I hear all this buzz about Captcha alot, what is it for? I mean basically it's just generating bitmap images of a random string and validating it from a user. Is it more than that? Any problems that we face building such a system?I had worked on such a system using .NET and was quiet general, are there any other things that we have to keep in mind as well?
A:
It’s called CAPTCHA and it stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”. It’s a mouthful!
What is it for — well, it’s to tell computers and humans apart. Imagine a forum software, for example. Without a captcha, most forums will drown in spam because spammers can use automated tools (“bots”) to post massive numbers of messages at once. The captcha is a kind of spam filter.
Timwi
2010-08-29 09:48:17
+1
A:
The problem is that of the age old "I can build armor that withstands any shell" vs "I can build shells that pierce any armor" conflict.
The trick is to make captchas which are easy for humans and hard for bot to read.
Currently the bad guys now use "wisdom of the crowd" attacks to break captcha's by redirecting to other sites and asking humans to interprete them, so they can use those answers to get into their target site.
Personally I find them a nuisance, but if it keeps the level of misuse down, I am willing to live with them.
Peter Tillemans
2010-08-29 09:51:48