DragonPrime - LoGD Resource Community
Welcome Guest
  • Good morning, Guest.
    Please log in, or register.
  • June 24, 2019, 05:23:40 AM
Home Forums News Downloads Login Register Advanced Search
* * *
DragonPrime Menu
Login
 
 
Resource Pages
Search

Pages: [1] 2   Go Down
  Print  
Author Topic: Captcha dialogue  (Read 8499 times)
0 Members and 1 Guest are viewing this topic.
Boofo
Member
Mod God
*****
Offline Offline

Posts: 774


View Profile
« on: September 28, 2005, 12:16:31 PM »

sure, I'll fix your nav.. if you'd petitioned on the server they'd have been fixed by now Smiley

And the captcha module is going to be made available, but I am not making it available for free unlike all of the other work I've done.  Mainly because it's a hard problem and I spent an awful lot of time on it and it's hard to do right.  If you follow the dowload link for the module you'll see how I'm handling it.


Where would we find the link to that?
Logged

chmod a+x /bin/laden -- Allows anyone the permission to execute /bin/laden
Kendaer
Guest
« Reply #1 on: September 28, 2005, 03:39:02 PM »

Well, the most likely place to find download links to modules that I've written but not released in the core would be to visit my server Smiley  Visit the about page and the module info and search for 'Captcha'.

That would be http://logd.dragoncat.net for anyone who didn't know.

However, the download link from there points to http://www.dragoncat.net/~jtraub/captcha.html, so you are welcome to just go there directly Smiley
Logged
sixf00t4
Mod God
*****
Offline Offline

Posts: 1916



View Profile WWW
« Reply #2 on: September 28, 2005, 08:38:32 PM »

Well, the most likely place to find download links to modules that I've written but not released in the core would be to visit my server Smiley  Visit the about page and the module info and search for 'Captcha'.

That would be http://logd.dragoncat.net for anyone who didn't know.

However, the download link from there points to http://www.dragoncat.net/~jtraub/captcha.html, so you are welcome to just go there directly Smiley

will there ever be a description of this weirdly named module?
Logged

Dannic
Guest
« Reply #3 on: September 28, 2005, 08:43:31 PM »

A lil' more info in your html file would be nice there Kendaer. Smiley
Logged
Torne
SVN Users
Codemeister
*
Offline Offline

Posts: 259


Code ninja


View Profile
« Reply #4 on: September 29, 2005, 02:58:37 AM »

It presumably implements CAPTCHAs for registering new users. CAPTCHA stands for "Completely Automatic Public Turing test to tell Computers and Humans Apart" - usually implemented in the form of little boxes with wiggly writing where you have to type in the code. It's just a way to stop bots registering and spamming your site.
« Last Edit: September 29, 2005, 08:18:21 AM by Torne » Logged
sixf00t4
Mod God
*****
Offline Offline

Posts: 1916



View Profile WWW
« Reply #5 on: September 29, 2005, 05:11:30 AM »

ha, hmmm, seems like something i should have been aware of.  Thanks Torne.
Logged

Torne
SVN Users
Codemeister
*
Offline Offline

Posts: 259


Code ninja


View Profile
« Reply #6 on: September 29, 2005, 06:09:24 AM »

Googling 'captcha' finds many excellent explanations of the topic, as does looking it up on wikipedia Wink
Logged
XChrisX
Global Moderator
Mod God
*****
Offline Offline

Posts: 4647

Be aware of the squirrel!


View Profile WWW
« Reply #7 on: September 29, 2005, 06:16:48 AM »

But where on his side does he use this? when registering a new user, there's nothing like this...
Logged

Running for more than three years now:
Dannic
Guest
« Reply #8 on: September 29, 2005, 06:23:53 AM »

But where on his side does he use this? when registering a new user, there's nothing like this...

Sounds like something I have planned for my creation addon in the next major update.
Logged
Torne
SVN Users
Codemeister
*
Offline Offline

Posts: 259


Code ninja


View Profile
« Reply #9 on: September 29, 2005, 07:49:14 AM »

I'm not a fan of image captchas, because there are too many problems. There are two kinds of bots you might want to keep out of a website: ones that are trying to post something anywhere they can manage (say, a bot that googles for phpbb based bulletin boards, registers, and posts spam), and ones that are trying to post specifically on your site (say, bots that try to post to LiveJournal).

The former are easily defeated without using captchas - trivial changes to registration forms (such as extra checkboxes, or even sometimes hidden input fields) are often enough to keep them out - they're written to work on a particular generic $PHP_APP site (phpbb, wordpress, LotGD, whatever) and any site that has something nonstandard required during registration, they'll just fail on - but it's not worth the bot author's time to fix it, as there are many other sites that can be targetted. My old site's forums had one hidden text field with a preset *constant* value in them, and that defeated 100% of spambots, because as soon as they failed to register on my forum, they immediately went straight onto the next forum, as any one forum wasn't worth worrying about.

