> -----Original Message----- > From: Tijnema ! [mailto:tijnema@xxxxxxxxx] > Sent: Friday, March 30, 2007 6:04 PM > To: Jake McHenry > Cc: tedd; php-general@xxxxxxxxxxxxx > Subject: Re: Alternative/Addition to using a CAPTCHA > > On 3/31/07, Tijnema ! <tijnema@xxxxxxxxx> wrote: > > On 3/30/07, Jake McHenry <linux@xxxxxxxxxxxxxxxxx> wrote: > > > > > > > > > > -----Original Message----- > > > > From: tedd [mailto:tedd@xxxxxxxxxxxx] > > > > Sent: Friday, March 30, 2007 3:06 PM > > > > To: Tijnema !; John Comerford > > > > Cc: php-general@xxxxxxxxxxxxx > > > > Subject: Re: Alternative/Addition to using a CAPTCHA > > > > > > > > At 3:37 PM +0200 3/30/07, Tijnema ! wrote: > > > > >On 3/30/07, John Comerford <johnc@xxxxxxxxxxxxxxxxxxxx> wrote: > > > > >>I was reading the current tread on CAPTCHA and > possible cracks and I > > > > >>thought maybe I'd throw this out to the group to see > what you think. > > > > >>Recently I saw a forum where in order to post you first had > > > > to click on > > > > >>a div that was placed at a random location on the > page, it read > > > > >>something like, "Click here if you are human". I was > thinking that > > > > >>maybe you could put together a system that looks something > > > > like this: > > > > >> > > > > >>http://people.aapt.net.au/JComerford/ClickMe.htm > > > > >> > > > > >>I was thinking you could use it in a couple of ways: > > > > >> > > > > >>1) As a replacement to a CAPTCHA image > > > > >>2) When you click the image a CAPTCHA image is loaded into > > > > the 'Click > > > > >>Me' container > > > > >> > > > > >>The main problem is how to tell the server that the > div has been > > > > >>clicked, in a way that can't be simulated. I am not > an expect with > > > > >>either JS or PHP, but maybe some of the bigger brains out > > > > there could > > > > >>throw in their 2 cents...... > > > > >> > > > > >>JC > > > > > > > > > >This looks maybe hard to crack, but actually it isn't > very hard. All > > > > >the clicking does is calling a javascript function. > You still could > > > > >submit the page without clicking the box. > > > > > > > > > >Tijnema > > > > > > > > Tijnema & John: > > > > > > > > The above link I've already done a long time ago. But > check out my > > > > dot CAPTCHA here: > > > > > > > > http://sperling.com/examples/p-captcha > > > > > > > > > > > > > Maybe I'm going blind.. But I don't see a circle on that > page anywhere? > > > Everywhere I click it fails...... > > > Jake > > > > Hmm, just wanted to say that Jake, is it because i have my > resolution > > @ 1600x1200? > > > > Tijnema > > Actually, it just doesn't work with IE6, it works with FireFox. :) That would be my problem then :) Jake > > Tijnema > > > > > > > > > > > > > This does not use javascript, but does use sessions. > > > > > > > > As you can see, the blue dot can be placed anywhere on > the entrance > > > > page. Granted this presents problem for the visually > impaired, so I'm > > > > not recommending it. But, it's just a proof of concept > at this point. > > > > Plus, I have not checked this on all browsers. I > suspect that some > > > > browsers may have problems with alpha channel images -- so your > > > > mileage may differ. > > > > > > > > In any event, I think this may be a bit more difficult > to crack than > > > > something that replies upon javascript -- what do you think? > > > > > > > > Cheers, > > > > > > > > tedd > > > > > > > > -- > > > > ------- > > > > http://sperling.com http://ancientstones.com > http://earthstones.com > > > > > > > > -- > > > > PHP General Mailing List (http://www.php.net/) > > > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > > -- > > > > No virus found in this incoming message. > > > > Checked by AVG Free Edition. > > > > Version: 7.5.446 / Virus Database: 268.18.23/740 - Release > > > > Date: 3/30/2007 1:15 PM > > > > > > > > > > > > > > -- > > > No virus found in this outgoing message. > > > Checked by AVG Free Edition. > > > Version: 7.5.446 / Virus Database: 268.18.23/740 - > Release Date: 3/30/2007 > > > 1:15 PM > > > > > > > > > -- > > > PHP General Mailing List (http://www.php.net/) > > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.5.446 / Virus Database: 268.18.23/740 - Release > Date: 3/30/2007 1:15 PM > > -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.446 / Virus Database: 268.18.23/740 - Release Date: 3/30/2007 1:15 PM -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
