New CAPTCHA

Discuss features as they are added to the new version. Give us your feedback. Don't post bug reports, feature requests, support questions or suggestions here.
Forum rules
Discuss features as they are added to the new version. Give us your feedback. Don't post bug reports, feature requests, support questions or suggestions here. Feature requests are closed.
Post Reply
MKruer
Registered User
Posts: 156
Joined: Sun Jul 20, 2003 9:01 pm

Re: New CAPTCHA

Post by MKruer »

There is another idea that I had which is what I like to call a False Positive image, something that is easily detectable by a bot, but is not seen by the human eye. Someone posted in the main phpbb forums that one of the successes they had against posts was to simply change the html sting that send the response to the system, to something else. To dynamically generate that can, and place a bunch of fictitious calls would confuse most of the bots.

So I guess what I boils down to, is that we need a multi pronged approach, something that requires some level of user interaction plus stuff that the user would not see, but would appear to the bots. Another person was talking about developing a customizable system where you could download/update new CAPTCHA as time goes by, and or allow for the CAPTCHA to be randomized.

User avatar
Eelke
Registered User
Posts: 606
Joined: Thu Dec 20, 2001 8:00 am
Location: Bussum, NL
Contact:

Re: New CAPTCHA

Post by Eelke »

Cheater512 wrote: Actually I think the algorithms are rather easy (do you think those magic eye books are done by hand? ;) )
No, I don't, why would you think I do? ;) Whether the algorithm is simple or not is largely irrelevant to the question whether it can be reversed. Hash-algorithms aren't too complex, and yet they can not be reversed
and a computer would have difficulty undoing it because it requires two eyes.
Could be, that wouldn't surprise me either. I'm just saying, it wouldn't surprise me either if these algorithms would prove to be rather easy to reverse. You could argue in the same way that pictures in general require eyes to interpret. We all know that's not true (as computers in general do not have eyes, and yet they are happily doing stuff like OCR).

ElbertF
Registered User
Posts: 583
Joined: Fri Dec 03, 2004 4:35 pm
Location: tracing..
Contact:

Re: New CAPTCHA

Post by ElbertF »

It's also possible to dynamicly encode the image's URI with JavaScript/PHP:

<img src="empty.gif" onload="this.src=decode('$%^##$^43&^%&*');" />

The decode() function in JavaScript would have a salt dynamicly generated by PHP. If the URI changes everytime (something like "image.jpg?random=435Sdw44wr4"), it's pretty hard for bots to get the real URI.

Wouldn't it help to work with .htaccess, making the image visible only when the referrer is your own website?

User avatar
nuclear_eclipse
Registered User
Posts: 36
Joined: Mon Apr 24, 2006 8:41 pm
Location: Rochester, NY
Contact:

Re: New CAPTCHA

Post by nuclear_eclipse »

spambot wrote: Wouldn't it help to work with .htaccess, making the image visible only when the referrer is your own website?
Referring site can easily be spoofed. IIRC, It's part of the http headers that the browser/bot generates to send to the server.

User avatar
Cheater512
Registered User
Posts: 245
Joined: Thu Mar 23, 2006 1:29 am
Location: Brisbane, Australia
Contact:

Re: New CAPTCHA

Post by Cheater512 »

It would be interesting to do some sort of JS/CSS interaction thing and if the bot doesnt do it correctly instead of a error it gets a image with the wrong letters. :)

ElbertF
Registered User
Posts: 583
Joined: Fri Dec 03, 2004 4:35 pm
Location: tracing..
Contact:

Re: New CAPTCHA

Post by ElbertF »

spambot wrote: Maybe the future will bring us some form of audial confirmation
I just noticed Google is using this, different voices calling some letters and numbers (in my own language) 8O

It's an option when loggin in to Google Adsense (after clicking the visually impaired button)..

User avatar
robertmf
Registered User
Posts: 52
Joined: Wed Jul 23, 2003 5:20 pm
Location: In PA, 55 min. via commuter RR outside Filthadelphia
Contact:

Re: New CAPTCHA

Post by robertmf »

squirrelface wrote: And what if i'm colourblind?
Your point is valid 8% of the time (for white males).
http://www.designmatrix.com/pl/cyberpl/cftcb.html" target="_blank

Do you see a '7' in the [attachment] ?
Attachments
colorimage.gif
colorimage.gif (2.58 KiB) Viewed 7752 times

User avatar
nuclear_eclipse
Registered User
Posts: 36
Joined: Mon Apr 24, 2006 8:41 pm
Location: Rochester, NY
Contact:

Re: New CAPTCHA

Post by nuclear_eclipse »

robertmf wrote: Do you see a '7' in the [attachment] ?[/color]
Hell, I'm not even colorblind and I can barely tell that it's a seven. I wouldn't have even known what it was if not already told.... :(

User avatar
Cheater512
Registered User
Posts: 245
Joined: Thu Mar 23, 2006 1:29 am
Location: Brisbane, Australia
Contact:

Re: New CAPTCHA

Post by Cheater512 »

Are you sure your not colour blind? ;)
I can see it fine although I have seen a number of these before.

User avatar
DigitalShadow
Registered User
Posts: 72
Joined: Wed Mar 01, 2006 12:13 pm
Location: Germany
Contact:

Re: New CAPTCHA

Post by DigitalShadow »

same here. the number is clearly visible.
((perfect timing-_-, i wasnt able to log in this weekend cuz Dad thinks this site is bad and that your all the spawn of Satan....hmm go figure^_^))

Post Reply