Talk:CAPTCHA: Difference between revisions

Computer Security: Computing B‑class High‑importance

This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles B This article has been rated as B-class on Wikipedia's content assessment scale. High This article has been rated as High-importance on the project's importance scale. This article is supported by WikiProject Computing (assessed as Mid-importance). Things you can help WikiProject Computer Security with: Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

Archives

2004–2008

Hi authors, Can we add a different type of Captcha with this article?

Name: mlCaptcha
Character Language: Malayalam Unicode (from India, Kerala)
Ref URL: http://mlcaptcha.blogspot.com/
mlCaptcha Image: http://1.bp.blogspot.com/_TbgBhV2rCXk/SZPHw48kiKI/AAAAAAAAABY/LIRNR3mTeaY/S220-h/mlCaptcha.PNG
mlCaptcha Sample: http://www.kuttiady.com/mlcaptcha/
mlCaptcha Download: http://www.kuttiady.com/mlcaptcha/mlCaptcha.v0.01-100209.zip
—Preceding unsigned comment added by MlCaptcha (talk • contribs) 08:35, 12 February 2009 (UTC)[reply]

There's nothing fundamentally different about this CAPTCHA (it's just a CAPTCHA for speakers of Malayalam) and it's not terribly secure either - that noise is easy to filter out. Dcoetzee 18:33, 12 February 2009 (UTC)[reply]

Hi Dcoetzee, I believe it's highly secured one, since there is no way to recognize the Malayalam Language characters :) MlCaptcha (talk) 20:12, 12 February 2009 (UTC)[reply]

HOW CAN CREATE CAPCHA? I WANT TO KNOW WHAT IS CAPTCHA DATA ENTRY? —Preceding unsigned comment added by 113.11.36.72 (talk) 00:58, 24 March 2009 (UTC)[reply]

Is this paragraph really necessary?

Another potential weakness is that only a yes/no answer for each picture is required by most designs. Even with sixteen images, a bot has a 1 in 65536 (216) chance of getting the CAPTCHA right purely by chance. Furthermore, such chance identifications can be used to accumulate knowledge about the correct identification of the images, allowing the bot to progressively improve the accuracy of its guesses over time. In order for the CAPTCHA to be resistant to such chance-guessing botnet attacks, the user would need to be forced to solve an annoyingly large number of images.

recaptcha uses words from the English language, which only has about +/- 50,000 words. I'm not sure this is even a weakness, and it seems to be the Wikipedia article's opinion. Brute force is not a realistic way to solve a captcha - for a 5-second page load, 65536 attempts would take 91 hours. Marquinho (talk)

Please consider using this external link:
Innovation: Harnessing spammers to advance AI - tech - 17 April 2009 - New Scientist -- Wavelength (talk) 14:46, 19 April 2009 (UTC)[reply]

The beginning of the first paragraph seems to have a different font and spacing from the rest of the article. I don't see how that could be made or fixed. --Stuvaco922 (talk) 23:18, 6 May 2009 (UTC)[reply]

The article doesn't seem to link to the original paper. I haven't figured out the various citation formats for wikimedia, perhaps someone else can type in the info from this bibtex: http://dblp.uni-trier.de/rec/bibtex/conf/eurocrypt/AhnBHL03 There's a claim that the term was coined in 2000, but no reference. If so, it was when Langford was still at CMU, although on the 2003 paper he is listed as being at IBM. Bhudson (talk) 08:56, 4 December 2009 (UTC)[reply]

I just looked up the von Ahn et al 2003 paper; it refers to captcha.net which has the 2000 claim, at which time all four authors were at CMU. Their abstract is also very explicit that this is hard AI, and *not* security through obscurity as the wiki page seemed to indicate. I've made both those changes. Bhudson (talk) 09:15, 4 December 2009 (UTC)[reply]

Image of a CAPTCHA with the words "relief testis" to type out and submit. I found this on craigslist.org and immediately took a screenshot. —Preceding unsigned comment added by 71.235.11.114 (talk) 19:21, 14 May 2010 (UTC)[reply]

• Where's the profanity in that? 68.146.71.145 (talk) 13:25, 15 July 2011 (UTC)[reply]

