October 19, 2007 in Feedback
An option to use a Java-based CAPTCHA will be great. I'm sure all IPB users can say they've suffered from spam attacks and/or scamming PMs/emails... and ban-evaders (people that just DHCP a new IP).Benefits of using Java applet based CAPTCHA- Real IP (proxies won't work)- Machine number (aka. MAC address) banning- Animated CAPTCHA that's very difficult (impossible) for auto-captcha-solving mechanisms to solve... and EVERYBODY has Java... there's Java on my cell phone even! :-P
I don't have Java. "Everybody" is an overstatement. To add, I refuse to get it, too. Java is pure evil.Now, playing devil's advocate on your other points:Real IP: Except in cases where the user is on a LAN (almost all), in which case you'll get only their LAN IP. Pretty useless.Machine Number: An easily modifiable number which tells you nothing. Also note that only Java 6 can access the MAC, and I imagine people will be pretty reluctant to download that, since it was only released in June this year. Pretty useless.Animated CAPTCHA: No more difficult than simply using animated GIFs instead of static ones. Either way will definitely alienate your membership. Pretty useless.And to really throw the whole argument out the window, the Java environment (JRE) is Open Source which means all your spammer needs to do then is create a custom JRE with functionality to report a fake MAC, report a fake IP, and of course extract the images as GIFs or JPEGs which are easy for the spambot to decode.Java is never the answer. (Please note, I reserve the same hatred for Flash).
Apologies for the late reply.As a community based on a Java based game (A MMORPG, Runescape) this seems like an ideal solution for us.How exactly would animating the captcha "alienate" our community? They only see the captcha once, at the registration.If the person attempting to register does not have java, they are most likely a person we do not want at our community.If they are ban evading or already in posession of an account at the community, the registration process does not continue and the applet would offer alternatives ("Appeal a ban", redirect to account recovery, etc). Habitual ban evaders, and those that simply re-register each month for forgetting their previous accounts would probably not bear an interest in changing their mac address, spoofing IPs, etc.The real IP, we mean to obtain the true ip behind the proxy. Even the lan IP would assist as one small piece of information shaping the whole regardless if they are using a large network or not.The primary issue this is stemming from is a person that is registering with our forums to spam a keylogger. This person has created over 200 accounts in a year and making at least 10 posts before being stopped by moderators each time. They want to do this as quickly and as repeatedly as possible, and possibly will not bear an interest in repeatedly changing the info, if they are even able to code their own jre.The cat and mouse game can go on forever, but the point is the longer it takes them to get into the community, the less interest they are going to have in bothering to register and go after easier targets. If they are clean, they won't have a problem getting in, if they're causing problems, it'll get harder and harder to get in.
i like the idea!!! :D if anything. set it as an option. like gd/gd2 type thing...
Java is rather slow... Flash would be ideal. But for nitches like Runescape, I guess you could do that.... For Runescape. I don't see it being useful anywhere else.
flash/java/ a new coding lang from the year 3028 in this year.dont really matter to me. its the features that it can offer that i like :) (the 3 listed on the first post)i would really like to see this as a feature. it would be amazing imo!
flash/java/ a new coding lang from the year 3028 in this year.
dont really matter to me. its the features that it can offer that i like :) (the 3 listed on the first post)
i would really like to see this as a feature. it would be amazing imo!
animated isnt like. a tv show animated.its like.showing one section of a letter and then fading it away and showing another section. (but keeping the sections that are fading and coming to not touching) edit: slow enough a bot cannot read the letter. but a human mind can.something like. a curtain blind...if i recall. someone over at ipsbeyond already has done it.. (custom... :/) (just the animated captha. it uses standard image format.)
+1I would like to see also a captcha checking in real time as for username, passwords and e-mails.
animated isnt like. a tv show animated.
showing one section of a letter and then fading it away and showing another section. (but keeping the sections that are fading and coming to not touching) edit: slow enough a bot cannot read the letter. but a human mind can.
something like. a curtain blind...
if i recall. someone over at ipsbeyond already has done it.. (custom... :/) (just the animated captha. it uses standard image format.)
I also hate Java and I WILL NOT install it. On the other hand Flash isn't a bad idea but I reckon Animated GIF's would do the trick.
Animated CAPTCHA's? Some one please kill me now. We have a ton of alternatives available to us to now to make it more difficult. I hope "we" realize that animated CAPTCHA's will get broken, and it won't take long. Adding multiple text streams behind different colored smoke and having the user pick them out? I won't even go into the color blindness issue on this, just into the its incredibly annoying already, what the hell else you want to do to our users? I use advanced GD2 version of CAPTCHA, its by no means perfect, but its effective. As an admin you have to police spam accounts from time to time. That is also why you have moderators to help you out.Java vs No Java... Round 5 billion +1Its sad as son as I started to read this thread I knew where it was going.I personally don't care if these are implemented with java (I have other issues). Java is not the devil and its no the savior. It does have its benefits and its drawbacks. Now for the other issues. As Kyanar said:
I should also add that an applet that accesses your MAC address among other (so-called) unique information will probably require a trust level people aren't going to give an applet from some no-name website (or, hell, even a well-known website).
I'm going to have to agree that JAVA is overkill for preventing spam bots. The current system (using GD2) works perfectly well, but even if it didn't, a simple solution would be to include letters of more than one color in the CAPTCHA and write in the instructions to only enter those of a certain color.For ban evaders, you really can't fix the problem using the solutions suggested above anyway, so quite honestly, this doesn't seem like something that needs to be built-in.
The only issues with entering certain colors is for some one who is color blind, however I believe the corrent system renders my point semi-invalid. Just some FYI.
You can also provide an audio version as some sites already do. Or just make sure that one color is much darker than the other so that you can differentiate by shade rather than color.
I like that idea on darker colors.
This topic is now archived and is closed to further replies.
Started 2 hours ago
Started October 30
Started 4 hours ago