As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/
Options

DRM VS CAPTCHAs

master_kaosmaster_kaos Registered User regular
edited June 2007 in Debate and/or Discourse
People argue all the time for the big companies to stop implementing DRM since implementations are usually cracked fairly promptly, and the only people it hurts is the legit consumer (which I totally agree with).

Yet the same people that disagree with DRM, are in turn implementing CAPTCHAs into their websites that humans themselves can barely read.
Some sites have good captchas that I can read the letters/words perfectly fine, but lately I have been coming across sites where I cannot even make out 1/2 the letters -- they are extremely small, have a million dots/lines/other random crap that covers a good portion of the letters.
This one site I came across it literally took me 20 times until I got it.
People are cracking captchas all the time, so others are developing even "better" ones, and the cycle continues. Who ends up getting screwed? The legit people who are just trying to make a post but can't make out 6pt font letters with 50 lines going through it.

What is everyone elses take?

master_kaos on

Posts

  • Options
    The Green Eyed MonsterThe Green Eyed Monster i blame hip hop Registered User regular
    edited June 2007
    I think it'd be nice if someone explained to me what a CAPTCHA is.

    The Green Eyed Monster on
  • Options
    Paul_IQ164Paul_IQ164 Registered User regular
    edited June 2007
    celery77 wrote: »
    I think it'd be nice if someone explained to me what a CAPTCHA is.

    One of those "type out the letters you see in this warped and distorted pictures so we know you're not a malicious piece of computer software, or at least if you are you're a really clever one" things.

    A Completely Automated Personal Turing test to tell Computers and Humans Apart, apparently.

    Paul_IQ164 on
    But obviously to make that into a viable anecdote you have to tart it up a bit.
    Tetris: 337214-901184
    Puzzle League: 073119-160185
  • Options
    The Green Eyed MonsterThe Green Eyed Monster i blame hip hop Registered User regular
    edited June 2007
    Paul_IQ164 wrote: »
    celery77 wrote: »
    I think it'd be nice if someone explained to me what a CAPTCHA is.

    One of those "type out the letters you see in this warped and distorted pictures so we know you're not a malicious piece of computer software, or at least if you are you're a really clever one" things.

    A Completely Automated Personal Turing test to tell Computers and Humans Apart, apparently.
    Thanks.

    Then I can say -- I had to use this very forum's CAPTCHA recently, and it was pretty obnoxious. I'd generally fail once or twice before I got it right. That said, it's still better than spammers.

    If there's any real greater issue here, it's "fuck those spamming assholes" as far as I can see.

    The Green Eyed Monster on
  • Options
    ZoolanderZoolander Registered User regular
    edited June 2007
    It's a small price to pay. I've seen forums without CAPTCHAs, and it's not pretty.

    Zoolander on
  • Options
    flamebroiledchickenflamebroiledchicken Registered User regular
    edited June 2007
    I don't understand the relation here between DRM and the CAPTCHAs

    flamebroiledchicken on
    y59kydgzuja4.png
  • Options
    AroducAroduc regular
    edited June 2007
    I don't understand the relation here between DRM and the CAPTCHAs

    It's the same as the relation between padlocks and literacy tests.

    Which is to say... I have no fucking idea what he's on about either.

    Aroduc on
  • Options
    LaOsLaOs SaskatoonRegistered User regular
    edited June 2007
    I think it's something like both are really really annoying to legitimate users, and since they're cracked by the illegitimates soon enough, what's the point?

    LaOs on
  • Options
    monikermoniker Registered User regular
    edited June 2007
    celery77 wrote: »
    Paul_IQ164 wrote: »
    celery77 wrote: »
    I think it'd be nice if someone explained to me what a CAPTCHA is.

    One of those "type out the letters you see in this warped and distorted pictures so we know you're not a malicious piece of computer software, or at least if you are you're a really clever one" things.

    A Completely Automated Personal Turing test to tell Computers and Humans Apart, apparently.
    Thanks.

    Then I can say -- I had to use this very forum's CAPTCHA recently, and it was pretty obnoxious. I'd generally fail once or twice before I got it right. That said, it's still better than spammers.

    If there's any real greater issue here, it's "fuck those spamming assholes" as far as I can see.

    Plus the issue is more in what you're being restricted from doing. With a CAPTCHA you basically just don't get to enjoy the priveledge of posting somewhere or an equally trivial thing. It isn't very common that it's preventing you from doing anything all that important. DRM's, on the other hand, are essentially destroying the possibility for interoperability, and screwing over the customer for buying something online rather than getting a CD. CAPTCHA's can be annoying, but DRM's are downright despicable.

    moniker on
  • Options
    EndomaticEndomatic Registered User regular
    edited June 2007
    Captchas are fine when they are just letters. They can be twisted and scaled or whatever.