I think it's worth mentioning the possibility for organizations to establish a public database for CAPTCHAs, in order to provide users with the convenience of not having to complete a CAPTCHA on sites that require them frequently. Obviously, these databases are subject to exploitation by bots, and may have even been designed for that purpose. It would work by being able to identify images, possibly by their hash, and a corresponding ASCII answer to it. When a user visits a site using the service, the service checks the page for a CAPTCHA image. If it finds one that is in the database, the form is automatically filled out and submitted seamlessly. If it doesn't, the user must input the CAPTCHA, and the answer and hash (or other means of identification) automatically treated as a contribution to the database. This works on the premise, however, that either A) sites use a fixed pool of images and answers, or B) a CAPTCHA image that is generated (when requested) from a word for each user, will be exactly the same as one generated for another user. This is because images automatically generated with variance per user/instance, are not likely to be matched, even if they represent the same ASCII answer.

A service like this could be implemented in a number of ways. The one with probably the most simplicity to the user would be a website, through which the user's destination website is passed, checked for CAPTCHAs (most easily done by comparing all images in a page to hashes in the database), and sent to the user; much like web proxy. Another way would be installing external software, or an extension or add-on for major browsers that scans incoming pages, contacts the database, and has the same effect as the aforementioned method. This method, however, would come at the price of needing to install software on the user's computer. Another approach might be using a modified transparent/caching proxy. It would work in much the same way as a transparent proxy that caches pages for speed of transfer, only it would cache CAPCHA answers instead. All of these ways would allow the service to get a web page for the user, and check for and fill out CAPTCHA challenges before the page even reaches the user, hence it would look like the CAPTCHA page was never even there. Additionally, all of these methods would allow contributions to the database by recording image hashes (so long as they could be distinguished from other ambient images on the page) and recording the user's answer it it, completely seamlessly to the user, and perhaps even without the user's knowledge.

Now, that's a pretty neat idea in itself if you ask me, but what does it mean for bot circumvention? Well, ordinarily any service can be for the most part protected from bots by adding a CAPTCHA, but since the nature of this service is getting rid of them, that wouldn't be an option. This means that bots could tap into the database and preform the same procedure as the service is doing for humans. To make things even easier, the bot could simply send requests through the service and have CAPTCHAs solved at the other end, and not even be bother to do it itself, and there's nothing anyone could do about it. That could either be a major headache for these services (bandwidth, advertising, etc, even legal reasons), or they might be happy to help developers circumvent CAPTCHAs. As I said, that could be a big part of the reason the service was started.

So now that I've written enough on the discussion page to be an entire article, what do you think? Is this issue worth mentioning or expanding upon?

Thanks, Zach

PS: I don't know if any services like this really exist, I just sat down and came up with this idea in my head. So, if you do know of any, please let me know. —Preceding unsigned comment added by Zachlr (talk • contribs) 16:37, 27 May 2010 (UTC)[reply]

This won't work at all. Text based CAPTCHAs are uniquely generated each time. The words come from a database, perhaps the one that you are thinking of, but the distortion effects that are used are random. So no word will ever display the same way. It would be best if you removed this question from the discussion page.67.177.201.108 (talk) 11:52, 6 April 2011 (UTC)[reply]

Since this is original research, it's not appropriate for the article. -- Beland (talk) 14:10, 15 July 2010 (UTC)[reply]

If anyone is able to add it, I think it would be interesting and beneficial to devote a sentence or a short paragraph in the main article describing the historical development of the use of CAPTCHAs. When were they first used? In response to which particular problem(s) were they introduced, and who wrote the original programming (etc)? This kind of information would be good for a general reader (such as me) who is less interested in the technical details of CAPTCHA technology and more interested in how and why they were introduced, and by whom. —Preceding unsigned comment added by 203.27.47.245 (talk) 08:05, 28 June 2010 (UTC)[reply]

I was looking for this information as well, though the article PayPal provides an interesting clue. -- Beland (talk) 14:07, 15 July 2010 (UTC)[reply]

Have you seen (heard) the #4 podcast at http://hackermedley.org/ on humans only or the web page at http://www2.parc.com/istl/projects/captcha/history.htm? Disclaimer: I am one of Andrei's co-inventors on the CAPTCHA patent. -- Mark Lillibridge — Preceding unsigned comment added by 15.219.217.254 (talk) 00:48, 16 May 2012 (UTC)[reply]

