Slash Boxes
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
More | Login | Reply
Loading... please wait.
  • Personally, I think the images are a waste of time. merlyn (Randal Schwartz) did a column in Web Techniques for the same basic thing.

    Never one to resist a pointless challenge, before the article hit print, I wrote a "cracker" for it. The write-up is here [], for those that may be interested.

    You're going to have to get a lot more tricky than 3 letters with a consistent font to stop a 'bot. Most of the time is invested in creating the font table, but once you've got that, the pattern matching is trival.

    • No, mostly because I'd have to build the font maps. But in loading the images several times, the fonts all appear consistent, along with their positioning. The slight color in the background is easily worked around.

      The down side to the images is that it makes posting with lynx pretty darn impossible. And considering that a great many Perl users are *nix users, that doesn't seem like a nice thing to do. Even if lynx *does* represent a small viewer-shared.


      • As to whether it is not nice for the users, that's not relevant to anything in particular that we're doing right now. Sites don't have to use this. As I said, we are testing it. I don't know of any site that we are working on that will turn it on for posting comments on a regular basis.

        And I do doubt how "easily" you could work around things. What if every letter were a different color with a different background, with dithering all throughout? As Jamie notes, it's trivial to add things like that, and
        • Could somebody shoot Tim Berners Lee so he can turn in his grave!

          Am I missing something or is this a big two fingers to blind users? Maybe you could put the letters in the ALT tag ;-)

          Helping put this in slashcode is just as bad as Adobe allowing publishers to disable "Read Aloud" on their e-books. The argument that sites/publishers don't actually have to use it is no more a defense for slashcode than it is for Adobe.
          • We're not happy about its effect on blind users, but images are not the only possibility for this kind of verification. We hope in future to offer alternate methods -- I'm thinking audio snippets, in particular. We can also set up a method for admins to exempt particular accounts. Etc.

            The nature of the internet is that it's trivial to DDoS any site that allows anonymous or semi-anonymous postings. Some Slash sites are actively targeted by hostile users for scripted attacks, and those sites need defenses.

            • I wrote a long (constructive) response to this but the combination of IE and the absolutely shit bag of a Chinese internet cafe I'm in just ate it on me!

              Basically it amounted to doing a few checks on the recent history of the IP address an account is being registered from or a check on the history of a doubtful account (all new accounts being doubtful until they prove themselves). If the checks fail, then get them to pass a humanity test.

              This should mean that a blind person would have to be unlucky when j