Topic: Capcha is useless?

[kat]

K@, anything that is purely visible would be a problem for the visually impaired that use a screen reader.

Bugger. Good point.

[Kindred]

but, what happens if you get a blind frenchman then? 

[MrPhil]

In the interest of decency and family friendliness, we won't go there

[Unruler]

What's the point in picture if you can go "what has 4 walls door and window?" kind of thing?

Also you have license agreement pending for acceptation, is it adopted for multiple languages?

EDIT: How about a function that allows to attach a picture to a security question?

[mrintech]

Can bots be programmed to override Keycaptcha and moving images?:


...

[Matthew K.]

^ ^ Spamtard alert. Please kill. Kthnx.

Are you talking about yourself...?

[Kindred]

but, as we've said, with those you run into issues with visually impaired users...

any time there is a captcha with a verbal reading of the letters means the bots can break it. They actually wrote  a script which "listens" to the verbal letters and the parses it and uses them

[MrPhil]

Re: moving images

I'll bet that not only could they still listen to the letters (the desired ones, not the background noise), but they might have an even easier time deciphering it visually. Take a number of snapshots (frames) from the video and use statistical analysis to filter out the fast changing stuff (background noise) and concentrate on the slowly changing stuff (desired letters).

Still, an interesting concept that might be taken somewhere with some work.

[mrintech]

Thanks

[Unruler]

Idk, guys, why are you so focused on capcha or other unified solutions. Because they may be good, but not necessarily for a forum. Because for a forum (that being usually themed community) security question may serve you more than just for filtering the spammers: it can also restrict access of undesired attendees like trolls or kids or clueless people.

[MrPhil]

Well, CAPTCHAs were originally designed to filter out bots (signing up to spew spam) during signup and perhaps for a limited number of posts. As discussed, they're now usually harder for real people to solve than the bots! Filtering out real people that we suspect would be undesirable might be helped a bit by good questions, but you have to be careful about requiring such domain-specific knowledge up front (at registration) that you end up excluding good people who want to participate to learn. It's difficult to strike a good balance, and you will always end up having to ban and clean up after spammers. If you have some good moderators in different timezones, hopefully you can keep on top of it to the point where word gets around that your forum isn't worth spamming.

Any forum (SMF included), could certainly use filters to try to automatically weed out spam (hold it for review). It's not an easy problem to solve, but will become vital as automated "hard shell" defenses (stop 'em at registration) like CAPTCHAs and even Questions or Are You Human tests lose their effectiveness. Whatever we do, the spammers will go to work to defeat it (as they have with CAPTCHA), so it's a never-ending arms race. Some of the filters might also prove useful for stopping trolls and idiots, but nothing will be guaranteed.