Elinks

Can elinks work properly with captchas

Can questions work properly without punctuation

sorry im high right now

>>3
forgot to quote you

>>1,3-4
Oh okay, that's cool then. It may work if the said CAPTCHA does not require javascript and either uses ASCII art or an image (which you can then tell elinks to display in your favourite image viewer).

sorry meant to quote you >>2

And if, for some reason, you don't like dealing with external image viewers, w3m can natively display images.

There are a lot of CAPTCHA providers, but they all seem to use javascript and/or images. We should build a simple solution for generating elinks-friendly CAPTCHAs as a CGI script or something. I bet we'd get at least two users!

>>8
Making text CAPTCHAs for a small site like this one would work pretty well.

>>3
smoke weed everyday, it makes captchas less annoying

>>8
It does make you wonder why no one else has done this. I guess google does it for free at the expense of the user filling out a second word. But I'm surprised there isn't a foss captcha, or that if there is one why people use the google one that inconveniences their users with a second word instead of the (probably kind of shitty) foss one. It's not like it's hard to distort text. I guess the challenge is distorting it to the point where people can read it but the common bots still have difficulty.

>>11
last time i checked elinks couldn't display images

this thread is about elinks

>>12
ur killing my buzz.

>>11
Google's RECAPTCHA is orthogonal to my desire of an elinks-friendly CAPTCHA. As has been pointed out, it uses images, and it practically requires javascript. Neither of these are elinks' strong suites. But if you are really wondering why they require two words, its because Google has an interest in digitizing books, so that other word is something which their own OCR couldn't definitively identify.

>>14
They're also using CAPTCHA for Street View. The numerical tests are made up of one distorted ~7 digit number and one photograph of the numbers on a building. The distorted number is the known solution, the photo of the street address is the unknown. As long as you get the number it knows correct it doesn't much care what you put for the other.

>>13
You're killing my Neil.

Here is a nice captcha that is getting popular:
http://www.solvemedia.com/advertisers/captcha-type-in

Also, I figures out the captcha that does not require another media than the web browser (no images or music), which could be used to verify users without the need of registering an email address. It's a form a text captcha:
It ask a randomized question, with multiple choices. Each of the choices, generates for you a code, which you have to sumbit to the server, and if you have the correct one, you are consider not a bot. If not, you have to authenticate your session again, with an optional variable timeout (you choose between N/A, 0, any integer of a second, another variable. The choices could be from 4-whatever. E.g.:
How many fingers does a human hand have in general?:
Click here for 4
Click here for 5
Click here for 3
Click here for 0

When you follow a link:
Here is your randomized passcode: 3riohqofq2

Please submit it here: _
OR
Go back to the previous page you were on, and submit it in the passcode section.
OR
Please submit the passcode at this randomly generated link:
https://some.domain?some_random/temp_url
OR
a combination of the above.

It keeps it all on the protocol you are using, you can streamline the work, but it still requires a human to authenticate. And again, you can raise the number of choices for the questions that provide you links.

What do you guys think?

>>17
Links leading to codes sound a little disruptive, what is wrong with questions
that just prompt for the answer directly? I've seen a Captcha variant that just
gives the user a small mathematical challenge; the site it was on seemed to be
not exactly small so it must have served them well.

_{Posted from my w3m on a virtual terminal.}

>>18
Database archival of answers, and human-bot assistance of victims (like many phishings sites are doing, using other people to verify for something else the phishers need to system with the captcha).

The other main issue I was trying to solve was subscription based services, like web forums and other shit, that always asked for an email address, they can use this system to verify the user is human, and actually register them to the system.

Text captcha is fine and dandy for many users, even us. But I was targeting [semi-]subcription services as well (reddit/HN/repo.or.cz/etc.). I mostly wanted to solve the problem of using other media than text.

The passcode is a pain in the ass. Can't we just go for random textcaptchas and let the server do the validation, without need for javashit and passcodes?

>>20
That's the point of the link system, no need for javashit, since it will be all server based authentication by following links. If you want the client to do the work, then for that use any of the other third party tools/VMs (java, flash, silverlight,haXe,fuck_off).

Right now on current captcha based systems, you are using javashit, images, music, and a lame cookie. All of these can be delivered to another person to solve, instead of the requester. With a link based system that has false positives, it would prevent a bunch bots from getting subscriptions.

Please note, this is NOT for us. This is only for subscription based services.

>>21

Please note, this is NOT for us. This is only for subscription based services.

Oh, okay

But isn't the passcode thing exactly what reCAPTCHA does when you disable javashit?

>>17
In general, multiple choice captchas are considered terrible, because you always allow automated solvers at least a 1/n chance. Even for a 10 choice problem, that's a 10% false negative rate, which is unacceptable, combined with annoyance on the human end of looking at too many options. The goal is a system where you just ask "How many fingers does a human hand have?" and then accept answers that are equivalent to "5".

>>22
Yeah, but without false positives. You can automate the work with victims, which is why you need the multiple choices.

>>17
Well, I am just solving subscriptions, not regular "human" verification for simple things like file repos (rapidshares). For those, you can just use simple text captcha's and your done. And it only uses the protocol you are using. So if the verification is for HTTP servers, it stays in HTTP. A tad of human annoyance is worth the cost bots abusing the subscription system.

And again, I am pro bots in most ways. I was just looking to solve the phishing dilemma, and I think I found it.

>>24

but without false positives

But you do get false positives. You get 1/n of them.

>>25
I meant with just text captcha, there's no false positives. In the link system, yes. And the administrator choices the 1/n.

>>23
I was about to ask what the fuck your problem was, because I read that as How many fingers does a human mind have?, which would be a more interesting way to detect robotic users, if nothing else.

>>27
I've actually been thinking about that sort of thing as a captcha system. The biggest problem with the ``How many fingers does a human hand have?'' --> ``5'' system is that somebody has to write all the questions to begin with, which limits the size of the question database, and all a bypasser has to do is build up their own counter-database. But if the questions were distorted before being presented, it would make figuring out what the original question was quite difficult, while a human would be able to pretty easily answer the question.

Another approach would be to make some sort of attempt to automatically generate questions, and then have humans fill out two as in ReCAPTCHA, one known, the other generated. If a generated question gets back a bunch of conflicting/nonsense answers, the system can throw it away, but if the question consistently gets back ``5'', it can be added to the list of known good questions.

>>28
I've also thought about the question generation by distortion scheme, but your reCAPTCHA extension to it for figuring out questions by matching distributed answers is interesting.

I bet it would work pretty well.