I have read somewhere that text based CAPTCHAs provide a very valuble service to digital document conversion. (At least one of the) text based CAPTCHA service providers require the entry of TWO words. The computer that provides the CAPTCHA only knows the correct response to one of the words, but the human is asked to enter both. The unknown word comes from an old newspaper article or scientific document that another computer had a difficult time converting to a digital format. The user is judged for a correct response to the known word. Simultaneously, the user is helping to translate the unknown word to help complete the digital conversion of the document. If enough people agree (I think the threshold is 5) on the unknown word, it is considered to be correctly entered, and it is added to the database of known words. I believe that this type of human help is needed when a word is misspelled in the document, or the older typeface is difficult to recognize (e.g. old newspaper articles). This also provides an excellent source of hard to guess words for other computers, since even in raw format, a computer couldn't get it right. I wish that I knew the reference for this. 67.177.201.108 (talk) 11:52, 6 April 2011 (UTC)[reply]

You are right. The most prominent such project is reCAPTCHA. Sam Hocevar (talk) 14:59, 6 April 2011 (UTC)[reply]

...refers to this article. Why? —Preceding unsigned comment added by 217.226.203.48 (talk) 18:36, 3 July 2010 (UTC)[reply]

For creating accounts on sites, you must enter a CAPTCHA for safety. Add this thing on the article.--99 time 14:47, 9 October 2010 (UTC) —Preceding unsigned comment added by Rockers99 (talk • contribs)

It is for the safety of the site actually. If there are no CAPTCHA's where users can enter information, then the database can fill up rather quickly either crashing the server or leading to a shared hosting account to become suspended for overuse.

--Leewells2000 (talk) 22:02, 21 December 2011 (UTC)[reply]

But how do deafblind people use computers, as it is mentioned twice in this article, and if they don't use computers, is it relevant to the article to mention them? Kungfukats2 (talk) 13:00, 14 October 2010 (UTC)[reply]

• Many DB people use computers for communication - there are interfaces that allow them to "read" the screen. This isn't Helen Keller's era anymore. 68.146.64.9 (talk) 17:33, 6 December 2010 (UTC)[reply]

Something I've noticed in the last couple months is that some CAPTCHA apps no longer require exact matches, but are intuitive enough to go "close enough" and let you in. I had a couple of cases where I had a truly ambiguous CAPTCHA to work out, but it accepted the one I typed in even though I knew I'd made a typo on a different letter than the ambiguous ones. On the other hand, I also went to one (English-language) forum where the CAPTCHA was messed up and showing puzzles in Cyrillic lettering, rendering it impossible to solve. I'd add both to the article myself, but as I cannot provide cited sources, just personal experience (so OR) I'll just leave this here in hopes someone with sources can add this to the article. 68.146.64.9 (talk) 17:33, 6 December 2010 (UTC)[reply]

This could be people using CAPTCHA's to get humans to read words which OCR software has failed to read properly (maybe due to a blot on the book). This is automated so that the OCR software combined with humans works much better. QuentinUK (talk) 12:36, 12 March 2011 (UTC)[reply]

We have images showing Yahoo's captcha, but in my opinion Google has a more advanced solution.

Opinions?

1. Support. --•ː• 3ICE •ː• 05:21, 30 December 2010 (UTC)[reply]

Does the article really need more examples? What is wrong with the current examples? I think they get the point across well enough. HumphreyW (talk) 06:09, 30 December 2010 (UTC)[reply]

I found the phrasing and choice of words used to give off too strong a positive image of Captchas, especially in the leading paragraphs. It read as if they were infallible. I toned down this a bit: instead of "CAPTCHAs are used to stop spam", for instance, I use "CAPTCHAs are used as a measure to stop spam" or "CAPTCHAs are used as an effort to stop spam". The differences may be subtle, but I think the text now is shifted in the direction of a more fair and realistic assessment of the technology. CapnZapp (talk) 09:38, 11 January 2011 (UTC)[reply]

