You need to register to post on the Adverts forum.
#21
Posted 26 February 2007 - 02:10 PM
apart from the catcha reader, i could make a bot in PHP that posts topic in this forum in about 5 minutes
Einstein: "We can’t solve problems by using the same kind of thinking we used when we created them."
#22
Posted 26 February 2007 - 07:23 PM
#24
Posted 26 February 2007 - 11:01 PM
As well as hidden fields to be left unfilled, you could add some unique to this board, so bots gets rejected if they fill the hidden box, OR are unable to specify a correct favorite pie
World Domination Status: ▾2.7%
#25
Posted 26 February 2007 - 11:32 PM
because it's a 10-second change in the bot code
apart from the catcha reader, i could make a bot in PHP that posts topic in this forum in about 5 minutes
So could Immo. But again, unless you deliberately knew, cared about or had any vested interest in Revora, would you bother your arse to change the bot code to do that? I dare say half the bot coders don't even know what Revora is, much less would bother to alter their bot code specifically to target it. They're aimed at invisionfree more than anything else. Indeed, anywhere where guest posting is enabled is vulnerable, and that tends to be invisionfree boards run by dumbasses, or regular Invision boards run by dumbasses.
Ipso facto, bot runners target dumbasses. They aren't going to care about this one forum when there are a thousand other dumbass forums to target.
Edited by Paradox, 26 February 2007 - 11:33 PM.
#26
Posted 26 February 2007 - 11:45 PM
Nope. Bots can crack CAPTCHA much easier than they can bypass a form they don't understand. Sure, the bot creators can adapt the bots to it - but how will they know that they need to, bearing in mind that this is not a standard forum upgrade - it's a custom fix. It's obvious that it will stop any and all bots.That would probably work...for a few days after that the bots will just be adapted
The best bot prevention is good CAPTCHA.
We tried a rather good CAPTCHA, it didn't work. If you think you can code a CAPTCHA that will stop all bots dead in their tracks, I welcome you to try.
Edited by Blodo, 26 February 2007 - 11:47 PM.
ARGUMENT FROM CREATION, a.k.a. ARGUMENT FROM PERSONAL INCREDULITY (I)
(1) If evolution is false, then creationism is true, and therefore God exists.
(2) Evolution can't be true, since I lack the mental capacity to understand it; moreover, to accept its truth would cause me to be uncomfortable.
(3) Therefore, God exists.
#27
Posted 27 February 2007 - 12:02 AM
World Domination Status: ▾2.7%
#28
Posted 27 February 2007 - 12:08 AM
ARGUMENT FROM CREATION, a.k.a. ARGUMENT FROM PERSONAL INCREDULITY (I)
(1) If evolution is false, then creationism is true, and therefore God exists.
(2) Evolution can't be true, since I lack the mental capacity to understand it; moreover, to accept its truth would cause me to be uncomfortable.
(3) Therefore, God exists.
#29
Posted 27 February 2007 - 12:30 AM
How about a compromise - hidden capcha
World Domination Status: ▾2.7%
#30
Posted 27 February 2007 - 12:54 AM
There is no way a bot could determine which answer it was. Though it could cylce through all fours answers quickly, it would have to be designed to do that for it to work.
Are bots designed to solve that one? Maybe they are, I don't know.
Save the environment, use green text
Some Bullshit Somewhere
#31
Posted 27 February 2007 - 01:07 AM
Are you sure you want to register?
* NO
* YES
default to NO. Just make sure that it's obvious to humans that it's there.
#32
Posted 27 February 2007 - 05:05 AM
World Domination Status: ▾2.7%
#33
Posted 27 February 2007 - 08:28 AM
Nope. Bots can crack CAPTCHA much easier than they can bypass a form they don't understand. Sure, the bot creators can adapt the bots to it - but how will they know that they need to, bearing in mind that this is not a standard forum upgrade - it's a custom fix. It's obvious that it will stop any and all bots.
We tried a rather good CAPTCHA, it didn't work. If you think you can code a CAPTCHA that will stop all bots dead in their tracks, I welcome you to try.
http://sam.zoy.org/pwntcha/
Einstein: "We can’t solve problems by using the same kind of thinking we used when we created them."
