On Wed, May 27, 2009 at 3:20 PM, Marijn Schouten (hkBst)
<hkBst@g.o> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Robin H. Johnson wrote:
>> On Wed, May 27, 2009 at 01:45:24PM -0500, Dale wrote:
>>> Is there something besides a captcha that can be used? I hate those
>>> things because they make no sense to me. I usually just give up when I
>>> encounter one of these and try three or four times with no success. The
>>> ones that look like broken glass or something are the ones I don't even
>>> try anymore. I can't get past one of those.
>> recaptcha [1] is very common at this point, offloads the problem to an
>> external service, supports visually-challenged users, and includes it's
>> own detection of brute forcing from IP addresses and subnets.
>>
>> If that's not acceptable to you, I'll just deploy calculus-captcha.
>> calculus-captcha is best viewed on this page here:
>> http://random.irb.hr/signup.php
>> (reload a few times to see the fun they had in qualifying questions).
>
> The reCAPTCHA page mentions[1] that simple text recognition (with minimal
> distortion) is easy to do with computer programs. Given that the
> calculus-captcha are non-distorted LaTeX'ed formulas we should therefore
> probably assume that computers can read those formulas. They only seem to have
> very few kinds of questions (zeros of small polynomials, differentiation of some
> trigonometric functions (only cos and sin), arithmetic), all of which are
> extremely simple especially for a program[1]. If this CAPTCHA becomes widespread
> someone WILL break it.
As it turns out; our mailing list subscription form is not meant to be
an impenetrable fortress and I doubt we care if the CAPTCHA service we
are using is breakable or not (worst case the spammer uses humans
looking for porn to fill out the CAPTCHA) The point here is to just
make it a little bit harder to spam everyone; not to make it
impossible, defense in depth and all that.
>
> On the other hand I like that reCAPTCHA puts your answers to use for automatic
> digitizations of books. Unfortunately their "Stop spam, read books" message
> doesn't make this very clear unless you already know.
>
> Marijn
>
> [1]:http://recaptcha.net/captcha.html
>
> - --
> If you cannot read my mind, then listen to what I say.
>
> Marijn Schouten (hkBst), Gentoo Lisp project, Gentoo ML
> <http://www.gentoo.org/proj/en/lisp/>, #gentoo-{lisp,ml} on FreeNode
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkodvLMACgkQp/VmCx0OL2zK/QCgmt+/RincRzXtmuGNTxsE4Yd+
> wo8An2zcFsPPaxpzbB75lYlnFCAg1o8q
> =glct
> -----END PGP SIGNATURE-----
>
>
|
