don't know... Hacker News keeps complaining that they want the old 90's web experience back, now it feels like some shitty PHP messageboard from back in the day getting pwned by script kiddies. Enjoy the nostalgia while it lasts I guess.
I clicked on the Discord link in the spam message for fun, entered a random username, and immediately got asked to verify with my phone number before I could even read the messages in the chatroom. HN doesn't need to do that and I don't want them to do that, but a simple captcha or a proof of work algo like what Cloudflare uses would at least slow down the flood of bot accounts.
That’s the Orwellian way that discord cracks down on users that it deems, for whatever reason, “suspicious”. It is tied to the IP address and anything else associated with it, but if you had an existing account before the flag then that account won't be flagged, only new accounts. There is no appeal process and they won’t even tell you what your offense was.
Unfortunately I’ve had to pay for an extra cell phone line just to use the app for work. VOIP numbers are rejected and must be unique per account. In my case it was likely because I had the audacity to back up my chat messages with a script. After a few years I can make new accounts again but I feel like I’m playing Russian roulette every time I do.
If you don’t use separate accounts for privacy someone can dump a list of potentially any known server you’ve ever been in. I knew it would be only a matter of time until something like this would happen: https://www.reddit.com/r/privacy/s/A5nvuZBLab
This "suspicious activity" can even be triggered if you click the wrong invite link, although you have no way to tell where it leads you anyway.
Discord sadly was pretty successful to lure in users and even a lot of devs build their community there. I think it is a bad choice because of lacking discoverability and the proprietary nature of the platform. It feels lively because it is a chat. But otherwise most projects are better hosted elsewhere.
I don't use Discord anymore but the phone number thing seems new, in the past I was able to visit as a guest and be able to read messages but not chat. Then again Twitter and Reddit are doing the same thing now and forcing people to log in, so I'm not surprised.
Considering how many community groups and open source projects now use a Discord in place of a public forum this looks like a disaster going forwards since all the information in there will become locked up. And of course the chats and internal discussion threads aren't indexed by search engines.
I tried to join Discord during the pandemic when I lived in China and they forced phone number verification both on and off VPN (presumably because both VPNs and China IPs are considered untrustworthy, which annoyingly defeats the point of using VPN). Then I went to Canada and bought a local prepaid SIM, but the area code was not recognized as a valid phone number so I still couldn't sign up.
It's very frustrating as a user to be region-locked on the supposedly open internet, but the real feeling of violation happens when companies layer phone number requirements on top of the region lock, which in many countries means that your government ID is now linked to the account, because you cannot buy a SIM without linking it to your ID. Truly a cyberpunk dystopia.
Oh - perhaps? I feel sure I ran into one I couldn't see recently but would need to check.
A lot of discord servers require you to send a message or add a reaction to indicate agreement with their rules before you can even see the list of actual channels. I wonder if reactions are also blocked?
Pretty sure I remember hacker news having cloudflare captchas some time ago. Maybe they enabled the "attack mode" back then? Not sure why it wasn't enabled today. @dang could answer maybe.
Captchas don't do much, they're super cheap to solve with services like 2captcha, capmonster, etc.
You can get recaptcha solved for $0.6/1k, hcaptcha for $0.8/1k or cheaper. (email is pretty cheap too, but still more expensive than captcha solving)
Requiring phone verification would be the most effective out of those because it's pretty expensive for the attacker, something like $0.02-$0.11 per verification is usually what I see