If its worth it for the hacker, there are some ways to bypass your captcha.
For example, a hacker can harness the human processing power of Amazon's
Mechanical Turk and even automate the entire process.

I'm not saying that captcha is dead, because it seems to lower the spam
volume from sites that use it. However, it may be only temporary relief.

Regards,
Shalom Carmel
-----------------------
www.hackingiseries.com


2008/9/2 <web400-request@xxxxxxxxxxxx>

----------------------------------------------------------------------
date: Tue, 2 Sep 2008 01:08:57 +0200
from: "Guillermo Andrades, CPI Software" <gab@xxxxxxx>
subject: Re: [WEB400] CAPTCHA image validation in web form

maybe simple, or maybe useful idea:

the program shows an html with an image,
but the image is not an captcha, the image is an small photo: a boat in the
sea.

below the image, the question: please select the image:
and an select/combobox or check/radio with several possibilities:
_ ICE _ BOAT _ GIRL _ THE MOON _ FLOWERS _ GUITAR _ THE SUN

you get the idea, the user click in BOAT and voila,
only human can select the adecuate? ocr is unable at least.

maybe an low number of images are enough,
this can be made using RPG, no js code required.

too simple?

Regards,
Guillermo.





As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.