sorry to interrupt so there is no other means than captcha to control over the data being inserted to database?
On 5/12/08, Bipin Gautam <[EMAIL PROTECTED]> wrote: > > also, i have seen buzz in the underground business about people > hireing real people (like outsourcing companies) which pays 1$ per > 1000 CAPTCHA image the person breaks. > > and the whole idea behind using image/audio challange fails appart. > > thanks, > -bipin > > On Mon, May 12, 2008 at 7:58 PM, sarose <[EMAIL PROTECTED]> wrote: > > > > Hi folks, > > > > Freely available CAPTCHA libraries are limited in certain pattern even > > they go for randomization, distortion and clutter to confuse OCR. All > > these stealth techniques have failed miserably. Recently Gmail, MSN > > live, Yahoo! CAPTCHA got failed [1] with highest success rate ever > > recorded. One of the test shows that MSN Live! failed with 92% of the > > time..[2] There are many proof of concept. Breaking CAPTCHA is easier > > and its not a right means to protect the automated attacks. Follow the > > suggestion the artcile [2] has presented. Choose the right library > > having the lesser failure rate in producing breakable code. > > > > Explore in details here: http://www.cs.sfu.ca/~mori/research/gimpy/ > > > > > > -- > > Sarose > > > > [1] http://en.wikipedia.org/wiki/Captcha > > [2] http://www.cs.sfu.ca/~mori/research/gimpy/ > > > > On May 11, 10:53 pm, acpmasquerade <[EMAIL PROTECTED]> wrote: > > > Very easy, > > > use any captcha service providers or any other else created on your > > > own using GDLibrary in PHP > > > > > > One of the most famous Captcha service providers is > recaptcha.nethttp://recaptcha.net/plugins/php/ > > > > > > And some more arewww.PHPCaptcha.orgwww.captchacreator.com > > > > > > > > But I will suggest you a very simple one here. You are left to discuss > > > on security issues in this type. > > > Steps: > > > a) First select a random number/character/symbols, etc whatever you > > > think you should use in you captcha > > > b) Use a session variable to store the sequence you have generated > > > c) Use GDLibrary extension of PHP to generate an image out of the text > > > you have generated > > > d) Display the image somewhere and read a text input > > > e) When the form is submitted, match the input with the session > > > variable you had stored in step 'b'. > > > > > > This is a simple method how to stop spams. > > > > > > However you can do another trick too, if you do not have a proper > > > knowledge in GD > > > a) Randomize number. b) have 0-9 digits' images. c)Break the > > > characters into digits and display the image sequences to build an > > > image of number. But make sure that the names of images are some > > > encrypted strings so that pattern of the next digit cannot be guessed. > > > Otherwise robots just break the code and input what you are > > > expecting. > > > > > > For more you can continue the discussion > > > > > > Thanks > > > > > > > > > -- > X-No-Archive: > > > > -- ................ bipin --~--~---------~--~----~------------~-------~--~----~ FOSS Nepal mailing list: [email protected] http://groups.google.com/group/foss-nepal To unsubscribe, e-mail: [EMAIL PROTECTED] Community website: http://www.fossnepal.org/ -~----------~----~----~----~------~----~------~--~---
