[dgplug-users] Manav writes posts!

Jagannathan Tiruvallur Eachambadi jagannathante at gmail.com
Mon Jun 10 00:33:12 PDT 2019


Hi

On 09-06-19 21:34:44 -0700, Abhilash Raj wrote:

>That is a great post, and I agree that captchas should be more
>hard to break using automated systems.  But sadly, even the state
>of the art systems like Google's reCaptcha  can also be broken with
>little effort [1].
The current capchas (cue recapcha v3) are pretty much against privacy.  
Trying to get into any site that uses them with tor browser or just 
blocking a lot of cookies will make it extremely difficult for you to 
get in even though you are not a bot. So I don't believe what we need is 
a capcha on site that requires login anyway. Why not rate limit by IP or 
offer a cool off period of a day or a week to people who repeatedly try 
to login. To be honest I don't solves capchas anymore because of Buster 
[1]. I also don't want to be training Google's image recognition for 
cars.

What I would prefer? Questions for niche forums can be domain specific, 
like Arch Linux asks you the output of a long command passed base64. For 
a site that is not targetted specifically, a capcha like "2+4=x" is more 
than enough. For sites like the one Manav mentions, a capcha is not 
a solution since the service is already gated by login.

^[1]: 
https://addons.mozilla.org/en-US/firefox/addon/buster-captcha-solver/

-- 
Regards
Jagan
PUBKEY: https://j605.tk/pgp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.dgplug.org/pipermail/users-dgplug.org/attachments/20190610/2e0f9063/attachment.sig>


More information about the Users mailing list