Wow not bad. You just single handedly refuted an entire research field in computer science, I suggest you maybe read up on CAPTCHAs, Reverse Turing Test and Turing test before you continue to make assertions about issues you have little understanding of.callumacrae wrote:It's entirely true, and moderately trivial if given access to the source.Pony99CA wrote:Not true. The characters and selection criteria are randomized. Just like the examples given, a spambot would still have to figure out which word was important and which characters to select.callumacrae wrote:If they're generated automatically, thy can be solved automatically.
[RFC] Q&A plugin by default
Re: [RFC] Q&A plugin by default
- callumacrae
- Former Team Member
- Posts: 1046
- Joined: Tue Apr 27, 2010 9:37 am
- Location: England
- Contact:
Re: [RFC] Q&A plugin by default
No, not really. Unless someone is going to teach phpBB how to speak English, then there will be patterns to the CAPTCHAs.
Simplified example, some random CAPTCHAs generated:
And the language keys:
Very over-simplified, but I'm sure you can see how it would be solvable. Sure, good AI to generate the CAPTCHAs would require good AI to solve them, but it's still possible, especially if open sourced.
Simplified example, some random CAPTCHAs generated:
Code: Select all
Enter the last 3 characters of 03t]9jw[
Enter the first 2 characters of 7rn57'
<span style="color:red">What colour is this?</span>
"Randomly generated <strong>sentence</strong> goes <strong>here</strong>" What words are bold?
<span style="color:green">What colour is this?</span>
Code: Select all
Enter the %s %d characters of %s
[color=%s]What colour is this?[/color]
"%s" What words are bold?
Re: [RFC] Q&A plugin by default
Of course particular Q&A tests don't work well. But you keep talking about "CAPTCHA"s in general, and seem to have absolutely no understanding of what the word even means. What you are saying about CAPTCHAs essentially is a contradiction, because you both assume CAPTCHAs exist and simultaneously state that CAPTCHAs cannot exist. Anyway if you want to say something useful on this particular discussion go ahead, if you just want to make unfounded generalisations about CAPTCHAs that are not helping at all I'll be splitting those posts off.
- callumacrae
- Former Team Member
- Posts: 1046
- Joined: Tue Apr 27, 2010 9:37 am
- Location: England
- Contact:
Re: [RFC] Q&A plugin by default
Oh, I meant Q&A CAPTCHA (that is the CAPTCHA that this theses pic is about, after all).
No need to split them off, I just don't think that generating Q&A CAPTCHAs is a good idea.
No need to split them off, I just don't think that generating Q&A CAPTCHAs is a good idea.
Re: [RFC] Q&A plugin by default
What about Securimage? It doesn't require an API keycallumacrae wrote:You can't set reCAPTCHA as default as it requires an API key.
- callumacrae
- Former Team Member
- Posts: 1046
- Joined: Tue Apr 27, 2010 9:37 am
- Location: England
- Contact:
Re: [RFC] Q&A plugin by default
Their domain looks like they're trying to use the domain to get traffic, not the product, and their demo page is 404ing. Not hugely impressed so far.AliasM2K wrote:What about Securimage? It doesn't require an API keycallumacrae wrote:You can't set reCAPTCHA as default as it requires an API key.
- imkingdavid
- Registered User
- Posts: 1050
- Joined: Thu Jul 30, 2009 12:06 pm
Re: [RFC] Q&A plugin by default
Demo page loads for me. However, those captchas look pretty much just like all the other image captchas. What makes these different?callumacrae wrote:Their domain looks like they're trying to use the domain to get traffic, not the product, and their demo page is 404ing. Not hugely impressed so far.AliasM2K wrote:What about Securimage? It doesn't require an API keycallumacrae wrote:You can't set reCAPTCHA as default as it requires an API key.
Re: [RFC] Q&A plugin by default
imkingdavid wrote:Demo page loads for me. However, those captchas look pretty much just like all the other image captchas. What makes these different?callumacrae wrote:Their domain looks like they're trying to use the domain to get traffic, not the product, and their demo page is 404ing. Not hugely impressed so far.AliasM2K wrote:What about Securimage? It doesn't require an API keycallumacrae wrote:You can't set reCAPTCHA as default as it requires an API key.
+1. It looks like the phpBB 2 CAPTCHA with a line through it if I'm honest. Using that would be three (GD, reCAPTCHA and QA) steps backwards, not forward.
Formerly known as Unknown Bliss
No unsolicited PMs please except for quotes.psoTFX wrote: I went with Olympus because as I said to the teams ... "It's been one hell of a hill to climb"
Re: [RFC] Q&A plugin by default
Well... It can be used to ask to calculate a certain easy math problem... Having a bot to decide between copying and solving a math problem seems to be already an interesting challenge and then this can become a bit harder than the current phpbb3's captcha. If we randomize a little more we can get something harder... Probably mixing what phpbb3 currently has as default with some Q&A.....