[nycphp-talk] easily defeating captchas using automated imageanalysis
Chris Shiflett
shiflett at php.net
Tue Nov 2 20:59:20 EST 2004
--- inforequest <1j0lkq002 at sneakemail.com> wrote:
> There's a way to defeat the to-be-monikered-adult hack. Remind
> the world that it is illegal to participate in a security hack,
> and that participation via adultsite captcha completion is at
> the very minimum "grounds for investigation".
I don't see how this idea will work, because people have no idea that
they're participating in any such thing. I can think of plenty of ways to
word this:
"In order to keep our competitors from harvesting our images, we ask that
you please type in the word you see in the box below. Once you do this,
we'll show you some pictures you don't want to miss!"
In fact, I would hope that it would be impossible to prosecute someone who
was tricked into providing this answer, because they literally have no way
to know that the answer they're provided is going to be misused in any
way.
Chris
=====
Chris Shiflett - http://shiflett.org/
PHP Security - O'Reilly HTTP Developer's Handbook - Sams
Coming January 2005 http://httphandbook.org/
More information about the talk
mailing list