For us worshipers of Inglip (http://www.reddit.com/r/inglip): Is this notable, yet? I know some smart ass did a wiki-edit to say there were genuine worshipers out in the world but I think that the joke is worth referencing if it is explicitly announced as such. (Incidently inglip tells me "earlyspan," so if you think it is too early, I can accept it. —Preceding unsigned comment added by 12.54.16.178 (talk) 16:41, 11 January 2011 (UTC)[reply]

No, and Wikipedia isn't the right place for it. Try ED. We don't have an article for Zalgo, and Inglip isn't much different. See WP:GNG for more explanation on what makes something notable. Throwaway85 (talk) 07:20, 13 January 2011 (UTC)[reply]

The primary developers of the CAPTCHA Project have provided official endorsement and continued interaction with the meme and there are plenty of notable references to be found. Added prior to seeing this conversation (adding the article to my watchlist made the talk page edit appear on my watchlist), any dispute should be brought before arbitration rather than reverted. R3ap3R.inc (talk) 20:11, 12 February 2011 (UTC)[reply]

No, the burden is on the editors wanting to add the meme to provide independent reliable sources that it's a notable meme. If it's not getting any coverage outside Reddit, it's not notable, and it doesn't belong on Wikipedia. —C.Fred (talk) 22:45, 12 February 2011 (UTC)[reply]

You must not have checked the resources, which included the lead developer's site (colinm.org) as well as knowyourmeme.com, churchofinglip.com, and geekosystem, but I'll add more just for you ;) R3ap3R.inc (talk) 02:01, 13 February 2011 (UTC)[reply]

Also worth noting is that the reCaptcha team stated that the meme has caused a tremendous increase in the number of solved captchas. The captchas utilized are from scanned text / books / scrolls that haven't been fully transcribed, and the use of the recaptcha tool helps to translate these texts ref from lead developer R3ap3R.inc (talk) 02:26, 13 February 2011 (UTC)[reply]

Bear in mind that reCAPTCHA has a separate article. —C.Fred (talk) 05:45, 13 February 2011 (UTC)[reply]

Yes, I think include inglip. —Preceding unsigned comment added by 71.202.225.227 (talk) 01:21, 13 February 2011 (UTC)[reply]

This is not a vote. Just posting here saying "yes, include it" does not suddenly make the subject notable. You will have to provide reliable references that show the subject is notable enough to include here. HumphreyW (talk) 01:51, 13 February 2011 (UTC)[reply]

I'm surprised that a section hasn't been written about how difficult captchas are to read for humans. I know I'm not alone in voicing how the need to stop automated programs from reading the captcha has made it harder for humans to use. The words and numbers have gotten longer, more warped, and now we have short time limits to enter the captcha. It's an unfair tradeoff: We're minimizing automated programs from reading the captcha, at the expense of inconveniencing human users who can spend over a minute just trying to enter the correct captcha. And no, I'm not interested in writing about it, but here's some info to help whoever wants to.

http://theory.stanford.edu/~jcm/papers/captcha-study-oakland10.pdf http://blog.adscaptcha.com/2010/06/18/captcha-difficult-humans/ http://www.johnmwillis.com/other/top-10-worst-captchas/ http://meta.stackoverflow.com/questions/42109/do-the-captcha-words-get-more-difficult-over-time

I agree this would be a good section to have if properly sourced. Captchas do seem to be getting out of hand, and I wonder if using them makes sites much more difficult to use, especially for older folks. Stevie is the man! ^{Talk • Work} 17:31, 21 December 2011 (UTC)[reply]

I have to "+1" this. You are faced with unusually long timeouts if you miss these captchas at certain sites and I cannot even make out what to do with the few sound captchas that I have attempted because the text ones are starting to become too difficult (considering you face a long timeout on a single failed attempt). — Preceding unsigned comment added by 71.82.3.3 (talk) 17:58, 2 September 2012 (UTC)[reply]

Absolutely: latest captchas, such as those implemented by Blogger since 2011 or so, are so complicated that even highly intelligent people need to take their time to think what the heck is written there and may need to reload the captcha several times. Distorted audio is no help, specially if English is not your native language. Personally I have removed all captchas from my blogs because I do not wish to handicap readers who wish to comment - incidentally I do not get any more spam at all (and the little that comes you just need to police it).

