On Thu, 25 Aug 2005 focus@karsites.net wrote:
I suppose if the user had to select each letter and/or numeric digit
from a captcha seperately, and enter these using a randomly generated
input sequence by the server, that would block any programs from reading
the CAPTCHA and feeding it directly to the form input field.
Yeah, requiring them to enter characters separately into a number of boxes
(possibly after reading the page to determine the requested order). Not
any more difficult to accomplish, and won't stop anyone (Captcha attacks
must be customized anyway, so this is just a minor annoyance).
You could of course make the sequence hard to decipher for a machine...
using a captcha. Yeah.
There's really no good solution.
Captchas work (for now) to deter common trolls and abusers - you are
usually not that much obsessed about a particular forum or website to
write and test a complext piece of image analysis software.
They may of sudden stop working, the day somebody determined to code
something like that for fun, fame, or profits, sells or contributes one of
easy-to-use captcha busters to the public.
The thing is, captchas don't measure a quality that is unique to humans.
Image processing, filtering and picture recognition is something computers
can do well, often better than humans, and no amout of text obfuscation is
going to help. You will end up with captchas you can't solve, but
computers can.
We could use something other than text challenges (say, determination of
mood of a photographed person) - but the thing is, individual, reliably
predictable, everyday data processing capabilities of our brains are in
general rather easy to simulate, especially with the accuracy needed for
this task (1% success ratio is enough). It just takes some coding and
tests.
Things computers suck at (higher cognitive functions, so to speak) are
usually hard to define and examine to start with, and work in a different
way for different people; plus, many of us would naturally fail quite
often.
/mz
