@Lonnie: My host sells personal servers by stating that a benefit of the service is that you can change your resources real-time. In fact, they specifically state: "your goal is to keep the load as low as possible." Here's a pic:
http://www.kirkouimet.com/files/images/auto-scaler.gif I checked the ToS and couldn't find anything stating using a script to automate this task as breaking my agreement with my host. By implementing a CAPTCHA it is very apparent that they want to make it difficult for their users to automate the changing of allocated resources, but they haven't explicitly stated that they will cancel my account or take action against me. However; I would turn it off if they asked me to. @Brandon: If they wanted to improve their CAPTCHA all they would have to do is warp their text using fish-eye or other similar distortion methods. All of my research has shown that randomly warped-text CAPTCHAs are extremely difficult to break - you have to branch out from standard OCR techniques and start using AI and neural network frameworks to identify the characters, and even then you are only looking at 25-50% accuracy. At the end of the day it was a really fun challenge for me and as a bonus I will be saving ~$480/year in hosting fees. Kirk Ouimet [email protected] -----Original Message----- From: Lonnie Olson [mailto:[email protected]] Sent: Tuesday, March 10, 2009 2:52 PM To: Kirk Ouimet Cc: [email protected] Subject: Re: [UPHPU] Breaking Captchas On Sat, Mar 7, 2009 at 5:36 PM, Joseph Scott <[email protected]> wrote: > > On Mar 7, 2009, at 12:45 AM, Kirk Ouimet wrote: > >> My web host allows me to control how much RAM is available on my hosted >> Linux VServer and charges me $1 for every 10 MB allocated. I wrote a >> script >> this week that uses information from the Linux command "top" to scale >> resources available based on current demand. Running the script ends up >> saving me about $40/month. Everything was going great until they put a >> Captcha on the page that my script uses to set my allocated resources. > > What I'm going to suggest is that you talk to your host about providing an > API for customers to make these types of changes. In the long run I that's > a much better approach than trying to keep with changes to the HTML forms. Um, have you thought this through? The purpose of a CAPTCHA is to block automated robots. You run an "automated robot". Your host is purposely trying to block what you are doing. In fact it might have been your usage of this "robot" that triggered them to implement the CAPTCHA. If you goal is to piss off your Web Hosting provider, continue with your CAPTCHA breaking. If you goal is to save money, contact your Web Hosting provider and talk to them, perhaps they will provide an API, or perhaps you need to find a new host. Pissing off your host is a "very bad thing". Now I agree that you want to save money, and this idea can save you a ton. However your web host is probably using this method to gouge it's customers. Consider a mobile phone plan, do you really think Verizon would be happy if users kept changing their plans every few days to barely cover their usage. Of course not, they make lots of money on overages, and overpaying. My guess is that your host is doing the same thing. IMHO, any time you need to consider breaking a CAPTCHA, you are doing something nefarious, and possibly illegal. Just say NO to CAPTCHA breaking. --lonnie
_______________________________________________ UPHPU mailing list [email protected] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