I believe that something should be written about this "extremism" of modern captchas. --Sugaar (talk) 14:07, 27 September 2012 (UTC)[reply]

I never knew what to call these until today. I just thought of them as a security scramble. Anyway I hate these things. Besides the upper and lower case problems the letters are so distorted that a "u" looks like a "v" or a k is an lc or such. the example showing "following" looks like it could be "fellawing". There's times I've tried a six or more attempts to get it.71.218.254.85 (talk) 00:34, 25 August 2012 (UTC)[reply]

I am re-including the 3-D CAPTCHA in the image-recognition section as it is notably distinguished from the other cited image-recognition CAPTCHA. The other CAPTCHA rely on a finite supply of manually generated images that must be manually labeled, thus straining the “Completely Automated” aspect of the CAPTCHA definition. On a side note I am moving the mention of reCAPTCHA out of the image-recognition section and placing it in the computer character recognition section. CrunchyChewy (talk) 23:05, 22 April 2011 (UTC)[reply]

The 3-D CAPTCHA was discussed more than 2 years ago and over that time the lack of any meaningful deployment of the prior cited image-recognition CAPTCHAs brings into question the relative notability of these CAPTCHAs as compared to the 3-D CAPTCHA. A reevaluation of the technical distinctiveness and importance of the 3-D CAPTCHA relative to all other image-recognition CAPTCHA is in order. The following questions deserve to be answered:

Does this design for an image-recognition CAPTCHA generate and label images in a completely automated manner? Do any of the currently cited image-recognition CAPTCHA do this?

The answer to these questions should determine if the 3-D CAPTCHA (or an alternate more-suitable CAPTCHA that also accomplishes this) is notable enough to warrant appropriate inclusion in a suitable section of the article.

It is difficult for any image-recognition CAPTCHA to grab the mantle of ‘notability’ as none have been deployed beyond niche use, so technical analysis should be used to assess notability for this technical article.

On a side note – why was the reCAPTCHA information moved back to the image-recognition section? Was the reversal of the edit well thought out?CrunchyChewy (talk) 18:13, 23 April 2011 (UTC)[reply]

ReCaptcha is actually in widespread use. That makes it notable. IMO, both its advantages and limitations are relevant to this article. David Spector (talk) 00:02, 22 September 2011 (UTC)[reply]

Sources? --Ronz (talk) 00:59, 22 September 2011 (UTC)[reply]

My above comment from April was not questioning the relevance of ReCaptcha. At the time that comment was written ReCaptcha was inappropriately placed in the image recognition section though it is a text-based CAPTCHA. I had moved the ReCaptcha information to a more appropriate section but that change and my other edits were reversed. The purpose of the comment was merely to suggest that the reversal of my edit was not well thought out.CrunchyChewy (talk) 18:35, 23 September 2011 (UTC)[reply]

An image used in this article, File:Airplane CAPTCHA JPG.jpg, has been nominated for speedy deletion at Wikimedia Commons for the following reason: Copyright violations

What should I do?

Speedy deletions at commons tend to take longer than they do on Wikipedia, so there is no rush to respond. If you feel the deletion can be contested then please do so (commons:COM:SPEEDY has further information). Otherwise consider finding a replacement image for this article before it is deleted.

A further notification will be placed when/if the image is deleted. This notification is provided by a Bot, currently under trial --CommonsNotification (talk) 03:25, 6 May 2011 (UTC)[reply]

An image used in this article, File:Airplane_CAPTCHA_JPG.jpg, has been nominated for speedy deletion at Wikimedia Commons for the following reason: Copyright violations What should I do?

