| Author |
 Topic  |
|
HuwR
Forum Admin
United Kingdom
20593 Posts |
 Posted - 24 February 2009 : 11:14:32
|
You are going to be pretty surprised to find out that your 1% is actually a lot higher
Today, 20% of state-of-the-art Captchas are not solved correctly on the first try (and often, there’s no second try). At the same time, bots have evolved to the point that commercially available software can successfully defeat the most difficult Captcha 10-20% of the time.
Beyond the obvious security failures, Captcha has other problems. Visually impaired users find it impossible to use, running afoul of the Disabilities Act (which guarantees equal access to all people, no matter their disabilities). Audio versions of Captcha have emerged for the visually-impaired, but not all sites use the available audio version and problems remain among other segments of the disabled computer-using market. User dissatisfaction is high with Captcha as well and Captcha complaints abound on the web. The most vocal complaints come from users of time-sensitive websites, such as a ticket venders for sporting events or concerts. The time it takes a user to solve the puzzle can mean they lose out on successfully buying a ticket.
Captcha isn’t only annoying to users, it’s wasteful. Placing barrier to interaction is costing the economy a lot of money, since by its very nature it slows down transactions. A human operator must take the time to solve the puzzle and enter the solution. 15-20 seconds of each user’s time may not sound like a lot, but it quickly adds up. One of the creators of Captcha (a professor at Carnegie Mellon University) estimated recently to Time magazine that 200 million Captchas are solved daily. Even at only 15 seconds each, that is over 800,000 user-hours consumed each and every day solving Captchas< |
 |
|
|
Shaggy
Support Moderator
Ireland
6780 Posts |
Posted - 24 February 2009 : 11:16:23
|
quote:
Originally posted by bobby131313
Sure, less than 1% maybe.
It's actually more like 10%, possibly more.
< |
 Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.” |
|
|
|
bobby131313
Senior Member
USA
1163 Posts |
|
|
Podge
Support Moderator
Ireland
3776 Posts |
|
|
bobby131313
Senior Member
USA
1163 Posts |
Posted - 24 February 2009 : 11:53:07
|
Maybe I'm just dense.
So I'm getting DOS attacks on my search page...
1. I can disable the search page to all non-members.
2. I can add some type of human verification which only 10% of the entire group I've blocked above may not be able to negotiate.
Which do I pick?< |
Switch the order of your title tags |
|
|
|
SiSL
Average Member
Turkey
671 Posts |
|
|
SiSL
Average Member
Turkey
671 Posts |
|
|
bobby131313
Senior Member
USA
1163 Posts |
|
|
HuwR
Forum Admin
United Kingdom
20593 Posts |
Posted - 24 February 2009 : 14:16:59
|
I would implement a counter and limit the number of searches in a certain period of time, that will prevent DOS attacks, if they go over your limit redirect them to google  < |
|
|
|
Podge
Support Moderator
Ireland
3776 Posts |
Posted - 24 February 2009 : 18:58:25
|
quote:
I don't think it is any less annoying or user-friendly at all. People should not be doing maths and brain exercises just to post something... While we can be all of combating spam, annoyed users either by Gatekeeper method is far worse than annoyed admins.
It all depends on the question you pick. It can be anything simple as long as its unique e.g.
Type the word Hello in this box -> Hello
What colour in an Orange? Orange
How do you spell dog? Dog
What is 2 + 2 ? 4
phoenixtaz13, you should include search.asp in your robots.txt
User-agent: *
Disallow: search.asp
Disallow: register.asp
Disallow: members.asp
Disallow: search.asp
Disallow: active.asp
Disallow: pop_profile.asp
Disallow: login.asp
Disallow: post_info.asp
Disallow: pop_profile.asp
Disallow: pop_mail.asp
And there's no reason to believe its a DOS attack. It could be a legit web crawler. Did you get the i.p. address from active_users.asp?< |
Podge.
The Hunger Site - Click to donate free food | My Blog | Snitz 3.4.05 AutoInstall (Beta!)
My Mods: CAPTCHA Mod | GateKeeper Mod
Tutorial: Enable subscriptions on your board
Warning: The post above or below may contain nuts. |
|
|
|
phoenixtaz13
Junior Member
129 Posts |
Posted - 26 February 2009 : 08:43:36
|
podge,
i'll apply the robot.txt... its a google bot... yup, got the ip, forgot where i wrote it...
many, many thanks....
< |
|
|
|
Shaggy
Support Moderator
Ireland
6780 Posts |
Posted - 26 February 2009 : 09:09:45
|
Um ... didn't you add a robots.txt file already?
< |
Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.” |
|
|
|
phoenixtaz13
Junior Member
129 Posts |
Posted - 26 February 2009 : 10:28:52
|
what i meant was, the time i experienced the bot/crawler, i havent installed the robot.txt...
thanks... :)
< |
|
|
|
Topic |
|
antispam Captcha mod
