[Standards-JIG] bot-challenge proto-JEP
dev.list at mircea.bardac.net
Wed Aug 31 22:38:02 UTC 2005
On Thursday 01 September 2005 01:16, Mircea Bardac wrote:
> One small idea, which would solve the "creativity problem"
> ** The user is given a paragraph of text (one sentence would suffice).
> a) there's no need for an extenside DB of sentences.
> b) the text could be something funny... to read before registration :)
> c) could be set by the user
> ** Requirement: Type in the first/last [picture1] letter(s) of [picture2].
> [picture1] = first/1st/last 2/10th
> [picture2] = <some word>/1st word/last word
> <some word> = can be a totally different word than the ones in the
> This works for:
> 1. who can read
> 2. who can count
To generalize the idea:
The user could be asked (via text/audio) to type in the X-th element from a
set of N elements. The elements only need to be readable, they don't have to
With an extended requirement like:
> Type in the first/last [picture1] letter(s) of [picture2].
+ changing the text/requirement on each bad-auth
= the chances for the bot to hit the jackpot tend to zero.
+ a limit of maximum... 5 requests/JID in... 12h (a human being theoretically
is active half of the day)
+ server blacklisting for... many denied requests...
+ (maybe) a blacklisted servers central database to share spim servers (would
require some kind of federation - the servers sending blacklisted servers
should be trusted somehow)
and you get a "pretty bullet proof" system... I think.
Oh, of course, this doesn't work for:
* pure text challenges
* something else I might be missing
Psi Forums Moderator/Bug Tracker Manager
Psi Windows Installer Maintainer/ArchLinux Package Maintainer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the Standards