Speedy deletions at commons tend to take longer than they do on Wikipedia, so there is no rush to respond. If you feel the deletion can be contested then please do so (commons:COM:SPEEDY has further information). Otherwise consider finding a replacement image before deletion occurs. A further notification will be placed when/if the image is deleted. This notification is provided by a Bot, currently under trial --CommonsNotification (talk) 10:40, 6 May 2011 (UTC)[reply]

	An image used in this article, File:Airplane CAPTCHA JPG.jpg, has been deleted from Wikimedia Commons by Túrelio for the following reason: Copyright violation: copyrighted screenshot What should I do?
	A different bot should have (or will soon) remove the image code from the article text (check if this has been done correctly). If you think the image deletion was in error please raise the issue at Commons. You could also try to search for new images to replace the old one. This notification is provided by a Bot, currently under trial --CommonsNotification (talk) 12:50, 6 May 2011 (UTC)[reply]

is the reverse turing test bit really all that relevant? perhaps it should be moved to another part of the article, or perhaps to the end of the overview — Preceding unsigned comment added by 67.81.199.45 (talk) 06:43, 7 September 2011 (UTC)[reply]

I added a description of a new and useful type of text-based CAPTCHA to show that there is no need to exclude blind and visually impaired people from equal access to CAPTCHA-protected Web-based forms.

IP editor 108.35.41.78 accidentally undid my edit, evidently thinking he or she was undoing another edit instead, which was erroneous.

That the IP editor made a mistake is clear from his/her comment line: "that criterion is not part of the intended use of a CAPTCHA, which is what this list is about", which applied to another edit, not mine.

I have now undone that mistaken undo to restore my edit. To anyone else: please understand what happened before you assume that I made a mistake. David Spector (talk) 19:42, 20 September 2011 (UTC)[reply]

I removed the advertisement from it, which is probably why it was removed. I also changed the wording and tone to make it far more encyclopedic. --Ronz (talk) 19:51, 20 September 2011 (UTC)[reply]

It wasn't an advertisement, Ronz.

I'd like to add that the example CAPTCHA server that I reference has nothing to do with me--there is no COI (conflict of interest) here. For one thing, the server is free. For another, I have no connection with that site or any organization or person it may represent. I just added the link as an example showing a real-world solution to the perceived problems with text-based CAPTCHA. David Spector (talk) 19:56, 20 September 2011 (UTC)[reply]

I'll stick by my assessment of calling it an advertisement, per WP:NOTADVERTISING. Since no one has brought up WP:COI concerns, let's stick to discussing the advertising problem. --Ronz (talk) 22:49, 20 September 2011 (UTC)[reply]

As you requested in private, I'll continue the discussion here.

There isn't a trace of advertising in my use of this reference. The burden is on you to provide a rationale for your deletion. If you could delete this reference successfully with no rationale, what is to stop you from deleting entire articles like Wolfram_Alpha or General Motors, which describe for-profit businesses?

The reason these articles cannot be deleted is that these companies are significant within some framework of knowledge or accomplishment. Their notability rests on more than just making a profit. My reference to textcaptcha.com was, like the existing reference to recaptcha.com, justified on the basis of its relevance to the article. textcaptcha.com is a successful example of a practical server for text-based challenges. In the history of this article, this provides for the first time a concrete response to those who would claim that only image-based challenges are practical and effective. Without the reference, my addition could be challenged as Original Research, which, as you know, is forbidden at WP. My addition was actually prompted by accidentally finding this company during a Web search.

In summary, my reference is vital to the point I made. Further, as the company involved is nonprofit, the question of advertising is moot anyway. Finally, I have provided a detailed rationale for including the reference, in contrast to your use of personal judgement that I was guilty of advertising without any explanation or evidence. David Spector (talk) 23:21, 20 September 2011 (UTC)[reply]

You've not addressed my concerns. Can you explain why you think WP:NOTADVERTISING doesn't apply? --Ronz (talk) 02:59, 21 September 2011 (UTC)[reply]

If I haven't addressed your concerns, it is because you have not presented any specific concerns. You have only quoted the WP policy on advertising. My use of a specific company in a reference is clearly not intended as a promotional tactic. To quote, "All information about companies and products are written in an objective and unbiased style." I am willing to work with you to ensure that the reference is written objectively. But, as I explained, the reference is an important source for the paragraph I have added.

I see some sources who discuss textcaptcha.com on the Web, but they are blogs and the like, which may not qualify as acceptable secondary sources. That is why I used textcaptcha.com itself as a primary source: it serves as a concrete example of how text-based CAPTCHAs can be of practical use.

