Development Discussion Board

[naderman]

If they're generated automatically, thy can be solved automatically.

Not true. The characters and selection criteria are randomized. Just like the examples given, a spambot would still have to figure out which word was important and which characters to select.

It's entirely true, and moderately trivial if given access to the source.

Wow not bad. You just single handedly refuted an entire research field in computer science, I suggest you maybe read up on CAPTCHAs, Reverse Turing Test and Turing test before you continue to make assertions about issues you have little understanding of.

[callumacrae]

No, not really. Unless someone is going to teach phpBB how to speak English, then there will be patterns to the CAPTCHAs.

Simplified example, some random CAPTCHAs generated:

Code: Select all

Enter the last 3 characters of 03t]9jw[
Enter the first 2 characters of 7rn57'
<span style="color:red">What colour is this?</span>
"Randomly generated <strong>sentence</strong> goes <strong>here</strong>" What words are bold?
<span style="color:green">What colour is this?</span>

And the language keys:

Code: Select all

Enter the %s %d characters of %s
[color=%s]What colour is this?[/color]
"%s" What words are bold?

Very over-simplified, but I'm sure you can see how it would be solvable. Sure, good AI to generate the CAPTCHAs would require good AI to solve them, but it's still possible, especially if open sourced.

[naderman]

Of course particular Q&A tests don't work well. But you keep talking about "CAPTCHA"s in general, and seem to have absolutely no understanding of what the word even means. What you are saying about CAPTCHAs essentially is a contradiction, because you both assume CAPTCHAs exist and simultaneously state that CAPTCHAs cannot exist. Anyway if you want to say something useful on this particular discussion go ahead, if you just want to make unfounded generalisations about CAPTCHAs that are not helping at all I'll be splitting those posts off.

[callumacrae]

Oh, I meant Q&A CAPTCHA (that is the CAPTCHA that this theses pic is about, after all).

No need to split them off, I just don't think that generating Q&A CAPTCHAs is a good idea.

[naderman]

That I agree with entirely.

[AliasM2K]

You can't set reCAPTCHA as default as it requires an API key.

What about Securimage? It doesn't require an API key

[callumacrae]

You can't set reCAPTCHA as default as it requires an API key.

What about Securimage? It doesn't require an API key

Their domain looks like they're trying to use the domain to get traffic, not the product, and their demo page is 404ing. Not hugely impressed so far.

[imkingdavid]

You can't set reCAPTCHA as default as it requires an API key.

What about Securimage? It doesn't require an API key

Their domain looks like they're trying to use the domain to get traffic, not the product, and their demo page is 404ing. Not hugely impressed so far.

Demo page loads for me. However, those captchas look pretty much just like all the other image captchas. What makes these different?

[MichaelC]

You can't set reCAPTCHA as default as it requires an API key.

What about Securimage? It doesn't require an API key

Their domain looks like they're trying to use the domain to get traffic, not the product, and their demo page is 404ing. Not hugely impressed so far.

Demo page loads for me. However, those captchas look pretty much just like all the other image captchas. What makes these different?

+1. It looks like the phpBB 2 CAPTCHA with a line through it if I'm honest. Using that would be three (GD, reCAPTCHA and QA) steps backwards, not forward.

[brunoais]

Well... It can be used to ask to calculate a certain easy math problem... Having a bot to decide between copying and solving a math problem seems to be already an interesting challenge and then this can become a bit harder than the current phpbb3's captcha. If we randomize a little more we can get something harder... Probably mixing what phpbb3 currently has as default with some Q&A.....