Issue #2419 has been updated by bill-auger. Status changed from unconfirmed to not-a-bug
registration was closed before that puzzle went up and it still is - the version of the puzzle that you saw is not complete - it is only a demo of the client-side javascript; and the page has in red printing: "this captcha is not yet fully operational" - that means this is not a bug report, because nothing is broken - this is a grievance discussion - it would be better on the mailing list or forum - please reserve the bug tracker for things that are intended to be working, but are broken the puzzle will require javascript; and it is not going to be accessible - thats not for any inherent reason; but because those features would require more effort than i am willing to invest, merely for thwarting bots - there is no problem with that though; because it is only guarding, but allowing self-registrations; which are not enabled otherwise - the part of web page that is accessible via screen-readers, and is visible without javascript, clearly indicates that anyone who can not or does not wish to solve the puzzle, can ask on the mailing list or IRC for a parabola dev to register them manually an accessibility issue would be allowing some people to do something in a way that prevents others from doing the same thing - in this case that _something_ is to acquire a nickname on the bug tracker; and that puzzle will not prevent anyone from doing that - all that anyone needs to do is ask - the alternative is to require everyone to ask - that is the case now; and that is how trisquel has been doing it for years - if the puzzle is effective at all, it will be an indubitable improvement the important thing is that it will impede bots - if it turns out to not be effective at that goal, then it will go away and self-registrations will simply be closed again, until a better solution is found, or perhaps indefinitely i will change the word 'assets' in the source code to 'blobs', if it pleases the Great Gnu - now that i think of it, i like that better ---------------------------------------- Bug #2419: [CAPTCHA] Are you serious? https://labs.parabola.nu/issues/2419#change-12762 * Author: temporaryuser * Status: not-a-bug * Priority: bug * Assignee: * Category: ---------------------------------------- I have seen the CAPTCHA on registration page. This CAPTCHA is unacceptable. It _will_ make registration longer. It _will not_ prevent robots from registering on the website. I have read the source code. CAPTCHAs must not be done this way. Do you really think robots will execute *YOUR* JavaScript? *Never trust the client.* https://labs.parabola.nu/match_game/match_game.js If you will fix this issue, there are more issues: Cards are stored here: https://labs.parabola.nu/match_game/assets/cards.png. This image can be used to bypass CAPTCHA. Directory name is _assets_, which is not allowed by GNU. https://www.gnu.org/philosophy/words-to-avoid.html#Assets There is '.' after '?' in 'would you?.'. And, finally, it will be impossible to register without JavaScript, I think. -- -- ^^^^ Type your reply above this line ^^^^ -- -- Please keep the 'Subject' as it is -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://labs.parabola.nu/my/account _______________________________________________ Dev mailing list [email protected] https://lists.parabola.nu/mailman/listinfo/dev
