At 7:50 PM -0500 4/10/07, Richard Lynch wrote:
On Sun, April 8, 2007 11:12 am, tedd wrote:
chose from. Unless, there is something here that I don't understand
(which very well could be), I can't see how anyone, without massive
computer resources, could break that.
Am I wrong?
You are
At 8:11 PM -0500 4/10/07, Richard Lynch wrote:
On Tue, April 10, 2007 7:47 am, tedd wrote:
Your use of metaphor is quite colorful, but if you if change a single
pixel in an image, then you change the MD5 signature -- that is what
I was talking about -- and that is not wrong.
Unless I look
At 7:52 PM -0500 4/10/07, Richard Lynch wrote:
On Sun, April 8, 2007 11:26 am, tedd wrote:
The way I figure it, in an image I have 72 dot per square inch -- so,
in one square inch that's 5,184 places for me to store a 24 bit key.
To me, that's a lot of places to hid my Easter egg -- is that
At 8:36 PM -0500 4/10/07, Richard Lynch wrote:
With millions of different images and more being added, it presents a
considerable challenge to crack.
I think not...
You only have to find 10,000 people who hate MS and give each of them
200 unique images to identify.
Well actually, all
On Wed, April 11, 2007 7:30 am, tedd wrote:
At 7:50 PM -0500 4/10/07, Richard Lynch wrote:
On Sun, April 8, 2007 11:12 am, tedd wrote:
chose from. Unless, there is something here that I don't
understand
(which very well could be), I can't see how anyone, without
massive
computer
On Wed, April 11, 2007 8:09 am, tedd wrote:
-- that's all. See the subject line.
I'm sorry that I thought the thread had spilled over beyond the scope
of the Subject.
Since we rarely do that here in PHP General, I should have known better.
:-)
I don't think your work is lame
I think it's
At 8:10 PM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 17:14 -0400, tedd wrote:
At 4:39 PM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 22:27 +0200, Tijnema ! wrote:
This is exactly what tedd did in his last arrow example. He edited the
header of the GIF
You were talking about an OCR reader for the arrows to see what letters it
is pointing to. If the arrow would be at a random location in the actual
image, the arrow being not an arrow but ie. a man pointing and the arm being
flexible (so even if the man himself would move around randomly, the arm
At 10:46 PM +0100 4/9/07, Tijnema ! wrote:
On 4/9/07, tedd [EMAIL PROTECTED] wrote:
It doesn't need to be complicated, just random placed pixels on the
image from a selection of colors would provide millions of
permutations.
Cheers,
tedd
But then OCR would still work, as when somebody scans
At 12:55 PM + 4/10/07, Ólafur Waage wrote:
You were talking about an OCR reader for the arrows to see what letters it
is pointing to. If the arrow would be at a random location in the actual
image, the arrow being not an arrow but ie. a man pointing and the arm being
flexible (so even if the
On Tue, 2007-04-10 at 08:47 -0400, tedd wrote:
At 8:10 PM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 17:14 -0400, tedd wrote:
At 4:39 PM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 22:27 +0200, Tijnema ! wrote:
This is exactly what tedd did in his
On Tue, 2007-04-10 at 13:13 -0400, Robert Cummings wrote:
On Tue, 2007-04-10 at 08:47 -0400, tedd wrote:
Rob:
Your use of metaphor is quite colorful, but if you if change a single
pixel in an image, then you change the MD5 signature -- that is what
I was talking about -- and that
At 1:17 PM -0400 4/10/07, Robert Cummings wrote:
-snip-
That should have read: ... since no subset of...
Oh well, now it makes sense ! :-)
Actually, I see exactly what you are saying. If you take a small
portion of a file and MD5 it, it will give you a signature. If I
simply change a
On 4/10/07, tedd [EMAIL PROTECTED] wrote:
At 1:17 PM -0400 4/10/07, Robert Cummings wrote:
-snip-
That should have read: ... since no subset of...
Oh well, now it makes sense ! :-)
Actually, I see exactly what you are saying. If you take a small
portion of a file and MD5 it, it will give you
You only have 9 arrows.
How tricky can it be to detect which of the 9 images you are displaying?
