Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #76235
| References | (6 earlier) <376a239c-77e8-4e0e-9300-847dfa8a8547@googlegroups.com> <CAPTjJmo=Sr3Y4KaDfa4n6=bfxZFNWUohN93OtnHcvaYFT08mDA@mail.gmail.com> <53EB4E68.8050405@harvee.org> <CALvWhxtBnx2TX2VKpaoHvrr5QXpG3YMzrud3TzapCD8U7k=Fyg@mail.gmail.com> <CAPTjJmrvAbD0iVTkyrvujB=5wTizmZQNxhZ-EWjbC3KPG8ZyEw@mail.gmail.com> |
|---|---|
| From | Ian Kelly <ian.g.kelly@gmail.com> |
| Date | 2014-08-13 14:16 -0600 |
| Subject | Re: Captcha identify |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.12946.1407961336.18130.python-list@python.org> (permalink) |
On Wed, Aug 13, 2014 at 1:43 PM, Chris Angelico <rosuav@gmail.com> wrote:
> There are alternatives that are both easier for legit people and
> harder for spambots. Some rely on the fact that humans read things two
> dimensionally, and scripts look at the underlying structure; so, for
> instance, random field names and cunning CSS to match them up with
> their labels can result in a form that's completely messed up in the
> source, but looks perfect to a user. Or you can put extra fields down
> that you can't see if the form's laid out properly.
Chances are that if these tricks mess up a spambot, they will also
mess up a screen reader.
> Or you can combine
> those sorts of tricks with a very simple challenge-response, like
> "What is one plus one?" that requires some specific value to be in a
> specific field - and if that value occurs in the wrong field, you
> throw the form back to the user.
If I ask my phone "What is one plus one", a very nice sounding voice
will tell me that one plus one is two. It takes some cleverness to
come up with a question that is likely to stump a machine but not
deter a human, so the pool of such questions will necessarily be
limited. Meanwhile, all the spambot has to do is flag the question for
a human to answer and store the answer somewhere, and the question is
now useless.
> For some reason, everyone's jumped on the "show some mangled
> text/numbers and ask the user to enter them" bandwagon, in the same
> way that everyone has gone for passwords that require
> lower/upper/digit/symbol and (in the most annoying cases) are actually
> length-limited to something stupid like 12 characters. Yes, maximum,
> not minimum. Grumble.
I've seen some captcha systems that I couldn't solve after a dozen
attempts, and I have no serious vision problems. It's a problem with
no easy solution, and as computers get more powerful the intersection
of {problems machines can't solve} and {problems humans can reliably
solve} grows ever smaller.
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
Captcha identify Wesley <nispray@gmail.com> - 2014-08-12 00:04 -0700
Re: Captcha identify Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2014-08-12 08:59 -0400
Re: Captcha identify Wesley <nispray@gmail.com> - 2014-08-12 07:57 -0700
Re: Captcha identify Chris Angelico <rosuav@gmail.com> - 2014-08-13 01:06 +1000
Re: Captcha identify Denis McMahon <denismfmcmahon@gmail.com> - 2014-08-12 15:38 +0000
Re: Captcha identify Chris Angelico <rosuav@gmail.com> - 2014-08-13 01:54 +1000
Re: Captcha identify Wesley <nispray@gmail.com> - 2014-08-12 18:36 -0700
Re: Captcha identify Chris Angelico <rosuav@gmail.com> - 2014-08-13 11:46 +1000
Re: Captcha identify Ben Finney <ben+python@benfinney.id.au> - 2014-08-13 11:54 +1000
Re: Captcha identify Rob Gaddi <rgaddi@technologyhighland.invalid> - 2014-08-13 09:28 -0700
Re: Captcha identify Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-08-14 03:52 +1000
Re: Captcha identify Chris Angelico <rosuav@gmail.com> - 2014-08-14 04:21 +1000
Re: Captcha identify "Eric S. Johansson" <esj@harvee.org> - 2014-08-13 07:39 -0400
Re: Captcha identify alister <alister.nospam.ware@ntlworld.com> - 2014-08-14 11:42 +0000
Re: Captcha identify Denis McMahon <denismfmcmahon@gmail.com> - 2014-08-14 23:19 +0000
Re: Captcha identify "Eric S. Johansson" <esj@harvee.org> - 2014-08-15 13:18 -0400
Re: Captcha identify Chris Angelico <rosuav@gmail.com> - 2014-08-16 03:30 +1000
Re: Captcha identify Chris Angelico <rosuav@gmail.com> - 2014-08-14 05:27 +1000
Re: Captcha identify Chris Kaynor <ckaynor@zindagigames.com> - 2014-08-13 12:24 -0700
Re: Captcha identify Chris Angelico <rosuav@gmail.com> - 2014-08-14 05:43 +1000
Re: Captcha identify Joel Goldstick <joel.goldstick@gmail.com> - 2014-08-13 15:44 -0400
Re: Captcha identify Skip Montanaro <skip@pobox.com> - 2014-08-13 14:55 -0500
Re: Captcha identify Tim Chase <python.list@tim.thechases.com> - 2014-08-13 15:01 -0500
Re: Captcha identify Ian Kelly <ian.g.kelly@gmail.com> - 2014-08-13 14:16 -0600
Re: Captcha identify Peter Pearson <ppearson@nowhere.invalid> - 2014-08-14 18:37 +0000
Re: Captcha identify Ian Kelly <ian.g.kelly@gmail.com> - 2014-08-14 13:42 -0600
Re: Captcha identify "Eric S. Johansson" <esj@harvee.org> - 2014-08-14 15:43 -0400
Re: Captcha identify alex23 <wuwei23@gmail.com> - 2014-08-15 17:03 +1000
Re: Captcha identify Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-08-15 09:14 +0100
Re: Captcha identify Chris Angelico <rosuav@gmail.com> - 2014-08-15 08:22 +1000
Re: Captcha identify "Eric S. Johansson" <esj@harvee.org> - 2014-08-13 16:42 -0400
Re: Captcha identify Ian Kelly <ian.g.kelly@gmail.com> - 2014-08-13 14:18 -0600
Re: Captcha identify Chris Angelico <rosuav@gmail.com> - 2014-08-14 09:13 +1000
Re: Captcha identify Denis McMahon <denismfmcmahon@gmail.com> - 2014-08-14 23:15 +0000
Re: Captcha identify Ben Finney <ben+python@benfinney.id.au> - 2014-08-15 13:23 +1000
Re: Captcha identify Michael Torrie <torriem@gmail.com> - 2014-08-15 09:20 -0600
Re: Captcha identify Denis McMahon <denismfmcmahon@gmail.com> - 2014-08-12 13:51 +0000
csiph-web