On Fri, 15 Apr 2005 17:03:46 -0500 Tim reid [email protected] wrote:
I have a question for the CS majors ;)
Captchas http://www.captcha.net/ http://en.wikipedia.org/wiki/Captcha
Has anyone ever seen any writing on the idea of caching the different captcha images, manually decoding them and storing the "meaning" of the captcha in a database. Then cross referencing the "meaning" of the captcha with the image filename. That way you would have the ability to have a bot load a page/service protected by a captcha, read the image filename, and decode the captcha.
Is this a valid idea?
It would be valid, but any captcha implementation worth it's salt doesn't use flat file images. It generates a random name for the image and serves it up to the client.
Here is how it works:
1) Choose random captcha that happens to say "FooBar" which is in foobar.jpg.
2) Tell browser to load /images/AlkjsdfH293sdfhjh2234kjh.jpg
3) Have a system in place that, in the background, serves up foobar.jpg when asked for /images/AlkjsdfH293sdfhjh2234kjh.jpg
This keeps bots like you were thinking from working. Because each time the filename is different.
P.S. FYI I'm not a CS major, not that it would have helped anyway as this isn't something they are going to teach you in school. :)
--------------------------------- Frank Wiles [email protected] http://www.wiles.org ---------------------------------