Even if the URL is the same every time, it's a no-brainer to use OCR
to detect which array is there.
How many variations on this theme are we going to go through?
On Sat, April 7, 2007 10:59 am,
On Sat, April 7, 2007 7:02 pm, Jim Lucas wrote:
This would make things almost impossible for a computer to see, but
the chances of a human screwing
it up would be almost impossible.
Sigh.
Look.
If a HUMAN can see the differen, then a program can be written to
detect the difference.
This
On Sun, April 8, 2007 7:48 am, Robert Cummings wrote:
On Sun, 2007-04-08 at 05:41 -0700, benifactor wrote:
indeed. i was just throwing out the idea of ever changing values.
Except IP addresses aren't ever changing ;)
Unless the visitor is on AOL.
--
Some people have a gift link here.
Know
On Sun, April 8, 2007 11:12 am, tedd wrote:
chose from. Unless, there is something here that I don't understand
(which very well could be), I can't see how anyone, without massive
computer resources, could break that.
Am I wrong?
You are wrong.
The Tijnema! solution of memorizing every
On Sun, April 8, 2007 11:26 am, tedd wrote:
The way I figure it, in an image I have 72 dot per square inch -- so,
in one square inch that's 5,184 places for me to store a 24 bit key.
To me, that's a lot of places to hid my Easter egg -- is that not
enough?
No.
If the egg is visible to a
On Sun, April 8, 2007 11:46 am, Jochem Maas wrote:
in theory it's all crackable - but somewhere along the line the
problem becomes
too hard to make it worth the effort to try (unless your securing Fort
Knox or something)
In REALITY, 99.9% of the Bad Guys will be kept out by *ANY*
On Tue, April 10, 2007 7:47 am, tedd wrote:
Your use of metaphor is quite colorful, but if you if change a single
pixel in an image, then you change the MD5 signature -- that is what
I was talking about -- and that is not wrong.
Unless I look at enough images to figure out that you are just
A) 2 million MD5s is chump-change.
B) Telling a cat from a dog is probably a homework exercise for AI
Vision grad students.
On Mon, April 9, 2007 3:35 pm, tedd wrote:
At 1:04 PM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 12:51 -0400, tedd wrote:
We were talking
about M$'s
On Tue, April 10, 2007 8:01 am, tedd wrote:
An OCR is an Optical Character Reader -- it's design is to recognize
characters (A-Z 0-9), not images.
That's the reason why I previously used the term OCR-like
application -- meaning that it would be designed/programmed to see
the differences
On 4/9/07, tedd [EMAIL PROTECTED] wrote:
At 4:38 AM -0700 4/8/07, benifactor wrote:
hmm, why don't you md5 more then once..
I read somewhere that MD5'ing anything more than once, does not
increase security.
Cheers,
tedd
Not in this case, as it doesn't goes about decrypting the key here,
Tijnema ! wrote:
You can't stop me :)
http://86.86.80.41/dev/debug/tedd.php
It's cracked again :)
Maybe use flash for this... harder to crack? (Of course, Flash will open
door to other problems.)
Sorry, coming in on this late. Good work Tedd! Very interesting.
M
--
Wishlists:
At 1:21 AM -0700 4/9/07, Micky Hulse wrote:
Maybe use flash for this... harder to crack? (Of course, Flash will
open door to other problems.)
Sorry, coming in on this late. Good work Tedd! Very interesting.
M:
Tijnema showed how MD5 could be used to identify an image file and
crack my
On Mon, 2007-04-09 at 08:46 -0400, tedd wrote:
At 1:21 AM -0700 4/9/07, Micky Hulse wrote:
Maybe use flash for this... harder to crack? (Of course, Flash will
open door to other problems.)
Sorry, coming in on this late. Good work Tedd! Very interesting.
M:
Tijnema showed how MD5
At 8:49 AM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 08:46 -0400, tedd wrote:
At 1:21 AM -0700 4/9/07, Micky Hulse wrote:
Maybe use flash for this... harder to crack? (Of course, Flash will
open door to other problems.)