#34
Posted 27 February 2007 - 10:10 AM
What about word association? Meaning upon registering, an image shows up with four checkboxes. Picture of a cat with options: cat, dog, tiger, duck.
There is no way a bot could determine which answer it was. Though it could cylce through all fours answers quickly, it would have to be designed to do that for it to work.
Are bots designed to solve that one? Maybe they are, I don't know.
I like this idea, 'cept you could have a text field saying "what is the name of this animal?" and a bunch of photo's of animals that it cycles through or something. Obvious animals of course... not like subtly differing species of sheep or something
Edited by Calamity_Jones, 27 February 2007 - 10:11 AM.
#36
Posted 27 February 2007 - 03:09 PM
Illustrates my point completely.
ARGUMENT FROM CREATION, a.k.a. ARGUMENT FROM PERSONAL INCREDULITY (I)
(1) If evolution is false, then creationism is true, and therefore God exists.
(2) Evolution can't be true, since I lack the mental capacity to understand it; moreover, to accept its truth would cause me to be uncomfortable.
(3) Therefore, God exists.
#37
Posted 27 February 2007 - 03:22 PM
These captchas can currently not be defeated by PWNtcha. Note however that this is not an acknowledgement of efficiency; for instance, EZ-Gimpy can be easily defeated by other projects. However, the Passport/Yahoo and CFXCaptcha captchas are probably going to last for a long time.
CFXCaptcha:
Einstein: "We can’t solve problems by using the same kind of thinking we used when we created them."
#38
Posted 27 February 2007 - 03:38 PM
ARGUMENT FROM CREATION, a.k.a. ARGUMENT FROM PERSONAL INCREDULITY (I)
(1) If evolution is false, then creationism is true, and therefore God exists.
(2) Evolution can't be true, since I lack the mental capacity to understand it; moreover, to accept its truth would cause me to be uncomfortable.
(3) Therefore, God exists.
#39
Posted 05 March 2007 - 06:52 PM
SourceWorth pointing out that a huge amount of CAPTCHA scripts are actually easily crackable: http://sam.zoy.org/pwntcha/
It does claim the CFXCAPTCHA to be very good, but simply converting the
example to 2-colour and applying a gaussian blur and the text looks plain enough for an OCR to read (have not got one handy though, so can not test for sure.) More importantly though, is that they frustrate a lot of users, and are often unusable for people who are colour blind, dyslexic, etc...
While he hasn't tested his idea yet, he does have an idea, and I believe it will be only a matter of time before someone will come up with an idea that will actually work. Because the Captcha is marked as hard to crack, some people will only try harder to gain the recognision they would get for cracking it. In short, I think it won't take as long as said at the site.
From the other side, creating such a Captcha with enough randomization would probably be a pretty though job.
The idea of Blodo is interesting, but if that won't work (I don't know about coding, so I leave that up to others to decide) and a captcha is needed, then how about putting in two words (or strings of random characters) and ask people to only type one of them?
I doubt a bot would do anything but enter all characters it finds in a captcha.
The third idea, to have a question that only a human could answer is something that could work too, but it shouldn't be multiple choice. As Hostile said:
Though it could cylce through all fours answers quickly, it would have to be designed to do that for it to work.
Hostiles idea is nice too, although not with checkboxes, but written input. From the site 2play linked too, a similar solution failed because it had bad programming.
We all have our ideas, and I think the only way to find out if any of them will work, is to actually try them.
If the idea from Blodo is really easy to implent, why not give it a try? It's certainly not going to bother people if it doesn't work.
After having done the most simple one, we can try the others.
Solinx
"An expert is a man who has made all the mistakes which can be made in a very narrow field." - Niels Bohr
#40
Posted 05 March 2007 - 11:10 PM
Unless someone views source or has a really really bad connection, nobody will even know its thereIt's certainly not going to bother people if it doesn't work.
And quite, nobodys saying this is a be all and end all solution, its just our occums razor - the easiest solution is likely the correct one. If for some whacko reason it doesn't work, theres no reason we cannot try an alternative.
World Domination Status: ▾2.7%
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users