I hate all capcha variations and all sites that use it. I can't believe anyone sane can even think of suggesting using them, let alone act on those thoughts.
Comment has been collapsed.
Captcha's are annoying, but they're a very minor inconvenience and a much better alternative to having bots spamming on entering everything.
Comment has been collapsed.
"a very minor inconvenience" VERY MINOR?
I would rather stop using the site rather than filling a captcha for every giveaway I enter.
Comment has been collapsed.
The bots that overload the site more are the ones searching for private giveaways. To prevent that, you'd have to have a capcha before every page load. I say before because it would do nothing to the bots trying to find a giveaway if any info of the page loaded before the capcha was completed.
I'm sure there are bots entering giveaways too, but because the shortest term of a giveaway is 1 hour, a bot with that purpose would only have to run once every 59 minutes. It is unfair, but it's not going to change anything noticeable to stop them.
Comment has been collapsed.
Find the derivative from f(x) if:
f(x) = (3 cos^2 (x) - sin (x) + sqrt (x))/4x*sqrt(x) - Very easy, isn't it?
Any math captcha, if simple enough, can be a good solution.
Comment has been collapsed.
captcha is broken, re-captcha (by Google) already too ...
nearly everyone seen it and i bet nearly everyone already got some text he was unable to read so You cycle till You can read ...
guess what , bots do exactly the same, they cycle thru the text until they nail some which theirs OCR code can recognize ...
so captcha is USELESS ... simple as that
if You want stop bots, introduce for GiveAway authors simple feature of Question+Answer:
so let say i will create giveaway with Question "What's name of Earth's moon?"
these who want take part will need type "Moon" as answer
simple and yet only effective way against bots is named human computing ... remember that ;)
note: the difficulty of question may also partially solve another problem named "human stupidity" (to some degree)
Comment has been collapsed.
That depends a lot on what the question is.
Let me change your example question, because that one is TOO easy, and let's say the question is "what's the name of the first moon of mars?", than all a bot needs to do is parse google result page for that question (http://www.google.com/search?q=what%27s+the+name+of+the+first+moon+of+mars%3F), and try the words, or some combination of the words, found there... they were already brute-forcing their way into private giveaways, why not brute-force the answer to the question? (using words as the symbols, instead of the characters).
Questions that can't be "botted", are, for the most part, questions that are subjective, and a lot of people would give completely different answers (and even those that agree on the answer, would use different wording).
Of course, there are exceptions, but one of two things will happen: gifters would have to work hard to find useful questions; or they will become predictable in their choice of questions, and then someone can create a bot for that.
Comment has been collapsed.
Yes, I know, but I think it would create a plethora of new problems and complaints (i.e., the question is "то, что имя луны Земли?").
Anyway, I posted this before reading the thread you created about the subject, where you DO mention that this is still "breakable". Your post in this thread sounded like you thought this was the silver bullet.
Comment has been collapsed.
read http://www.allspammedup.com/2011/01/google-recaptcha-cracked/
http://www.darkreading.com/authentication/167901072/security/vulnerabilities/226700514/index.html
i will not give any urls to working bots but it's simple the re-captcha provides picture,
you take the picture and throw against OCR code http://en.wikipedia.org/wiki/Optical_character_recognition
if the code fails to OCR the text, it does 'refresh' cycle for next picture until it's success...
not sure if You aware that normal captcha, aka text recognize is years older than re-captcha
and these were successfully broken again years ago ...
(technically re-captcha was DOA (dead on arrival) concept, only hindered the problem temporarily)
the primary role of re-captcha was to verify scanned text for digitalizing books not be successful captcha protection
anyway if you seek enough You will find the code i speak about ...
Comment has been collapsed.
You only need to get a specific half of a recaptcha right, one is a word taken from the page you are on I believe, and sometimes the processing of that word isn't correct (which is why you get really weird characters sometimes). That part you can type in anything, and as long as you get the verification half right you can continue doing whatever. The verification halves always have the same font and style and never have weird characters in them.
Comment has been collapsed.
That is what I was talking about, actually. I didn't know the name of it. It would just have an image of a question and you had to answer it, wasnt a 'copy this text'
Comment has been collapsed.
Captha won't help. Simple questions won't help. Things like Xrumor will crack them easilly with its image and word analyser or MRU questions database. The only way to avoid this - make questions that can't be analysed by bot, like "color of blue orange's peel?"
Comment has been collapsed.
Allowing contributors to set sort of password questions on their own giveaway is still not a good idea.
The first question would require me to know you -- if you want to make a private giveaway, make a private giveaway.
The second question is not common knowledge, and having to look up boring facts on Wikipedia for every giveaway would only serve to piss everyone off.
Comment has been collapsed.
The second in fact is easy... and using the bot I described earlier, it can be found... I'm assuming he means Charles IV... which appears in the first page of google results for his question (and his typo is automatically corrected by google, so it actually searches for what he meant, instead of what he wrote)
Comment has been collapsed.
I think, the best protection would be no captcha or question, but a new giveaway entering system, based on a summary value of games that user gived away. For example, users that hasn't give anything, they could only enter the giveaways with a value 1-5$. Otherwise, maximum cost of the game user is trying to win is equal to the summary value of games that user gived away. Of course, created giveaways with HIB or other exploited keys must be excluded from statistics.
That will prevent thousands of entries by mindless clickers that give away nothing and give them a reason to give away something or leave and don't interfere people who do something good for others.
Comment has been collapsed.
29 Comments - Last post 1 minute ago by AngelInTheGame
2,044 Comments - Last post 10 minutes ago by shijisha
162 Comments - Last post 15 minutes ago by adam1224
290 Comments - Last post 48 minutes ago by MeguminShiro
1,533 Comments - Last post 3 hours ago by Whoosh
83 Comments - Last post 5 hours ago by GarlicToast
901 Comments - Last post 6 hours ago by InSpec
60 Comments - Last post 3 minutes ago by antidaz
1,381 Comments - Last post 5 minutes ago by onotomatopea
154 Comments - Last post 7 minutes ago by RePlayBe
177 Comments - Last post 17 minutes ago by Lugum
88 Comments - Last post 18 minutes ago by Guard1aNRB
9,635 Comments - Last post 18 minutes ago by antidaz
91 Comments - Last post 19 minutes ago by 8urnout
I'm surprised no one suggested this yet.
the best and easiest way to deal with bots would be to put a little CAPCHA question like 'what is the url of this website' that you have to type in when entering a contest.
Its a simple measure, it stops bots from entering for people.
Comment has been collapsed.