Sorry, coming in on this late. Good work Tedd! Very
On Mon, 2007-04-09 at 09:45 -0400, tedd wrote:
At 8:49 AM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 08:46 -0400, tedd wrote:
At 1:21 AM -0700 4/9/07, Micky Hulse wrote:
Maybe use flash for this... harder to crack? (Of course, Flash will
open door to other problems.)
On 4/9/07, Robert Cummings [EMAIL PROTECTED] wrote:
On Mon, 2007-04-09 at 09:45 -0400, tedd wrote:
At 8:49 AM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 08:46 -0400, tedd wrote:
At 1:21 AM -0700 4/9/07, Micky Hulse wrote:
Maybe use flash for this... harder to crack? (Of
On Mon, 2007-04-09 at 16:27 +0200, Tijnema ! wrote:
I think that we can conclude that a non-crackable CAPTCHA doesn't
exist, but also that there doesn't exist a real hard to crack
CAPTCHA. All current CAPTCHAs can be broken quite easy. MD5 can help
in some cases, but only if the CAPTCHA uses
On 4/9/07, Robert Cummings [EMAIL PROTECTED] wrote:
On Mon, 2007-04-09 at 16:27 +0200, Tijnema ! wrote:
I think that we can conclude that a non-crackable CAPTCHA doesn't
exist, but also that there doesn't exist a real hard to crack
CAPTCHA. All current CAPTCHAs can be broken quite easy. MD5
On Mon, 2007-04-09 at 16:39 +0200, Tijnema ! wrote:
On 4/9/07, Robert Cummings [EMAIL PROTECTED] wrote:
On Mon, 2007-04-09 at 16:27 +0200, Tijnema ! wrote:
I think that we can conclude that a non-crackable CAPTCHA doesn't
exist, but also that there doesn't exist a real hard to crack
On 4/9/07, Robert Cummings [EMAIL PROTECTED] wrote:
On Mon, 2007-04-09 at 16:39 +0200, Tijnema ! wrote:
On 4/9/07, Robert Cummings [EMAIL PROTECTED] wrote:
On Mon, 2007-04-09 at 16:27 +0200, Tijnema ! wrote:
I think that we can conclude that a non-crackable CAPTCHA doesn't
exist, but
Tijnema ! wrote:
On 4/9/07, Robert Cummings [EMAIL PROTECTED] wrote:
On Mon, 2007-04-09 at 16:39 +0200, Tijnema ! wrote:
On 4/9/07, Robert Cummings [EMAIL PROTECTED] wrote:
On Mon, 2007-04-09 at 16:27 +0200, Tijnema ! wrote:
I think that we can conclude that a non-crackable CAPTCHA
On 4/9/07, Stut [EMAIL PROTECTED] wrote:
Tijnema ! wrote:
On 4/9/07, Robert Cummings [EMAIL PROTECTED] wrote:
On Mon, 2007-04-09 at 16:39 +0200, Tijnema ! wrote:
On 4/9/07, Robert Cummings [EMAIL PROTECTED] wrote:
On Mon, 2007-04-09 at 16:27 +0200, Tijnema ! wrote:
I think that we
On Mon, 2007-04-09 at 17:28 +0200, Tijnema ! wrote:
On 4/9/07, Stut [EMAIL PROTECTED] wrote:
Tijnema ! wrote:
On 4/9/07, Robert Cummings [EMAIL PROTECTED] wrote:
On Mon, 2007-04-09 at 16:39 +0200, Tijnema ! wrote:
On 4/9/07, Robert Cummings [EMAIL PROTECTED] wrote:
On Mon,
At 9:58 AM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 09:45 -0400, tedd wrote:
However, this did make me wonder about the images that M$ and others
are using for captchas -- like find the kitty in a set of pictures.
The MD5 application could be used to identify as many
On Mon, 2007-04-09 at 12:51 -0400, tedd wrote:
At 9:58 AM -0400 4/9/07, Robert Cummings wrote:
Hi Tedd,
Put down the crack pipe please... captcha images are usually generated
on the fly. Their image repository is 0. Their image universe is all of
the permutations of an image containing all
Robert Cummings wrote:
On Mon, 2007-04-09 at 12:51 -0400, tedd wrote:
At 9:58 AM -0400 4/9/07, Robert Cummings wrote:
Hi Tedd,
Put down the crack pipe please... captcha images are usually generated
on the fly. Their image repository is 0. Their image universe is all of
the
On 4/9/07, Travis Doherty [EMAIL PROTECTED] wrote:
Robert Cummings wrote:
On Mon, 2007-04-09 at 12:51 -0400, tedd wrote:
At 9:58 AM -0400 4/9/07, Robert Cummings wrote:
Hi Tedd,
Put down the crack pipe please... captcha images are usually generated
on the fly. Their image repository is 0.