You keep making me justify myself. I think I am doing that just fine. Now you must justify why you think an objective reference to a company is advertising. If you cannot do that, you should put the reference back in. David Spector (talk) 18:21, 21 September 2011 (UTC)[reply]

"All article topics must be verifiable with independent, third-party sources, so articles about very small "garage" or local companies are typically unacceptable." --Ronz (talk) 20:00, 21 September 2011 (UTC)[reply]

The quotation is irrelevant. This isn't an article about a company, small or big. If this is your only objection, then, since it doesn't apply, please restore the relevant reference. David Spector (talk) 21:44, 21 September 2011 (UTC)[reply]

I'm saying it is relevant, and I'm asking for independent, third-party sources. Otherwise the material appears promotional and self-serving, violating WP:NPOV and WP:PSTS--Ronz (talk) 00:55, 22 September 2011 (UTC)[reply]

I think this needs better sources, and to be rewritten from those sources, before it's reintroduced into the article. [1] --Ronz (talk) 03:04, 21 September 2011 (UTC)[reply]

Currently, CAPTCHA creators recommend use of reCAPTCHA as the official implementation.^[1] In September 2009, Google acquired reCAPTCHA to aid their book digitization efforts.^[2] However, this CAPTCHA has been cracked with 30% success rate, reported in August 2010.^[3]

I think this accurately reflects the current situation in the real world. How do you think this is inaccurate with respect to the sources referenced? Why are the sources unacceptable, and what better sources are you proposing? Why are you picking these specific areas to delete, and why do you think it is proper to do so without once giving a specific rationale for the deletion? I would like to assume that you have the best interests of WP at heart, so I assume you do have some rationale. What puzzles me is your unwillingness or inability to say what it is when asked. David Spector (talk) 18:08, 21 September 2011 (UTC)[reply]

Please WP:FOC. Thanks! --Ronz (talk) 20:02, 21 September 2011 (UTC)[reply]

If you thought I was focusing on something other than content, I'm not sure what you mean. I am addressing specifically and only content. Since you have no relevant objection to the specific points I made, I will ask you to restore the material you deleted on ReCaptcha. You may wish to do a Web search to assure yourself of the notability and relevance of ReCaptcha to this article. David Spector (talk) 21:49, 21 September 2011 (UTC)[reply]

I think the material needs better sources and should be rewritten from them. --Ronz (talk) 00:58, 22 September 2011 (UTC)[reply]

The article is about CAPTCHA, i.e. test to "to ensure that the response is generated by a person".

It correctly detects a human in human solver, even if he is from a sweatshop. While this article names CAPTCHA as vulnerable, insecure to ... a human!?

CAPTCHA is not conceived to make distinction between human spammers and human non-spammers, etc.

This article became a link repository, self-promotion texts (adding practically nothing and rather diverting the article from its topic), multiple repetitions of the same (unrelated) issues (like human solvers), discussion forum for spurious and biased opinions about completely separate topics like hacktivism, hacking, internet security, forum spamming, anti-spam protection, etc.

Shouldn't it all be written in corresponding articles like Anti-spam techniques? Cre8tin (talk) 05:06, 5 December 2011 (UTC)[reply]

All of those are related to CAPTCHA, in that they are raising concerns about CAPTCHA.Jasper Deng (talk) 04:56, 5 December 2011 (UTC)[reply]

How does human solvers raise concerns about CAPTCHA as test of human vs. computer?

The decision who from humans are spammers or not is off-topic in CAPTCHA as test.

This (and "Legal concerns" section or "Many users[who?] of the phpBB" paragraph, etc.) are not concerns about CAPTCHA.

There are separate, more proper, articles, if not forum/discussion boards, for such discussions, e.g. Anti-spam techniques

How is 'a central "anti-bot server"' (paragraph) related to the title of section "Attempts at more accessible CAPTCHAs"?

Wouldn't it be better to change the section title from "Circumvention" to "Factors Influencing Trustworthiness of Test" to dis-encourage the hijacking of the CAPTCHA topic?

