On 20-07-16 17:05, [email protected] wrote: > Google research declares the simple text captcha dead. They remain > difficult for human beings, but machine learning can crack them 99.9% of > the time.
While probably true, no captcha abuse on WoT has been documented so far. > I propose a better captcha for WOT that works like: Thank you for considering how WoT can be improved. Your proposal is not immediately clear to me; I'll fire some questions and state some of my doubts to get a better understanding. > - The challenge to be solved: Add the numbers presented in the puzzle > series that ONLY show trees. I don't see what benefit having to add numbers brings over recognizing characters. Digits are easier to recognize for computers (for there are only 10 of them, compared to our 26 character alphabet), and addition is a trivial task for computers as well. > - It presents 5-10 puzzles. The legit puzzles randomly sprinkled throughout. What do you mean by randomly sprinkled legit puzzles? All puzzles in WoT are supposed to be legit. What purpose would a non-legit puzzle have? Or do you envision a series of multiple "puzzles" within a single captcha-like image? > - What puzzles look like: A number is drawn across an image backdrop of > trees and other objects. > > > That should raise the bar and not be hard to switch to. In my humble opinion, this statement is far from the truth. Consider a finite set of "tree" and "non-tree" images that is to be shipped with WoT. This reduces your proposal to a captcha with an alphabet extended to the cardinality of the set of images, however operating on image similarity (and known classification information on whether the image is a tree or not) instead of character similarity. The strength of captcha alternatives that are based on identification of image contents, relies on the assumption that the image set (in other words, the classification data) is kept private. This cannot be done for WoT (the attacker could always download the source after all!), unless each user would have to supply their own source of captcha images — which would make setup unnecessarily hard. Kind regards, Bert
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
