[RFC] Q&A plugin by default

Note: We are moving the topics of this forum and it will be deleted at some point

Publish your own request for comments/change or patches for the next version of phpBB. Discuss the contributions and proposals of others. Upcoming releases are 3.2/Rhea and 3.3.
User avatar
naderman
Consultant
Posts: 1727
Joined: Sun Jan 11, 2004 2:11 am
Location: Berlin, Germany
Contact:

Re: [RFC] Q&A plugin by default

Post by naderman »

callumacrae wrote:
Pony99CA wrote:
callumacrae wrote:If they're generated automatically, thy can be solved automatically.
Not true. The characters and selection criteria are randomized. Just like the examples given, a spambot would still have to figure out which word was important and which characters to select.
It's entirely true, and moderately trivial if given access to the source.
Wow not bad. You just single handedly refuted an entire research field in computer science, I suggest you maybe read up on CAPTCHAs, Reverse Turing Test and Turing test before you continue to make assertions about issues you have little understanding of.

User avatar
callumacrae
Former Team Member
Posts: 1046
Joined: Tue Apr 27, 2010 9:37 am
Location: England
Contact:

Re: [RFC] Q&A plugin by default

Post by callumacrae »

No, not really. Unless someone is going to teach phpBB how to speak English, then there will be patterns to the CAPTCHAs.

Simplified example, some random CAPTCHAs generated:

Code: Select all

Enter the last 3 characters of 03t]9jw[
Enter the first 2 characters of 7rn57'
<span style="color:red">What colour is this?</span>
"Randomly generated <strong>sentence</strong> goes <strong>here</strong>" What words are bold?
<span style="color:green">What colour is this?</span>
And the language keys:

Code: Select all

Enter the %s %d characters of %s
[color=%s]What colour is this?[/color]
"%s" What words are bold?
Very over-simplified, but I'm sure you can see how it would be solvable. Sure, good AI to generate the CAPTCHAs would require good AI to solve them, but it's still possible, especially if open sourced.
Made by developers, for developers!
My blog

User avatar
naderman
Consultant
Posts: 1727
Joined: Sun Jan 11, 2004 2:11 am
Location: Berlin, Germany
Contact:

Re: [RFC] Q&A plugin by default

Post by naderman »

Of course particular Q&A tests don't work well. But you keep talking about "CAPTCHA"s in general, and seem to have absolutely no understanding of what the word even means. What you are saying about CAPTCHAs essentially is a contradiction, because you both assume CAPTCHAs exist and simultaneously state that CAPTCHAs cannot exist. Anyway if you want to say something useful on this particular discussion go ahead, if you just want to make unfounded generalisations about CAPTCHAs that are not helping at all I'll be splitting those posts off.

User avatar
callumacrae
Former Team Member
Posts: 1046
Joined: Tue Apr 27, 2010 9:37 am
Location: England
Contact:

Re: [RFC] Q&A plugin by default

Post by callumacrae »

Oh, I meant Q&A CAPTCHA (that is the CAPTCHA that this theses pic is about, after all).

No need to split them off, I just don't think that generating Q&A CAPTCHAs is a good idea.
Made by developers, for developers!
My blog

User avatar
naderman
Consultant
Posts: 1727
Joined: Sun Jan 11, 2004 2:11 am
Location: Berlin, Germany
Contact:

Re: [RFC] Q&A plugin by default

Post by naderman »

That I agree with entirely.

User avatar
AliasM2K
Registered User
Posts: 82
Joined: Tue Mar 27, 2012 2:33 am

Re: [RFC] Q&A plugin by default

Post by AliasM2K »

callumacrae wrote:You can't set reCAPTCHA as default as it requires an API key.
What about Securimage? It doesn't require an API key :roll:

User avatar
callumacrae
Former Team Member
Posts: 1046
Joined: Tue Apr 27, 2010 9:37 am
Location: England
Contact:

Re: [RFC] Q&A plugin by default

Post by callumacrae »

AliasM2K wrote:
callumacrae wrote:You can't set reCAPTCHA as default as it requires an API key.
What about Securimage? It doesn't require an API key :roll:
Their domain looks like they're trying to use the domain to get traffic, not the product, and their demo page is 404ing. Not hugely impressed so far.
Made by developers, for developers!
My blog

User avatar
imkingdavid
Registered User
Posts: 1050
Joined: Thu Jul 30, 2009 12:06 pm

Re: [RFC] Q&A plugin by default

Post by imkingdavid »

callumacrae wrote:
AliasM2K wrote:
callumacrae wrote:You can't set reCAPTCHA as default as it requires an API key.
What about Securimage? It doesn't require an API key :roll:
Their domain looks like they're trying to use the domain to get traffic, not the product, and their demo page is 404ing. Not hugely impressed so far.
Demo page loads for me. However, those captchas look pretty much just like all the other image captchas. What makes these different?
I do custom MODs. PM for a quote!
View My: MODs | Portfolio
Please do NOT contact for support via PM or email.
Remember, the enemy's gate is down.

User avatar
MichaelC
Development Team
Development Team
Posts: 889
Joined: Thu Jan 28, 2010 6:29 pm

Re: [RFC] Q&A plugin by default

Post by MichaelC »

imkingdavid wrote:
callumacrae wrote:
AliasM2K wrote:
callumacrae wrote:You can't set reCAPTCHA as default as it requires an API key.
What about Securimage? It doesn't require an API key :roll:
Their domain looks like they're trying to use the domain to get traffic, not the product, and their demo page is 404ing. Not hugely impressed so far.
Demo page loads for me. However, those captchas look pretty much just like all the other image captchas. What makes these different?

+1. It looks like the phpBB 2 CAPTCHA with a line through it if I'm honest. Using that would be three (GD, reCAPTCHA and QA) steps backwards, not forward.
Formerly known as Unknown Bliss
psoTFX wrote: I went with Olympus because as I said to the teams ... "It's been one hell of a hill to climb"
No unsolicited PMs please except for quotes.

User avatar
brunoais
Registered User
Posts: 964
Joined: Fri Dec 18, 2009 3:55 pm

Re: [RFC] Q&A plugin by default

Post by brunoais »

Well... It can be used to ask to calculate a certain easy math problem... Having a bot to decide between copying and solving a math problem seems to be already an interesting challenge and then this can become a bit harder than the current phpbb3's captcha. If we randomize a little more we can get something harder... Probably mixing what phpbb3 currently has as default with some Q&A.....

Post Reply