Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Thoughts on CAPTCHA

from [Mike Preston - Technomonk Industries] Network Security [Permanent Link]
Subject: Re: Thoughts on CAPTCHA
Date: Wed, 16 Apr 2008 17:40:35 +0100 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gregory Rubin wrote:
| KitttenAuth looks very similar to ASIRRA (Microsoft's contribution to
the area).

Wasn't familiar with this... thanks for the headsup.

| I think that so long as the image library behind them is sufficiently
| large (which is the biggest problem) then these would work very well
| as CAPTCHAs.

You can artifcially increase the size of the search space by
flipping/distorting images, moving them by a single pixel within their
bounding images, colour shifting them etc. All makes it slightly more
difficult to bruteforce by attempting to train the system.

| And though the current incarnations use AJAX, I see nothing in them
| that precludes the use of normal forms without javascript.

Any good system should be able to cope with a lack of JS enablement IMHO...

| Greg

Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkgGLAMACgkQvhwPecbXDdy3DQCfbLzEWV2y9jH79MtDX6I6rz6o
zsMAoIVHJfNZhJGUlAQ9B5S3I0IwTW4I
=XyZ5
-----END PGP SIGNATURE-----

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Wireless range limiting, Kurt Buff
Next by Date:  RE: Wireless range limiting, Patterson, Michael
Previous by Thread:  Re: Thoughts on CAPTCHA, Gregory Rubin
Next by Thread:  VPN between Cisco Concentrator and SSG20, Ivan .
Indexes:  [Date] [Thread] [Top] [All Lists]