Captchas and Human Readability - Discussion

Discuss features as they are added to the new version. Give us your feedback. Don't post bug reports, feature requests, support questions or suggestions here.
Forum rules
Discuss features as they are added to the new version. Give us your feedback. Don't post bug reports, feature requests, support questions or suggestions here. Feature requests are closed.
Post Reply
hater
Registered User
Posts: 59
Joined: Sun Jul 06, 2003 9:00 am

Captchas and Human Readability - Discussion

Post by hater »

(Ironically enough, this long reply was typed out before I even read naderman's above post. If you feel it out of line or off topic, please do as you wish... Don't want to cause a ruckus. :) )

I'm going to chime in with my opinion, if I may...

Captchya's quite simply don't work how anyone wants them to. All of the time and effort spent engineering them is easily reversed to defeat them. They are a backward way of doing user authentication and verification, they are difficult for users with visual disabilities to see, and obviously the audio method doesn't work with deaf or hearing impaired users. Anything that I have seen in use thusfar other than the afore mentioned is far too complex for your "typical" user to understand, with click throughs or multiple transactions required.

The least defeated solution here involves human intervention. I believe it would be easier to auto-moderate a forum based on karma/censors/word comparison to the root topic, than it would be to auto-descriminate a registration robot versus an old man with glaucoma who has failed the captchya test 5 times (for example.)

As much as the best way to ensure this is to monitor each registration with human eyes and allow them to make the judgement call, I also understand that the reasoning behind a Captchya is to remove an administrator from the process almost entirely. Having not installed Beta2 myself, I am unaware if there is a maximum number of times a potential registrar can fail before a moderator or administrator is notified.

Realistically, keeping it simple through automation is the best way to provide registration. I forsee a more intuitive system to more adequately prevent the registration of robots or masses of unwanted users. Using a trifecta of logging a registration I.P., creating a minimum threshold of allowed registrations from this I.P., and monitoring the introductory post(s) of a user to establish forum credibility.

I know that karma has been discussed to death, however I think that semi-automated/mostly moderated user credibility ratings are the future. With forums being as popular as they are, and getting more and more commonplace on even the smallest websites, I forsee the only true way to catalog known and recurring spam registrations to be globally and universally accessable, similar to using an internet database to get track titles off of a CD.

What I am proposing, is a centrally hosted database where spam user names, I.P.'s, and any other pertinent information are saved through the administration portion of a forum. If companies can spend thousands on picture hosting websites so people can look at pretty things, surely someone has the capital to host a website that's providing a functional and vitally important service.

Now of course, the downfalls are that without adequite follow through, anyone could add anyone to this database. My only split second way around this is to only allow reporting of spam users from administrators/moderators of the originating forum. The central database would be linked to the moderator/administrator control panels, and allow a send/receive type of functionality. Basically a mod would be logged in, having priveledges to report a spam bot, send trigger that report which is sent to the central DB. The moderators name, I.P, and the website submitting the bot would be logged. In the ACP a threshold can be set as to how many times a name or I.P. has been reported for you as the administrator to decide to automate the spam-robot avoidance and removal operation.

Does that make sense or am I just typing in latin?

Xore
Registered User
Posts: 80
Joined: Mon Jul 21, 2003 11:44 pm
Location: The desert
Contact:

Re: Captchas and Human Readability

Post by Xore »

(content of moved post not applicable to this topic)
Last edited by Xore on Mon Aug 21, 2006 3:28 am, edited 1 time in total.

User avatar
DavidMJ
Registered User
Posts: 932
Joined: Thu Jun 16, 2005 1:14 am
Location: Great Neck, NY

Re: Captchas and Human Readability - Discussion

Post by DavidMJ »

Who is going to pay for this central DB, you? On days with high load on this central DB, just hitting the submit button could cause the script to time out. What about hosts that don't allow function calls that open up sockets? This idea does not help them at all.
Freedom from fear

Mike.XIII
Posts: 19
Joined: Sun Aug 20, 2006 1:59 am

Captchas and Human Readability - Discussion 2

Post by Mike.XIII »

I doubt you would include this for the final release but have you considered using sound as well incase people can't make out the image? I think it was yahoo.com that I used this feature on.

User avatar
VxJasonxV
Registered User
Posts: 341
Joined: Sun Mar 02, 2003 2:51 pm
Location: Castle Rock, CO
Contact:

Re: Captchas and Human Readability

Post by VxJasonxV »

You assume that every user has audio generation utilities. That's a very bad assumption to make.
"If You Support It, They Will Come."
"Construction"

User avatar
Eelke
Registered User
Posts: 606
Joined: Thu Dec 20, 2001 8:00 am
Location: Bussum, NL
Contact:

Re: Captchas and Human Readability

Post by Eelke »

The visual CAPTCHA will also be able to use whatever is available from a selection of graphics libraries, if I'm not mistaken. A feature such as that could be available when the required libraries are availble.

Uchiha Nick
Registered User
Posts: 397
Joined: Tue Jul 20, 2004 6:21 am
Location: Rotterdam, The Netherlands
Contact:

Re: Captchas and Human Readability - Discussion

Post by Uchiha Nick »

Code: Select all

What I am proposing, is a centrally hosted database where spam user names, I.P.'s, and any other pertinent information are saved through the administration portion of a forum. If companies can spend thousands on picture hosting websites so people can look at pretty things, surely someone has the capital to host a website that's providing a functional and vitally important service.
you lost me there. you do not want to know how many times things like this have been suggested. aside from paying the db and high traffic- who is going to monitor it? aside from that- it is common knowledge bots change from IP from time to time. dynamic IPs anyone? the reason the ban IP is useless?

this my friend, is what is called a 'endless discussion' :wink:
Image

User avatar
Dog Cow
Registered User
Posts: 271
Joined: Wed May 25, 2005 2:14 pm

Re: Captchas and Human Readability

Post by Dog Cow »

chAos wrote: Sorry for not following convention, but I really think those registration images that require us to entire the code that corresponds with the shape on the left are over the top. It took me a little while to work out what it wanted me to do (since the colours of the shapes were different on the left and right) and which was the correct code.

While this may be necessarily to prevent bot registrations, I feel that current systems (of just letters and numbers) is reasonable.


Had this exact same problem! The idea behind it is genius, 8) the color changing is not.

agent00shoe

Re: Captchas and Human Readability

Post by agent00shoe »

Have you guys thought of cutting back on the characters used to cut down on confusion? For example, don't use zeros because they're too easy to confuse with Os. Use only caps. Maybe get rid of I because it looks like 1 etc.

markus_petrux
Registered User
Posts: 376
Joined: Fri Jun 18, 2004 10:58 pm
Location: Girona, Catalunya (Spain)
Contact:

Re: Captchas and Human Readability - Discussion

Post by markus_petrux »

This "centrally hosted database where spam user names, I.P.'s, and any other pertinent information" exists for the bloggin community: akismet

There was an Akismet MOD in the works, but it was abandoned.

Post Reply