At 1:04 PM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 12:51 -0400, tedd wrote:
We were talking
about M$'s picture captcha where they show pictures and ask a
question like Pick the picture that shows a kitty and NOT an on
the fly graphic captcha. There are different types of
At 4:19 PM -0400 4/9/07, Travis Doherty wrote:
Steganography has been able to hide text in images for quite some time
now. Basically you cram whatever info you want into the 'unused' or
'less used' bytes of the image.
With this in mind I imagine even if you did have an image repository of
On Mon, 2007-04-09 at 22:27 +0200, Tijnema ! wrote:
On 4/9/07, Travis Doherty [EMAIL PROTECTED] wrote:
Robert Cummings wrote:
On Mon, 2007-04-09 at 12:51 -0400, tedd wrote:
At 9:58 AM -0400 4/9/07, Robert Cummings wrote:
Hi Tedd,
Put down the crack pipe please...
At 4:39 PM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 22:27 +0200, Tijnema ! wrote:
This is exactly what tedd did in his last arrow example. He edited the
header of the GIF image, and so that would result in different MD5.
Finding this part and skipping it in the MD5 check
On 4/9/07, tedd [EMAIL PROTECTED] wrote:
At 4:39 PM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 22:27 +0200, Tijnema ! wrote:
This is exactly what tedd did in his last arrow example. He edited the
header of the GIF image, and so that would result in different MD5.
Finding
tedd wrote:
...snip...
that's the reason for the alt attribute.
Thanks for clarification! :)
You are doing some great work with captchas... I also really like your
audio captcha experiments. Keep up the great work!
Cheers,
Micky
--
Wishlists: http://snipurl.com/vrs9
Switch:
On Mon, 2007-04-09 at 17:14 -0400, tedd wrote:
At 4:39 PM -0400 4/9/07, Robert Cummings wrote:
On Mon, 2007-04-09 at 22:27 +0200, Tijnema ! wrote:
This is exactly what tedd did in his last arrow example. He edited the
header of the GIF image, and so that would result in different MD5.
On 4/8/07, tedd [EMAIL PROTECTED] wrote:
Well, I cracked it for you :)
http://86.86.80.41/dev/debug/tedd.php
At the bottom it shows you the MD5 code of your arrow image, and it
shows you which way it points to :)
If you're interested in the code:
http://86.86.80.41/dev/debug/tedd.txt
On 4/8/07, Tijnema ! [EMAIL PROTECTED] wrote:
On 4/8/07, tedd [EMAIL PROTECTED] wrote:
Well, I cracked it for you :)
http://86.86.80.41/dev/debug/tedd.php
At the bottom it shows you the MD5 code of your arrow image, and it
shows you which way it points to :)
If you're interested in
hmm, why don't you md5 more then once..
for example, use a condition that will change with every visitor. like
the third num in $_SERVER['REMOTE_ADDR']; or something of the sort.
then make a loop..
say the third num in my ip address is 5
the person that visits after me would get my value,
On Sun, 2007-04-08 at 04:38 -0700, benifactor wrote:
hmm, why don't you md5 more then once..
for example, use a condition that will change with every visitor. like
the third num in $_SERVER['REMOTE_ADDR']; or something of the sort.
then make a loop..
say the third num in my ip address
indeed. i was just throwing out the idea of ever changing values.
Robert Cummings wrote:
On Sun, 2007-04-08 at 04:38 -0700, benifactor wrote:
hmm, why don't you md5 more then once..
for example, use a condition that will change with every visitor. like
the third num in
On Sun, 2007-04-08 at 05:41 -0700, benifactor wrote:
indeed. i was just throwing out the idea of ever changing values.
