Re: MD5 & bot Question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 4/9/07, Robert Cummings <robert@xxxxxxxxxxxxx> wrote:
On Mon, 2007-04-09 at 16:39 +0200, Tijnema ! wrote:
> On 4/9/07, Robert Cummings <robert@xxxxxxxxxxxxx> wrote:
> > On Mon, 2007-04-09 at 16:27 +0200, Tijnema ! wrote:
> > >
> > > I think that we can conclude that a non-crackable CAPTCHA doesn't
> > > exist, but also that there doesn't exist a real "hard to crack"
> > > CAPTCHA. All current CAPTCHAs can be broken quite easy. MD5 can help
> > > in some cases, but only if the CAPTCHA uses static
> > > images/audio/video/etc. Just about your Audio CAPTCHA, you could use
> > > MD5 to crack it, as the number has the same MD5 sum each time.
> >
> > Similar methods could be applied to sound as to images to distort the
> > sound enough to make it difficult for speech recognition software to
> > understand, but not so much that real humans couldn't understand it. At
> > any rate, it could be enough to prevent md5 indexing... but then again,
> > that would require the audio be mutated on each request, and enough
> > audio be mutated to prevent md5 indexing based on partial signatures --
> > similar to how viruses are detected - this is especially important if
> > using dictionary words since the sample space is so small (could always
> > use sentences though) :)
> >
> > Cheers,
> > Rob.
>
> But well, you can't have a audio only CAPTCHA on your site...., a lot
> people don't have speakers on there PC. And some people can't
> recognize english numbers...
> So then you have an "write the key" CAPTHCA or smiliar on your site,
> and the cracker would use that :)

Yep, like I said to Tedd before... kinda need multiple forms of captcha
tailored to particular special needs audiences. Visual is good for
pretty much all but the blind. Blind people can use audio captcha.
Beyond that... is it worth the cost to target diminishing audiences?

Cheers,
Rob.

Uhm, blind people can't even view your page :P
I think you mean visual impaired people :)

Tijnema

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux