Hi folks, Freely available CAPTCHA libraries are limited in certain pattern even they go for randomization, distortion and clutter to confuse OCR. All these stealth techniques have failed miserably. Recently Gmail, MSN live, Yahoo! CAPTCHA got failed [1] with highest success rate ever recorded. One of the test shows that MSN Live! failed with 92% of the time..[2] There are many proof of concept. Breaking CAPTCHA is easier and its not a right means to protect the automated attacks. Follow the suggestion the artcile [2] has presented. Choose the right library having the lesser failure rate in producing breakable code.
Explore in details here: http://www.cs.sfu.ca/~mori/research/gimpy/ -- Sarose [1] http://en.wikipedia.org/wiki/Captcha [2] http://www.cs.sfu.ca/~mori/research/gimpy/ On May 11, 10:53 pm, acpmasquerade <[EMAIL PROTECTED]> wrote: > Very easy, > use any captcha service providers or any other else created on your > own using GDLibrary in PHP > > One of the most famous Captcha service providers is > recaptcha.nethttp://recaptcha.net/plugins/php/ > > And some more arewww.PHPCaptcha.orgwww.captchacreator.com > > But I will suggest you a very simple one here. You are left to discuss > on security issues in this type. > Steps: > a) First select a random number/character/symbols, etc whatever you > think you should use in you captcha > b) Use a session variable to store the sequence you have generated > c) Use GDLibrary extension of PHP to generate an image out of the text > you have generated > d) Display the image somewhere and read a text input > e) When the form is submitted, match the input with the session > variable you had stored in step 'b'. > > This is a simple method how to stop spams. > > However you can do another trick too, if you do not have a proper > knowledge in GD > a) Randomize number. b) have 0-9 digits' images. c)Break the > characters into digits and display the image sequences to build an > image of number. But make sure that the names of images are some > encrypted strings so that pattern of the next digit cannot be guessed. > Otherwise robots just break the code and input what you are > expecting. > > For more you can continue the discussion > > Thanks --~--~---------~--~----~------------~-------~--~----~ FOSS Nepal mailing list: [email protected] http://groups.google.com/group/foss-nepal To unsubscribe, e-mail: [EMAIL PROTECTED] Community website: http://www.fossnepal.org/ -~----------~----~----~----~------~----~------~--~---
