Captcha



  • First of all, I understand the need for systems like captcha so you can weed out bots or scripts from posting spam messages or mass voting for something or creating user accounts for nefarious purposes.

     

    But I consistently fail captcha challenges, most of the time I get it on the second try. I hope there is nothing wrong with me  :\

    I like to think that I have too much imagination and I see the 2 as a Z or viceversa... But I was thinking: Captcha must be extremely hard for visually challenged people, especially the elderly or weak sighted.

     

    Isn't there an easier way?

    Take for example a riddle and three images instead of a Captcha challenge, the riddle reads "What rises everyday in the morning?" and there are three pictures: A sun, a flower and a bowl of cereal.

    Can the spam bots or scripts easily figure out that challenge? Shouldn't it be enough to weed out the majority of the automated attempts? What is the current status of the picture recognition systems? 

     If you think the challenge is too simple (or that the bot has 1/3 changes of getting in), how about a riddle that reads: "Select the hottest item?" And there are 9 pictures (a grid of 3x3) and among them there's a picture of a steaming bowl of soup, can any bot infer that the steam in the bowl is because the soup is hot and therefore that's the answer to the riddle?

     

    I was thinking of all these questions as I failed yet another Captcha challenge today and thought that this might be a good topic to discuss.

     

    Regards,

     

    Mike

     

    PS: I tried to upload the screenshot of the Captcha that I failed today but the forum does not support uploads, only urls. I'm behind a strict proxy here at the office and for the moment could not upload the image. Is it hard for the forum to allow upload images? it has been years that the forum has been working this way, wouldn't it be easier for everybody?

     PPS: Sorry for the English, it is not my native tongue.



  • The problem is that riddles require someone manually writing them, so once a spammer solves the riddle, it won't be useful at blocking spam.



  • @MikeRod said:

    Isn't there an easier way?
    There is no easy way to fight spam.  If it's easy then it's easy for the spammers to circumvent. @MikeRod said:
    I tried to upload the screenshot of the Captcha that I failed today but the forum does not support uploads, only urls
    Upload the picture to a picture hosting site and post the link here.  @MikeRod said:
    I'm behind a strict proxy here at the office and for the moment could not upload the image
    If you can't upload because of your work proxy then being able to upload directly here isn't of any use, either. @MikeRod said:
    wouldn't it be easier for everybody?
    Quit goofing off and get back to work.



  • I've done the honeypot field thing for a comment form long ago, and it didn't really work. I don't know why, unless there are a) human beings entering the spam or b) robots have gained rudimentary CSS and script support (as much as is needed to circumvent some popular countermeasures).

    Either is rather plausible.

    Does anyone here have an anecdote of when implementing a captcha suddenly quelled an influx of spam input?




  • Avery office products was recently doing a contest sort of thing where you logged onto their site and voted for a school. Eventually, some schools would get money or other prizes. Anywho, their captcha was always six pictures, and they'd say to pick all of the $x, where $x was faces or houses or whatever. I apparently failed once or twice (I think their setup was wrong, but whatever). Either way, it was superior to the sort of captcha where you squint at deformed text.



  • @boomzilla said:

    I apparently failed once or twice
     

    Maybe they used google images as their store of images-matching-a-keyword?



  • @dhromed said:

    @boomzilla said:
    I apparently failed once or twice

    Maybe they used google images as their store of images-matching-a-keyword?

    They were all cartoonish pictures, so it looks like something someone put together. I could just have made a mistake (I'm not blakeyrat, after all), but my wife had a similar indignant experience when she failed it.



  • [shows picture of house]  "That's not a house, you moron. No commenting for you! HAHAHAHA"



  • @dhromed said:

    Does anyone here have an anecdote of when implementing a captcha suddenly quelled an influx of spam input?
    I do.

     If you host a wordpress blog, you can easily get a few hundred comment spam tries each day.To avoid having to manually look at every single comment for moderation I took the block-spam-by-math-reloaded plugin and, to be on the safe side, changed the addition to something else.

     Voilá! Instant gratification, only a few legit comments left to look at each month.


  • Discourse touched me in a no-no place

    @flop said:

    @dhromed said:
    Does anyone here have an anecdote of when implementing a captcha suddenly quelled an influx of spam input?
    I do.
    Same here; Mediawiki site for me; automated spam down from X per day down to zero, human spam down to about 3 instances a month. (Still getting an inordinate number of spammers signing up, but the majority don't actually seem to post anything.)



  • It is relativly easy to completly remove the need for a capture using a simple AJAX request to obtain a NONCE from wghte webserver that can then be validated as a hidden field when the page is submited back.

    it is unlikly that any web bots are going to implement a full java interpreter any time soon.



  • @ip-guru said:

    full java interpreter


    -10 credibility points



  •  Only -10, should have been much worse - Doh,


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.