I might be in a minority of this, but using numbers that way breaks my flow for 2 reasons: Firstly, any number of lines greater than around 3 or 4 means I have to stop and manually count. Not that counting to 6 takes a long time, but it does use some mental capacity while I want my mind focused on the actual code. Secondly, I don’t have touch typing in my fingers for the number line on my keyboard. If I need to type a number, I either have to look down at my keyboard, or move my hand over to the numpad. In both cases it would be quicker for me to Vjjjjjy.

Or you could replace most of the whitespace with repeating semicolons. Makes the code much clearer!

Not that this covers many cases, but a lot of appliances are running touch screens and a lack of non-visual indicators. Blind people could benefit from having an app with a screen reader to run the machine. Of course, this is just a patch for a problem which shouldn’t have existed in the first place.

It just seems like the perspective is off. Implementing some script which reads images of the website which depicts the CAPTCHA, sending it to some AI-solution which can succeed some percentage of the time. Adding this to something which can interact with the website (not sure if you’ll need to indirectly act through something like selenium or if you can make direct web-calls), while also ensuring that the CAPTCHA doesn’t receive other suspicious data.

If you go through that trouble, I would be amazed if combining 2 or 3 words from a dictionary into a username would be the kryptonite of your bot farm.

Again, I don’t know, and it might be a much more preventative solution than I can understand, but it feels like a strange security by obscurity.

Emails, sure. Captchas require a fair bit of elbow grease. Generating a random username which looks fine is nothing in the landscape of bot protection.

I just don’t see how the username is an attack vector. The sign-up has email verification and CAPTCHA. Requiring the username to be something sensible seems excessive.

But honestly, I don’t know. Maybe this stops a lot more bot farms than I’d expect.

If I were a bot farm owner, I would likely just generate more “realistic” person usernames. Generating a unique username which doesn’t look like random letters is trivial, and I don’t really think that creating that obstacle is a real hinderance to anyone.

Sure, and I’d probably understand it from the instance owners perspective better if I were in their shoes. And to be fair to them, my username was randomly generated by youtube at some point. So if they just outright reject appeals from generated usernames, I definitely fall into that category. I just feel like that’s a bad process and practice for instances which are among the top of the suggested list for new users.

Considering that some bots might also have automatic appeals integrated makes it more reasonable to expect that automated rejection.

You quoted the appeal-part of my comment. I would understand if a bot is implemented to suspend users with usernames which is just a generated string of high entropy, like my own. But rejecting an appeal should not be an automated process.

I can’t imagine that the automated ban helps a lot either. Generating random usernames which looks like real people’s usernames is pretty much a trivial task. Using a high-entropy string is just a choice on the developers side.

Yep, maybe that’s it. It has been my username on reddit for ~12 years, and I carried over to lemmy when I joined here. And joining mastodon, I’d like to keep it still. But if the large mastodon servers are suspending and ignoring appeals due to a suspicious username, I’m kinda unhappy with those instances.

I completely understand that mastodon are compiled of individual admins per server, and they can do what they want with their instance. But I’d expect the highest suggested instances to at least answer the appeals when suspending users. If I joined a random tiny instance of someone who wants to keep it to themselves, I’d understand, but the instances I joined are huge with a welcomming message etc.

I’m out of the loop on this one, but it sounds like yet another attempt at SOPA (Stop Online Piracy Act). Back in 2011, people had to fight hard because the US congress was attempting to gain control over the internet. The congress’ reasoning was that they wanted to hinder piracy, but the implications of the bill was so much more.

I don’t recall the full history of this, but I believe that as soon as SOPA was turned down, a new bill regarding preventing child pornography was proposed. And that bill had basically the same implications, but if you were against it this time, the congress had implied that you were supporting child pornography.

It seems like the state’s attempt at gaining control of the internet is never ending, since they can propose new bills as soon as the previous bill is voted out. Basically the “throw enough shit at a wall and some of it will stick”-tactic.