[TYPO3-typo3org] little rant about TER captcha (but not only)
Thomas Hempel
thomas at work.de
Fri Jul 28 10:51:53 CEST 2006
Hi Elmar,
> it is not as secure as a classic captcha because of the missing bluring, so
> that machines still can read the text out of the picture. But it is
> unlikely that someone would programm such a script to hack a single site.
> As soon as it would be a mass product I am sure it would be spammed sooner
> or later.
Of course it will. As everythng...
But the point is that we want to have a captcha that human readable. And it's
clear, that the most captchas (especially the ones on typo3.org) are not.
The idea behind this question captcha is, that you have a picture. That is a big
barrier for bots at the moment. If it is blurred or not... It doesn't matter
because there will be OCR programms that will recognize this earlier or later.
The point is that they doesn't do now!
And as second step we have the question which is totally random. I think a
simple mathematical question two numbers up to 20 or 30 is resolvable for
everybody. But for a bot it's quite hard because you can replace any part of the
task as signs (+-0-9) or as words (plus minus twelve, thirtyeight etc.). I
don't think that the efforts for hacking this with a bot doesn't worth just for
adding a simple comment in a guestbook.
This is just my opinion. If someone can tell me something else... Let me know
;-) I'm open for discussion
Greets,
Thomas
--
typo3-unleashed.net
More information about the TYPO3-team-typo3org
mailing list