The latter are a problem for large popular sites, or sites with a very high Google pagerank, such as LiveJournal, where the bot programs are written specifically to get into that one site, and are frequently updated to deal with new antispam measures. Trivial measures that will defeat generic bots won't help you here, but captchas are not that great either - most captchas in use on the 'net are *easily* crackable by machine with a bit of ingenuity (google for 'PWNcha' for examples), and the ones that aren't are often not easily readable by a human and may take several tries before one that's actually readable shows up - and once it does, it's probably readable by a machine too. Then, of course, there's the famous trick (probably not actually used anywhere yet, but certainly possible) - if you want to break captchas by the hundred and machine imaging isn't up to it, just set up a porn site and offer free porn to anyone who will create an account.. and when they set up their account, show them a captcha from the site you want to break into. When they submit the registration, try their answer to the captcha on the site you want to break, and if it works, let them in for free porn, making sure to tell them to tell their friends Wink

Add that to the other problems with captchas: people with text only browsers (yes, these people still exist - especially blind users), people with poor eyesight, people who are colour blind, the general annoyance factor for your users of having to stare at this wiggly blob and fail several times to be able to read it..

So, all my sites, whatever software they are running (game, cms, forum, anything) take 'trivial' but specific-to-my-site measures to prevent generic bots from spamming me, and so far these are 100% effective. If a site I run ever gets high-profile enough that it's targetted by bots that are being actively adapted to breach my trivial spam protection, then I will resort to using rate limiting, IP bans, or if it comes to that, an automated Turing test based on entirely textual questions and responses.

Of course, when you're LiveJournal it's hard to come up with *anything* that works simply because of the massive, massive volume of attackers, but I would be suprised if a LotGD site got that big Wink

Edit: Just to clarify, I'm talking about image-based captchas here, as used on many common sites. There are other ways to perform automated turing tests, but they are not widely deployed on the 'net and are thus harder to evaluate.
« Last Edit: September 29, 2005, 08:20:26 AM by Torne » Logged
SaucyWench
Mod God
*****
Offline Offline

Posts: 2238


I'm a good girl.


View Profile WWW
« Reply #10 on: September 29, 2005, 08:35:00 AM »

Kendaer is planning some changes to it which are in development now. There's a good reason you're all scratching heads... it is not released, and will not be free, as per the message on that link he posted. At present it looks like many other image captchas out there in the world, but the new bit is... well it is pretty good! I think you'll be very impressed when you see the finished product.

Nobody will make you use anything to stop bots... but we know of at least two out there already that play without a human and can stay logged in 24 hours a day to destroy the bandwidth available to your real players. There's a fair argument about wah, annoying players... but vicious lag caused by overloaded servers full of bots, is far more annoying... keep that in mind.
Logged

SaucyWench
Owner of GemDust.com and Darton City proudly hosted by LunarPages
Dannic
Guest
« Reply #11 on: September 29, 2005, 08:38:48 AM »

Thanks for moving this Smiley
Logged
Kendaer
Guest
« Reply #12 on: September 30, 2005, 08:01:27 AM »

Torne, I'll be the first to agree that image captcha's aren't the best thing in the world for the the reasons you mentioned.   I'm working on a captcha system in text which is based on logic and logical deduction/association rather than images, at which points players will be able to opt-out of visual captchas if they wish (at which point they will get only the logical ones), or they will get a mixture of both.  I'll probably let them opt out of the logical one as well (but only being able to opt out of one *or* the other Smiley Smiley)

As to when the captcha appears, it appears randomly during the play.  Merely having it at login, or registration would be ineffective, so it appears once every 100 page hits (give or take some random fluctuation) by default.  The frequency is settable by the admin.

And Saucy, the visual captcha code *is* released, that's why it's running on dragoncat and central.  If someone wanted to purchase it now, I'd happily sell it to them as I consider te code solid as it is.  It's just a verion 1.0 code, and version 2.0 will be better.  However, anyone who purchased it from me would certainly get future versions as well, so if they want it, there's not really any reason to wait for version 2.0.

I also am aware that the download page which gives information needs work.  I threw it there just to have it up and readable so people knew what the deal with the code was and then I got distracted with the logical captcha code Smiley
Logged
Torne
SVN Users
Codemeister
*
Offline Offline

Posts: 259


Code ninja


View Profile
« Reply #13 on: September 30, 2005, 09:29:48 AM »

Interesting idea, and I'm looking forward to seeing it. But, I'd find it annoying as hell if it was active on a server I played on (and would probably just have to go and teach greasemonkey to solve them for me..)

If the problem is server resources being consumed by bots playing characters, I'd personally look at different approaches, to identify which characters are the ones who are hogging the resources and investigate why. I don't run a large LoGD server (yet, I hasten to add), I have no idea what the extent of this is, so, forgive me for being naeive: but aren't there only a fixed number of productive non-chat pagehits that you can generate in a given gameday? Thus, surely bots can't generate any more load than a human playing the same game... in fact, probably less, since bots are unlikely to chat. So, err, why get rid of them?
Logged
Boofo
Member
Mod God
*****
Offline Offline

Posts: 774


View Profile
« Reply #14 on: September 30, 2005, 10:55:58 AM »

Well, the most likely place to find download links to modules that I've written but not released in the core would be to visit my server Smiley  Visit the about page and the module info and search for 'Captcha'.

That would be http://logd.dragoncat.net for anyone who didn't know.

However, the download link from there points to http://www.dragoncat.net/~jtraub/captcha.html, so you are welcome to just go there directly Smiley

Sounds good. I shall be contacting thee. Wink
Logged

chmod a+x /bin/laden -- Allows anyone the permission to execute /bin/laden
Pages: [1] 2   Go Up
  Print  
 
Jump to:  


*
DragonPrime Notices
Version 1.1.2 is the current supported version and is available for download.

Support Us
No funds raised yet this year
Your help is greatly appreciated!
Recent Topics
DragonPrime LoGD
Who's Online
76 Guests, 0 Users
Home Forums News Downloads Login Register Advanced Search