On Tue, Mar 21, 2006 at 08:12:05AM -0000, Dave Page wrote:
> > -----Original Message-----
> > From: pgsql-www-owner@postgresql.org
> > [mailto:pgsql-www-owner@postgresql.org] On Behalf Of David Fetter
> > Sent: 21 March 2006 05:43
> > To: PostgreSQL WWW
> > Subject: Re: [pgsql-www] human validation on post comments
> >
> > Actually, they've already got one, and here's how it works:
> >
> > 1. Put up a free porn site.
> > 2. Present somebody else's capcha image as an entry.
> > 3. Let the person see the porn if they've correctly cracked the
> > capcha.
> > 4. Spam site.
> >
> > The sad part of this one is that they don't have to crack any
> > single capcha system. Instead, they've cracked the entire capcha
> > process.
>
> Grrr, where's my baseball bat?
>
> Actually though that shouldn't be too much of a problem as long as
> the images timeout after a few minutes- and we still have all the
> normal moderation in place.
The porn thing works just fine no matter what the timeout is, as the
spam is queued up already and the capcha gets presented as soon as
it's generated. The porn surfer will generally not dally when
presented with the capcha.
But apart from its ineffectiveness on spammers, as others have
mentioned, capcha excludes blind people. :(
Cheers,
D
--
David Fetter <david@fetter.org> http://fetter.org/
phone: +1 415 235 3778 AIM: dfetter666
Skype: davidfetter
Remember to vote!
