Re: [ACFUG Discuss] OT: CAPTCHA Effectiveness

Wed, 28 Feb 2007 11:06:58 -0800 

UPS on many services will force you to create a profile.  At every point
that could have a data entry, there is a good amount of server side
validation on high performance web applications.

Error trapping, xss prevention and form tampering is advocated pretty
strongly.

There is a good amount of email notification to users that have a blackberry
for serious faults.

So it really boils down to multiple liens of prevention.

I believe there are also networking devices to trap certaine vents, but that
is more towards your transfer versus presentation layer.

Teddy

On 2/28/07, John Mason <[EMAIL PROTECTED]> wrote:


This really depends on things. If the captcha is for your blog or forum.
Is
someone really going to go through the trouble of doing this. For bigger
sites, captcha is not going to do very much. Like Dean said you pay people
or use a programatical way around it.

I would be interested in hearing other methods in blocking this that are
not
captcha based solutions. How does MySpace or UPS handle these issues?

John
[EMAIL PROTECTED]



-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Morton
Sent: Wednesday, February 28, 2007 1:11 PM
To: [email protected]
Subject: RE: [ACFUG Discuss] OT: CAPTCHA Effectiveness

Thanks for the quick response Dean.
I guess if you paid someone to fill out the forms manually, there is
really
no way to stop it, short of taking the form off line.

Paul Morton



-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean H. Saxe
Sent: Wednesday, February 28, 2007 11:01 AM
To: [email protected]
Subject: Re: [ACFUG Discuss] OT: CAPTCHA Effectiveness


CAPTCHA is easy to bypass, in general.  If there is enough value you can
do
it programatically or pay poor people in developing countries to manually
bypass CAPTCHA devices.

-dhs


Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"Free speech exercised both individually and through a free press, is a
necessity in any country where people are themselves free."
    -- Theodore Roosevelt, 1918


On Feb 28, 2007, at 12:35 PM, Paul Morton wrote:

> Sorry about the off topic post, but I'm curious as to how effective
> people have found CAPTCHA at stopping, or at least slowing down the
> SPAM form hijacking on public pages?
>
> I have little experience on public sites as most of my development is
> on intranet sites.
>
> Paul Morton
>
>
>
> -------------------------------------------------------------
> To unsubscribe from this list, manage your profile @
> http://www.acfug.org?fa=login.edituserform
>
> For more info, see http://www.acfug.org/mailinglists Archive @
> http://www.mail-archive.com/discussion%40acfug.org/
> List hosted by FusionLink
> -------------------------------------------------------------



-------------------------------------------------------------
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------





-------------------------------------------------------------
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists Archive @
http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------





-------------------------------------------------------------
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------







--
Teddy R. Payne
G-Talk: [EMAIL PROTECTED]

Adobe Certified ColdFusion MX 7 Developer
Atlanta ColdFusion User Group (ACFUG)
Atlanta Flash & Flex User Group (AFFUG)



-------------------------------------------------------------
To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform 

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------

Reply via email to