Except IP addresses aren't ever changing ;)
Cheers,
Rob.
--
..
| InterJinn Application Framework -
but most people have different ones :) you could also use a random
position :) fooeee.
Robert Cummings wrote:
On Sun, 2007-04-08 at 05:41 -0700, benifactor wrote:
indeed. i was just throwing out the idea of ever changing values.
Except IP addresses aren't ever changing ;)
Cheers,
At 9:42 AM +0200 4/8/07, Tijnema ! wrote:
You can't stop me :)
http://86.86.80.41/dev/debug/tedd.php
It's cracked again :)
and of course i show you the code:
http://86.86.80.41/dev/debug/tedd.txt
Waiting for your next try :P
Tijnema:
I might not be able to stop you, but I am sure I can
At 12:38 AM +0100 4/8/07, Stut wrote:
tedd wrote:
Okay, I think I figured out a fix -- try it again. :-)
http://sperling.com/a/arrows/
A little knowledge is a dangerous thing.
Give up now, while you're still sane.
Think about what you're trying to do. You're trying to do something
On 4/8/07, tedd [EMAIL PROTECTED] wrote:
At 9:42 AM +0200 4/8/07, Tijnema ! wrote:
You can't stop me :)
http://86.86.80.41/dev/debug/tedd.php
It's cracked again :)
and of course i show you the code:
http://86.86.80.41/dev/debug/tedd.txt
Waiting for your next try :P
Tijnema:
I might not
just a few random thought on how to make it even more painful to
crack. random colored borders, random border width, slight changes in
width/height,
random pixel noise or varying colors, animated gifs (where does the arrow stop),
animated gifs (where does the red/pink/blue/green arrow point to),
At 6:33 PM +0200 4/8/07, Tijnema ! wrote:
On 4/8/07, tedd [EMAIL PROTECTED] wrote:
Remember, I could also use a jpeg file and have millions of colors to
chose from. Unless, there is something here that I don't understand
(which very well could be), I can't see how anyone, without massive
At 6:46 PM +0200 4/8/07, Jochem Maas wrote:
just a few random thought on how to make it even more painful to
crack. random colored borders, random border width, slight changes
in width/height,
random pixel noise or varying colors, animated gifs (where does the
arrow stop),
animated gifs
At 4:38 AM -0700 4/8/07, benifactor wrote:
hmm, why don't you md5 more then once..
I read somewhere that MD5'ing anything more than once, does not
increase security.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List
On 4/7/07, tedd [EMAIL PROTECTED] wrote:
At 11:56 PM +0100 4/6/07, Tijnema ! wrote:
On 4/6/07, tedd [EMAIL PROTECTED] wrote:
At 2:55 PM +0100 4/6/07, Tijnema ! wrote:
I know, but animated gifs are still quite easy to read with a bot.
Really?
What if I a created a box surrounded by letters,
At 10:33 PM +0200 4/7/07, Tijnema ! wrote:
On 4/7/07, tedd [EMAIL PROTECTED] wrote:
At 11:56 PM +0100 4/6/07, Tijnema ! wrote:
On 4/6/07, tedd [EMAIL PROTECTED] wrote:
At 2:55 PM +0100 4/6/07, Tijnema ! wrote:
I know, but animated gifs are still quite easy to read with a bot.
Really?
What
Well, I cracked it for you :)
http://86.86.80.41/dev/debug/tedd.php
At the bottom it shows you the MD5 code of your arrow image, and it
shows you which way it points to :)
If you're interested in the code:
http://86.86.80.41/dev/debug/tedd.txt
Tijnema
Tijnema:
Okay, I think I figured out
tedd wrote:
Okay, I think I figured out a fix -- try it again. :-)
http://sperling.com/a/arrows/
A little knowledge is a dangerous thing.
Give up now, while you're still sane.
Think about what you're trying to do. You're trying to do something
different on the client every time, but
Stut wrote:
tedd wrote:
Okay, I think I figured out a fix -- try it again. :-)
http://sperling.com/a/arrows/
A little knowledge is a dangerous thing.
Give up now, while you're still sane.
Think about what you're trying to do. You're trying to do something
different on the client every
67 matches
Mail list logo
