Re: Audio CAPTCHA review request

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

At 2:30 PM -0700 4/3/07, jochem wrote:

Since you are asking for review: this audio captcha is almost certainly
easily breakable.

Tijnema is right with most of his comments, open source voice recognition
software (the code he pointed to like spynx) will break this.

I disagree with his point 3) below, obfuscating the speech with different
bitrates etc. will in my opinion not work.

How do I know? Unfortunately i do not have the time to properly test it, but
I wrote a devoicecaptcha script to break the voice captchas of microsoft,
google and paypal. You can download the code and test it with your code, see
http://vorm.net/captchas.

So unfortunately for you it will not work against spammers, but you are in
good company of people trying ;-).


Jochem:

Thanks for the link, article (very interesting), and advice.
The voice files that I am using could certainly be resolved by your method -- they are simple and your solution is pretty straightforward.
However, I'm not convinced that all sound methodologies can be resolved as simply as that. For example -- your method looks for pauses/high points and then capsulizes segments for comparison against known sounds. That's OK, but what if there is other meaning in the sound?
I often wondered why simple CAPTCHA's like "Type the number seven four three", or "What is the sum of two plus three?", or "Spell cat", or "Spell two" wouldn't work? Certainly, one can create a routine coupled a dB to randomly produce thousands of different combinations of simple questions. Likewise, a sound file could be produced the same way.
Perhaps I'm underestimating the capabilities of bots and overestimating the abilities of humans. I suspect that the distribution of both camps have an overlap and therein lies the problem. The problem may not have a solution.
But to bring this back to my intent -- my intent here is to provide a simple audio CAPTCHA that could be used by anyone to provide some degree of protection for their personal use THAT would also be accessible to screen readers. It's not foolproof, but it appears to work in that regard. 

Interesting discussion -- thanks for your perspective.

Cheers,

tedd
--
-------
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux