> I often wondered why simple CAPTCHA's like "Type the number seven > four three", or "What is the sum of two plus three?", or "Spell cat", > or "Spell two" wouldn't work? Certainly, one can create a routine > coupled a dB to randomly produce thousands of different combinations > of simple questions. Likewise, a sound file could be produced the > same way. HA! I was just about to write you that I just had this same "brainstorm". Seems like it would be pretty hard to have a bot figure out "what is the sum of two plus three?". I bet it would work like a champ (assuming you were helpful enough on your end to accept either "five" or "5"... It drives me insane trying to post on the PHP.net function comments and it asks me that irritating question and I forget to spell out the answer. UGH! BTW, I should mention, I'm no fan of CAPTCHA in any form. Digg uses it, and it pisses me off because they do it for login and for posting. Seems it's all the rage with the kids these days, and I wonder how effective it is compared to how many people just won't post because of it -- I know I don't. > But to bring this back to my intent -- my intent here is to provide a > simple audio CAPTCHA that could be used by anyone to provide some > degree of protection for their personal use THAT would also be > accessible to screen readers. It's not foolproof, but it appears to > work in that regard. Not sure you can make a "one size fits all drop in CAPTCHA killa app". I think you can give someone the tools to do it (like how do I play an audio file, and know that the webform submitted an answer and if it matches, etc.) But like most security mechanizms, "one is not enough". It's ultimately up to the developer to implement and extend the tools to fit their own needs for the project. If you want to prevent 30% of spambots, then your simple solution may be enough. If you're protecting a presidential candidates blog page, you probably need more protection in the 70%. If you're working for the NSA, then a secure login is going to be a first line of defense... Daevid. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
