Try my new CAPTCHA circle test

spearfish · December 10, 2008, 02:59:19 PM

Yeah - don't forget that agencies exist which will route CAPTCHAs to humans to solve.

lax.slash · December 10, 2008, 03:08:11 PM

I got 3 or 4 since I posted last. All from the same IP address.

Akyhne · December 10, 2008, 03:12:30 PM

That got lucky with registration???

lax.slash · December 10, 2008, 03:17:09 PM

Yup. FYI - I just installed BETA 2, and verified the bug that was posted earlier by ディン1031.

The letters never change when the new image is requested.

Quote from: ディン1031 on December 10, 2008, 07:55:55 AM
About the captcha
There is a small thinking bug in it .

If you create an new image (because you could not read it ;P), than the site with the information what is need to be read is not updated. If this not needed and will be the same than you can easy bypass it . If it change than how will the user know what he need to read.

Bye
DIN1031

Akyhne · December 10, 2008, 03:23:00 PM

The letters are not supposed to change. Only the shapes. I think you should change the wav sound to read all the text and not only the good letters. Then we can confirm wether they have cracked the sound.

lax.slash · December 10, 2008, 03:25:26 PM

OK... I'll do that in a bit, as I have to go somewhere right now.

Akyhne · December 10, 2008, 03:36:28 PM

Well, here's a version that reads all the fake code:

Akyhne · December 10, 2008, 07:07:03 PM

I updated the description in the first post, to make it more clear how the Cavecost CAPTCHA works.

As I don't have any forums that are bothered with spammers, it's very difficult for me to know how well it keeps spammers out.
So if you have a forum attacked on daily basis, I would appreciate if they would try the CAPTCHA.

I think it is the safest to use the attached version above this post as it may seem the wave readout of the code is cracked.

karlbenson · December 10, 2008, 08:27:05 PM

Very nice indeed.

Rather than just ramping up the complexity. The point with these mods are to make our forums registration more unique.
If you can do levels of complexity/random differences, then it makes it much harder / less profitable for spammers to attack our forums.

I've had loads of ideas for possible new captchas recently
- Rock Paper Scissors Lizard Spock - http://www.samkass.com/theories/RPSSL.html
- Periodic Table captcha (maybe H to hydrogen etc).
- Sorting three listboxes
- Cat and Mouse (well irony), several pics, but only pic with cat+mouse in gets chosen (each pic has code in it)

lax.slash · December 10, 2008, 10:07:21 PM

Quote from: akyhne on December 10, 2008, 03:36:28 PM
Well, here's a version that reads all the fake code:

Installed, and working.

Akyhne · December 11, 2008, 01:45:59 AM

Hi Karl (regularexpression)

Yeah I have been thinking a lot the last year or more on different kinds of captchas that could b hard to solve. The problem is to make something that's simple for people to solve, but extreme hard for computers to solve.

And then again I failed in the first version of this captcha, where people had to point circles out with a specific color. Although there were only 8 colors that were very different, my first friend I asked to solve it failed... he was colorblind!! Well I had that in mind, but didn't realise color blindness could make it that hard.

Akyhne · December 11, 2008, 03:28:38 PM

Added two extra levels of diffuse letters in 1.0 Beta 2 rev. 2

File can be downloaded in the first post:
http://www.simplemachines.org/community/index.php?topic=278017.0

lax.slash · December 11, 2008, 08:43:45 PM

Quote from: akyhne on December 11, 2008, 03:28:38 PM
Added two extra levels of diffuse letters in 1.0 Beta 2 rev. 2

File can be downloaded in the first post:
http://www.simplemachines.org/community/index.php?topic=278017.0

I'm using it with Cavecost Hard. Let's see what happens...

lax.slash · December 12, 2008, 10:52:19 AM

With your latest version, I got hit 1/2 hour after I installed it. Using Cavecost high. Did that one have the "Listen to image" read the full text, or just part?

(Proof in attatched image)

lax.slash · December 12, 2008, 10:59:32 AM

Hmmm... you know what? I wonder if these bots are somehow possibly bypassing the CAPTCHA?

Akyhne · December 12, 2008, 11:24:43 AM

If you get hitted by spammers that got through, they will even get through on highest SMF level. There's nothing in my code that reveals or changes the standard SMF sequrity level.

So either it's a human, or it's someone who completely cracked the way the CAPTCHA works in SMF 1.1.7

And yes, the "listen to image" reads the fake code.

Akyhne · December 15, 2008, 08:57:31 PM

Yet another way to stop spammers. In this mod they also get banned on 3 fails:

http://www.simplemachines.org/community/index.php?topic=280188.0

Akyhne · December 21, 2008, 07:51:53 PM

Finally it's official

http://custom.simplemachines.org/mods/index.php?mod=1558

News:

Try my new CAPTCHA circle test

spearfish