Kodewerx

Our culture has advanced beyond all that you could possibly comprehend with one hundred percent of your brain.
It is currently Tue Mar 19, 2024 1:59 am

All times are UTC - 8 hours [ DST ]




Post new topic Reply to topic  [ 14 posts ] 
Author Message
PostPosted: Sun May 10, 2009 12:12 pm 
Offline
Kommunist
Kommunist
User avatar

Joined: Sat Nov 24, 2007 6:04 pm
Posts: 647
Location: Rattlesnakes and Sand
Quality flood today ey?

So, tell me, what do you think of modern Captcha methods, as well as some of the new ones we're seeing nowadays.

Personally I'd say reCAPTCHA is one of the best "traditional" Captcha systems out there.
However, I don't hardly trust any traditional text-based Captchas.


I for one see great potential in image-based Captchas.
KittenAuth and ASIRRA (they're the same damn thing) are certainly personal favorites, though rather bulky.

SQ-PIX is "odd" to say the least, but if you ask me, not worth the trouble. Cute idea though.
ESP-PIX is also an interesting one, but again, a bit too much for what should really be just a quick mindless test of humanity.


Opinions?
Interesting Captchas you've seen?
Captcha related bullshit humor?

Image
Comic a lot of you were considering posting up until this line?
Yup.


Top
 Profile  
Reply with quote  
PostPosted: Mon May 11, 2009 3:48 pm 
Offline
Kommunist
Kommunist
User avatar

Joined: Mon May 21, 2007 1:04 pm
Posts: 441
Location: Down the Street
Title: Mr. Mime
Yea back then i did feel bad.
But yet again, i felt bad when buzz was knocked off the window sill.

Now, i could care less.

Edit: Wow i didn't even notice the whole picture.

_________________
Image
Image
Image
NDS Hacker


Top
 Profile  
Reply with quote  
PostPosted: Mon May 11, 2009 5:09 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3768
Title: All in a day's work.
A great way to ward off bots is with simple HTML+CSS tricks. You create two HTML form fields named "username" and "password" and then hide them with CSS. Then you create two more fields and give them random names. The randomly-named fields will be used as the user's chosen username and password. The hidden fields will be used as spam traps: if they are filled in, the registration is rejected.

You could also use session timers and reject registration attempts that took less than ~30 seconds to download the registration page and submit.

Basically, CAPTCHA is a bad idea, because they can be fed to real humans trying to get access to porn sites. This is a method of proxy-cracking CAPTCHAs which can be difficult or impossible to protect against.

"Are you human?" is the wrong question to ask.

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 11, 2009 6:19 pm 
Offline
Komrade
Komrade

Joined: Tue Mar 27, 2007 10:18 am
Posts: 1328
I'm with Para here, despite my lack of expertise. Why limit yourself to a CAPTCHA system?

I did see a neat one the other day, though. It was animated. It functioned kind of like a rotary counter with each character only being given limited screen time, with the image entirely white in between display of characters.

At the least, the slow display of all the characters in that particular CAPTCHA would slow down human readers, perhaps making a labor system less desirable.

_________________
Image


Top
 Profile  
Reply with quote  
PostPosted: Mon May 11, 2009 8:37 pm 
Offline
Kommunist
Kommunist
User avatar

Joined: Sat Nov 24, 2007 6:04 pm
Posts: 647
Location: Rattlesnakes and Sand
Parasyte wrote:
A great way to ward off bots is with simple HTML+CSS tricks. You create two HTML form fields named "username" and "password" and then hide them with CSS. Then you create two more fields and give them random names. The randomly-named fields will be used as the user's chosen username and password. The hidden fields will be used as spam traps: if they are filled in, the registration is rejected.

Now that is the kind of thing I was hoping for.
I've never really thought of something like that, but I must say, it seems damn clever to me.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue May 12, 2009 9:22 am 
Offline
Komrade
Komrade

Joined: Tue Mar 27, 2007 10:18 am
Posts: 1328
It does, but to me, who doesn't even have web development experience (not any I'd count, at least) I look at that solution and think "Wow, that's really simple. Why didn't I think of that?".

Doesn't it seem so obvious? Humans aren't going to assume there's a hidden text box and dig for it.

Perhaps we were trying too hard when looking for differences between how humans think and how crawlers process.

And I really like the time idea. It's a practical solution that seems a bit hacky, but really...who does speed runs of filling out forms? If it really is a human they'll be likely to patiently do the form over again after being informed as to why their information was rejected.

Reminds me of something I mentioned in a recent PM to you, Para. Using arbitrary time delays to ensure multiple tests of a watched instruction, blah blah.

And guess where I got THAT idea from?

I got it from reading about a packet handling system that implemented CSMA/CA long before taking the Telecom class I just finished. Then, I didn't know what the hell CSMA/CA meant, and I didn't understand the meaning of it even after looking it up.

Now, even after taking the class, I still had to look up what the hell it was called. At least I know what it means now. :/

_________________
Image


Top
 Profile  
Reply with quote  
PostPosted: Tue May 12, 2009 12:57 pm 
Offline
Kommunist
Kommunist
User avatar

Joined: Mon May 21, 2007 1:04 pm
Posts: 441
Location: Down the Street
Title: Mr. Mime
Well i think Para's way would work very well.
Seriously, that is really smart thinking to fish out the bots.

_________________
Image
Image
Image
NDS Hacker


Top
 Profile  
Reply with quote  
PostPosted: Tue May 12, 2009 5:35 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3768
Title: All in a day's work.
For the record, the idea was not my own. But I've implemented it very easily (and effectively!) on a phpBB2, which uses no visual CAPTCHA system whatsoever. Spam registrations ended over night, down to 0 from well over 20 per day.

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue May 12, 2009 6:10 pm 
Offline
Komrade
Komrade

Joined: Tue Mar 27, 2007 10:18 am
Posts: 1328
Successful implementations of genius ideas always give me goosebumps.

I wish there was a cooler word than "Eureka!" for those times.

_________________
Image


Top
 Profile  
Reply with quote  
PostPosted: Tue May 12, 2009 6:19 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3768
Title: All in a day's work.
There is.

SHIBBY!

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
PostPosted: Tue May 12, 2009 6:34 pm 
Offline
Kommunist
Kommunist
User avatar

Joined: Sat Nov 24, 2007 6:04 pm
Posts: 647
Location: Rattlesnakes and Sand
Parasyte wrote:

SHIBBY!

Ironically that's the name of my favorite pet.


Top
 Profile  
Reply with quote  
PostPosted: Tue May 12, 2009 11:20 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3768
Title: All in a day's work.
People name their pets Eureka all the time. It only makes sense.

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
PostPosted: Wed May 13, 2009 12:50 pm 
Offline
Kommunist
Kommunist
User avatar

Joined: Mon May 21, 2007 1:04 pm
Posts: 441
Location: Down the Street
Title: Mr. Mime
Parasyte wrote:
For the record, the idea was not my own. But I've implemented it very easily (and effectively!) on a phpBB2, which uses no visual CAPTCHA system whatsoever. Spam registrations ended over night, down to 0 from well over 20 per day.


Yea, i looked through members a while back and i was like "hmm SPAM?"

_________________
Image
Image
Image
NDS Hacker


Top
 Profile  
Reply with quote  
PostPosted: Wed May 13, 2009 4:58 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3768
Title: All in a day's work.
The most common spam registrations (in my experience) use gmail. Sad. :(

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 14 posts ] 

All times are UTC - 8 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 21 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group