On 6/10/07, tedd <tedd@xxxxxxxxxxxx> wrote:
>Tedd: > >Please don't spread the code of your Audio CAPTCHA, we had a big >discussion about it, and we concluded that it was quite easy to crack. >I remember i've cracked some other CAPTCHAs, but if you still think >your Audio CAPTCHA isn't hard to crack, then just let me know and i'll >start cracking it :) > >Dave: Dave: The point is not how easy my Audio CAPTCHA is to crack, but rather one of accessibility. If one insist on using a graphic CAPTCHA, which in most cases can be cracked, then at least add an Audio CAPTCHA to allow access for the visually disabled. Or, is the point here to allow bots and block the visually disabled -- I think not.
Surely not, but what you're doing with adding a weak audio CAPTCHA is adding more options for a hacker. Since the form can be submitted by either completing one of both CAPTCHA programs, the hacker can choose whichever way he likes. So if you have a very very strong Graphic CAPTCHA, but a very weak Audio CAPTHCA, than it isn't too hard to crack, as the hacker would only crack the Audio CAPTCHA...
Look at the CAPTCHA's use here: http://sam.zoy.org/pwntcha/ and their efficiently at blocking bots, which next to nil. So, if people are going to believe in the false notion that CAPTCHA's block bots, then why not provide a way for the visually disabled to obtain access as well? Why just block the visually disabled?
The question is not if the CAPTCHAs are crackable, because they are! But, like we said in the other thread, it's by finding the right way between the time needed to crack, and the time needed to type over/listen to CAPTCHA. Adding Audio CAPTCHA decreases time to crack...
>I think you remember the thread tedd ;) I remember the threads, but nothing that was said there is counter to what I said here. Cheers, tedd
It's atleast an interesting thread about CAPTCHA. Tijnema -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php