On 6/11/07, Tijnema <[EMAIL PROTECTED]> wrote:
On 6/10/07, tedd <[EMAIL PROTECTED]> wrote:
> >Tedd:
> >
> >Please don't spread the code of your Audio CAPTCHA, we had a big
> >discussion about it, and we concluded that it was quite easy to crack.
> >I remember i've cracked some other CAPTCHAs, but if you still think
> >your Audio CAPTCHA isn't hard to crack, then just let me know and i'll
> >start cracking it :)
> >
> >Dave:
>
> Dave:
>
> The point is not how easy my Audio CAPTCHA is to crack, but rather
> one of accessibility.
>
> If one insist on using a graphic CAPTCHA, which in most cases can be
> cracked, then at least add an Audio CAPTCHA to allow access for the
> visually disabled.
>
> Or, is the point here to allow bots and block the visually disabled
> -- I think not.
Surely not, but what you're doing with adding a weak audio CAPTCHA is
adding more options for a hacker. Since the form can be submitted by
either completing one of both CAPTCHA programs, the hacker can choose
whichever way he likes. So if you have a very very strong Graphic
CAPTCHA, but a very weak Audio CAPTHCA, than it isn't too hard to
crack, as the hacker would only crack the Audio CAPTCHA...
>
> Look at the CAPTCHA's use here:
>
> http://sam.zoy.org/pwntcha/
>
> and their efficiently at blocking bots, which next to nil.
>
> So, if people are going to believe in the false notion that CAPTCHA's
> block bots, then why not provide a way for the visually disabled to
> obtain access as well? Why just block the visually disabled?
The question is not if the CAPTCHAs are crackable, because they are!
But, like we said in the other thread, it's by finding the right way
between the time needed to crack, and the time needed to type
over/listen to CAPTCHA. Adding Audio CAPTCHA decreases time to
crack...
>
>
> >I think you remember the thread tedd ;)
>
> I remember the threads, but nothing that was said there is counter to
> what I said here.
>
> Cheers,
>
> tedd
It's atleast an interesting thread about CAPTCHA.
Tijnema
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Quote of the day, hands down:
"The brightest ideas have to pass through the dimmest minds...."
~ Tedd (speaking of programmer-vs-management obstacles)
--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