Cre8tin (talk) 05:37, 5 December 2011 (UTC)[reply]

Legal concerns is a valid criticism. No, the title you suggest is a little too long, and is not accurate.Jasper Deng (talk) 05:40, 5 December 2011 (UTC)[reply]

I don't consider this bias at all as all of the law suits today generally either involve larger countries without extradition treaties or they're shut down making them a non-issue. --Leewells2000 (talk) 22:03, 21 December 2011 (UTC)[reply]

New Ways to Captcha Bots by Jeff Green BusinessWeek December 15, 2011 4:30 PM EST

99.190.86.5 (talk) 08:01, 28 December 2011 (UTC)[reply]

The article should mention captchatrader.com as the most effective human circumvention method in existence. — Preceding unsigned comment added by 201.231.234.10 (talk) 21:13, 30 January 2012 (UTC)[reply]

Section Human solvers already describes most of what this website does. Linking to this website would provide a commercial link, which is against Wikipedia policy. The claim "most effective" is original research, which is also against policy. David Spector (talk) 00:50, 11 February 2012 (UTC)[reply]

I have just undone three vandal edits by 96.25.215.29. I hope this person will post suggested changes here in the future so they can be reviewed by others.

The edits reflect the point of view that CAPTCHAs cannot ultimately be successful. While this is technically true, this observation (1) does not belong in the lead section, where the topic is being described, and (2) must have a cited reference in a reliable source, rather than being presented as original research by the anonymous editor.

This editor is advised to read about WP policies before continuing to edit. Without knowledge of the policies, they might find themselves blocked from editing (although I would not do it myself). If this editor has questions or issues they may discuss them here or on my Talk page. David Spector (talk) 00:42, 11 February 2012 (UTC)[reply]

Would we say the term had gained use as (per WP:CAPSACRS) an "ordinary, lowercase word" yet? News sources are still mostly using the capitalised version, but I don't know how much we should weight that for technical publications using lowercase. The current article is looking a bit unreadably shouty, but maybe it'd be better just to replace "CAPTCHA" with "test" in some of the denser paragraphs. --McGeddon (talk) 16:42, 16 February 2012 (UTC)[reply]

I think using UPPERCASE for technical terms sorta highlights them so you will notice them more. But yeah, I agree. 68.173.113.106 (talk) 01:58, 2 March 2012 (UTC)[reply]

I've two suggestions for additions, assuming sourcing, etc. is possible. One is talking about how some randomly generated CAPTCHAs end up being physically impossible to solve. For example, I often see Chinese or Cyrillic or mathematical symbols showing up, as well as straight out graphics (possibly culled from a WingDings or Dingbats-like font somewhere). Usually you can just hit reload and a new one is generated, but not always. The second is "penalties" for failing a puzzle, because there are numerous ways CAPTCHAs can be set to react if you don't get it right. The most common, of course, is a new puzzle is provided and you try again. Sometimes, in the case of file download services, the "countdown" starts again. But I have also heard (and this is where sourcing is needed as it's just word of mouth) of users being frozen out of sites for 15 minutes or even longer for failing a CAPTCHA puzzle, either the first time, or after several attempts. 70.72.223.215 (talk) 17:08, 26 April 2012 (UTC)[reply]

The section about 'image captchas' has conflicting points. First, it states that '"Computer-based recognition algorithms require the extraction of color, texture, shape, or special point features, which cannot be correctly extracted after the designed distortions.".

Then it later goes on to say '"Causing minor changes to images each time they appear will not prevent a computer from recognizing a repeated image as there are robust image comparator functions (e.g., image hashes, color histograms) that are insensitive to many simple image distortions. Warping an image sufficiently to fool a computer will likely also be troublesome to a human."'

So which is it? --moeburn (talk) 14:13, 29 July 2012 (UTC)[reply]

This article would be better with contemporary examples, such as the brand-leader Recaptcha . — Preceding unsigned comment added by Matt me (talk • contribs) 23:07, 7 August 2012 (UTC)[reply]

Started with wiki but my research seems to show the article here is patchy. First I found HappyCaptcha http://drupal.org/project/HappyCaptcha but then something a bit more interesting: Semantic Captchas eg http://code.google.com/p/egglue/ It would be great if someone with the tech knowledge could include/comment on these as they are popular Drupal modules. LookingGlass (talk) 14:39, 8 September 2012 (UTC)[reply]

Much appreciated, should be an m, thanks for deleting. — Preceding unsigned comment added by 177.4.61.19 (talk) 05:11, 27 September 2012 (UTC)[reply]