tags:

views:

107

answers:

3
Q: 

captchas, is there another way, how about flash ?

is there another way of securing your register page from robots, I'm thinking about doing my registration page as a flash (swf, my site requires flash for video streaming anyway), would that help, or not? what else can I do?

+1  A: 

A lot of people (like me) use Flashblock to remove flash from pages. I'm not saying that all flash is bad, and I make exceptions for sites that I know and trust, or that are well-known and rely on it (e.g. YouTube), but I don't allow flash on some random page. It is generally just an ad or other distraction, and could be a flash cookie or even worse.

Anthony  2010-02-08 13:16:48
+6  A: 

If your goal is to keep from having to implement this yourself, you may want to take a look at http://recaptcha.net/. They have a free web service that generates captchas and by using it, your users will also be helping to digitize books.

benvolioT  2010-02-08 13:23:26
+2  A: 

... and then your SWF flash page will post a HTTP request. Which any minimally skilled spammer can capture, and automate the HTTP POST to register on your website, instead of interacting with your flash content.

CAPTCHA means "Completely Automated Public Turing test to tell Computers and Humans Apart". A flash interface only raises the bar, but won't address the issue at hand. If you are really interested in trying other methods, check these turing test alternatives from W3.org

On the traditional CAPTCHAs, you should check reCAPTCHA before ditching that approach. I use them in a few projects and found it easy to integrate and does the job well.

Good luck there, human! :)

nuba  2010-02-08 13:27:59
i can register my users using the rtmp and do the db changes in my media server (it's on java)
Omu  2010-02-08 14:10:52
RTMP is a protocol, not a technology for telling computers and people apart. You're only adding layers there, but not really addressing the problem.For comparison, you can post something in plaintext over HTTP with reCAPTCHA and still no one will be able to automate that, even if they could see the posted form's payload. That is because each posted form presents the user with a new CAPTCHA challenge.It's all about 'automated interaction with your form by robots'.BTW for a registration form you should really use some form of encryption, like HTTP over SSL. Encryption, not obfuscation.
nuba  2010-02-08 14:34:48

related questions

Any way to have an ActionScript 3 (Flex/AIR) project print to standard output?
How can I make flash cs3, actionscript send events to javascript?
Large File Download
3.1 or 5.1 audio in Flash
Drawing a custom label on a pie chart in Yahoo's Flash Library ASTRA
How do you use a flash object as a link?
Is there a way to render svg data in a swf at runtime?
How can I resize a swf during runtime to have the browser create html scrollbars?
What does this javascript error mean? Permission denied to call method to Location.toString
Flash designer/coder collaboration best practices
FLVPlayback component memory issues
Create an EXE from a SWF using Flex 3 without requiring AIR?
Is there some way to show HTML content inside Flash?
FOSS tools for Flash development
Silverlight vs Flex
Best Practices for AS3 XML Parsing
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
ActionScript 3.0 sockets can't reconnect
What are the options for delivering Flash video?
Best practices for building Flash video player
How to make a Flash movie with a transparent background
What are effective options for embedding video in an ASP.NET web site?
What are the best solutions for flash charts and graphs?
Best way to learn Flash?
Displaying Flash content in a C# WinForms application