X-Original-To: pgsql-www-postgresql.org@localhost.postgresql.org Received: from localhost (av.hub.org [200.46.204.144]) by postgresql.org (Postfix) with ESMTP id 0B70C9DCA14 for ; Tue, 21 Mar 2006 12:45:20 -0400 (AST) Received: from postgresql.org ([200.46.204.71]) by localhost (av.hub.org [200.46.204.144]) (amavisd-new, port 10024) with ESMTP id 13208-02 for ; Tue, 21 Mar 2006 12:45:18 -0400 (AST) X-Greylist: from auto-whitelisted by SQLgrey- Received: from fetter.org (dsl092-188-065.sfo1.dsl.speakeasy.net [66.92.188.65]) by postgresql.org (Postfix) with ESMTP id 5C9259DC9BD for ; Tue, 21 Mar 2006 12:45:17 -0400 (AST) Received: by fetter.org (Postfix, from userid 500) id B06B1CF1CE; Tue, 21 Mar 2006 08:45:14 -0800 (PST) Date: Tue, 21 Mar 2006 08:45:14 -0800 From: David Fetter To: Dave Page Cc: PostgreSQL WWW Subject: Re: human validation on post comments Message-ID: <20060321164514.GC21510@fetter.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i X-Virus-Scanned: by amavisd-new at hub.org X-Spam-Status: No, score=0.129 required=5 tests=[AWL=0.129] X-Spam-Score: 0.129 X-Spam-Level: X-Archive-Number: 200603/121 X-Sequence-Number: 9711 On Tue, Mar 21, 2006 at 08:12:05AM -0000, Dave Page wrote: > > -----Original Message----- > > From: pgsql-www-owner@postgresql.org > > [mailto:pgsql-www-owner@postgresql.org] On Behalf Of David Fetter > > Sent: 21 March 2006 05:43 > > To: PostgreSQL WWW > > Subject: Re: [pgsql-www] human validation on post comments > > > > Actually, they've already got one, and here's how it works: > > > > 1. Put up a free porn site. > > 2. Present somebody else's capcha image as an entry. > > 3. Let the person see the porn if they've correctly cracked the > > capcha. > > 4. Spam site. > > > > The sad part of this one is that they don't have to crack any > > single capcha system. Instead, they've cracked the entire capcha > > process. > > Grrr, where's my baseball bat? > > Actually though that shouldn't be too much of a problem as long as > the images timeout after a few minutes- and we still have all the > normal moderation in place. The porn thing works just fine no matter what the timeout is, as the spam is queued up already and the capcha gets presented as soon as it's generated. The porn surfer will generally not dally when presented with the capcha. But apart from its ineffectiveness on spammers, as others have mentioned, capcha excludes blind people. :( Cheers, D -- David Fetter http://fetter.org/ phone: +1 415 235 3778 AIM: dfetter666 Skype: davidfetter Remember to vote!