On 4/9/07, Stut <stuttle@xxxxxxxxx> wrote:
Tijnema ! wrote: > On 4/9/07, Robert Cummings <robert@xxxxxxxxxxxxx> wrote: >> On Mon, 2007-04-09 at 16:39 +0200, Tijnema ! wrote: >> > On 4/9/07, Robert Cummings <robert@xxxxxxxxxxxxx> wrote: >> > > On Mon, 2007-04-09 at 16:27 +0200, Tijnema ! wrote: >> > > > >> > > > I think that we can conclude that a non-crackable CAPTCHA doesn't >> > > > exist, but also that there doesn't exist a real "hard to crack" >> > > > CAPTCHA. All current CAPTCHAs can be broken quite easy. MD5 can >> help >> > > > in some cases, but only if the CAPTCHA uses static >> > > > images/audio/video/etc. Just about your Audio CAPTCHA, you could >> use >> > > > MD5 to crack it, as the number has the same MD5 sum each time. >> > > >> > > Similar methods could be applied to sound as to images to distort the >> > > sound enough to make it difficult for speech recognition software to >> > > understand, but not so much that real humans couldn't understand >> it. At >> > > any rate, it could be enough to prevent md5 indexing... but then >> again, >> > > that would require the audio be mutated on each request, and enough >> > > audio be mutated to prevent md5 indexing based on partial >> signatures -- >> > > similar to how viruses are detected - this is especially important if >> > > using dictionary words since the sample space is so small (could >> always >> > > use sentences though) :) >> > > >> > > Cheers, >> > > Rob. >> > >> > But well, you can't have a audio only CAPTCHA on your site...., a lot >> > people don't have speakers on there PC. And some people can't >> > recognize english numbers... >> > So then you have an "write the key" CAPTHCA or smiliar on your site, >> > and the cracker would use that :) >> >> Yep, like I said to Tedd before... kinda need multiple forms of captcha >> tailored to particular special needs audiences. Visual is good for >> pretty much all but the blind. Blind people can use audio captcha. >> Beyond that... is it worth the cost to target diminishing audiences? >> >> Cheers, >> Rob. > > Uhm, blind people can't even view your page :P > I think you mean visual impaired people :) Yes they can... http://www.webaim.org/articles/visual/blind.php -Stut
Interesting... Didn't know that... :) Tijnema
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
