[aprssig] Re: Wiki: Ok. I give up.

Danny Messano danny at messano.net
Tue Aug 14 02:09:26 EDT 2007


Bypassed is an interesting choice of word.

I've heard that one way operators of adult websites bring in extra cash is
working with those looking to break captchas.

It goes something like:

Joe goes to adult website.  Website asks for his credit card, etc, for
access and makes him verify with a captcha.  In the background, a script
creates a dummy account on some website (Paypal, Digg, etc), and passes the
captcha image through to Joe's accout verification page on xxxwebsite.com.
Joe fills in captcha to verify for xxxwebsite.com, but is really assisting
the script in creating a fake account for the secondary website in the
background.  Joe gets access to the adult website, adult website operator
gets Joes money AND money from spammer for assisting in the fill-in of the
captcha, spammer gets access to secondary website for spamming.

This is why I hate captcha.  I'd rather pay someone to verify new accounts
than rely on captcha, get spammed, and pay someone to keep the site clean..
(which is probably double the task of the manual account verifications).

dm





-----Original Message-----
From: aprssig-bounces at lists.tapr.org [mailto:aprssig-bounces at lists.tapr.org]
On Behalf Of Mark Fellhauer
Sent: Tuesday, August 14, 2007 1:44 AM
To: TAPR APRS Mailing List
Subject: [aprssig] Re: Wiki: Ok. I give up.

At 02:54 PM 8/13/2007, Scott Miller wrote:


>I've restricted anonymous edits, and installed a simple captcha system.  
>If that proves inadequate there are some other measures that can be 
>implemented - MediaWiki has plenty of extensions and tweaks available.



It is my understanding that CAPTCHA has been/can be bypassed.  Dunno how, 
but I heard it on the radio a few weeks back.   Radio being AM Talk, not
Ham.

73,

Mark
KC7BXS




_______________________________________________
aprssig mailing list
aprssig at lists.tapr.org
https://lists.tapr.org/cgi-bin/mailman/listinfo/aprssig





More information about the aprssig mailing list