    But when you start throwing lines, obstructions, different colors etc is where they can fuck off. I can't see all that shit!

    Endomatic on
  • Options
    RandomEngyRandomEngy Registered User regular
    edited June 2007
    Yeah what DRM and CAPTCHAs are trying to do are fundamentally different. DRM tries to keep you from using your purchased content the way you want and CAPTCHAs try to keep public message boards from overflowing with spam. I recently closed down the PA Guild Wars forum because it was getting about 5 spam topics for every real post, something I would not have had to deal with if it had a CAPTCHA.

    RandomEngy on
    Profile -> Signature Settings -> Hide signatures always. Then you don't have to read this worthless text anymore.
  • Options
    AroducAroduc regular
    edited June 2007
    LaOs wrote: »
    I think it's something like both are really really annoying to legitimate users, and since they're cracked by the illegitimates soon enough, what's the point?

    That having the 1000 spammers in the world that bother to crack them is better than having the 50,000,000 in the world that don't?

    Aroduc on
  • Options
    master_kaosmaster_kaos Registered User regular
    edited June 2007
    Ill sum it up then

    DRM = A nuisance to consumers who just want to be able to listen to their MP3s on a few different devices, but doesn't really stop people who actually want to steal the content.

    CAPTCHAs= A nuisance to a visitor of a forum who just wants to make a quick post, but doesn't really stop the aggressive spammers who want to spam their products.

    I mean it isn't quite the same thing, due to the fact that captchas do stop some of the basic script kiddies.
    And I have no problem with them if they are EASILY readable. The issue is the fact that some of them now are almost impossible to make out.

    master_kaos on
  • Options
    LaOsLaOs SaskatoonRegistered User regular
    edited June 2007
    Aroduc wrote: »
    LaOs wrote: »
    I think it's something like both are really really annoying to legitimate users, and since they're cracked by the illegitimates soon enough, what's the point?

    That having the 1000 spammers in the world that bother to crack them is better than having the 50,000,000 in the world that don't?

    I'm not agreeing with the OP, I was just saying how I thought the OP thought the two were related.

    LaOs on
  • Options
    AroducAroduc regular
    edited June 2007
    LaOs wrote: »
    Aroduc wrote: »
    LaOs wrote: »
    I think it's something like both are really really annoying to legitimate users, and since they're cracked by the illegitimates soon enough, what's the point?

    That having the 1000 spammers in the world that bother to crack them is better than having the 50,000,000 in the world that don't?

    I'm not agreeing with the OP, I was just saying how I thought the OP thought the two were related.

    Can we flog him for a silly dichotomy then?

    Aroduc on
  • Options
    LaOsLaOs SaskatoonRegistered User regular
    edited June 2007
    Aroduc wrote: »
    LaOs wrote: »
    Aroduc wrote: »
    LaOs wrote: »
    I think it's something like both are really really annoying to legitimate users, and since they're cracked by the illegitimates soon enough, what's the point?

    That having the 1000 spammers in the world that bother to crack them is better than having the 50,000,000 in the world that don't?

    I'm not agreeing with the OP, I was just saying how I thought the OP thought the two were related.

    Can we flog him for a silly dichotomy then?

    If only we could make Poll Threads!!

    LaOs on
  • Options
    ThanatosThanatos Registered User regular
    edited June 2007
    The only way CAPTCHAs get cracked is by spam-farms using actual people to crack the code.

    So, at least you're forcing the spammers to spend more money in order to get onto the forums, not to mention the fact that the vast, vast majority of spammers are bots. So, whereas anti-piracy measures make it a major pain in the ass for 20% of legitimate users, and are quickly worked-around by 80% of software pirates, CAPTCHAs are a minor pain in the ass for 100% of legitimate users, and totally shut down 99% of spammers. And I'll bet if you asked most users which was worse, having to go through a CAPTCHA system once, or having to deal with spammers constantly, they're going to want the CAPTCHA.

    You can have fully-functional software without anti-piracy measures; you can't have a fully-functional forum without a CAPTCHA system.

    Thanatos on
  • Options
    ElJeffeElJeffe Moderator, ClubPA mod
    edited June 2007
    What Than said.

    ElJeffe on
    I submitted an entry to Lego Ideas, and if 10,000 people support me, it'll be turned into an actual Lego set!If you'd like to see and support my submission, follow this link.
  • Options
    MahnmutMahnmut Registered User regular
    edited June 2007
    Is the OP talking about forums with CAPTCHAs at registration only, or at every single login? I've seen a couple small forums with the latter, and it was excessive and irritating.

    Mahnmut on
    Steam/LoL: Jericho89
  • Options
    RandomEngyRandomEngy Registered User regular
    edited June 2007
    I like digg's approach to CAPTCHAs. You have to do them for a while but then it considers your account "trusted" and you no longer have to do them.

    RandomEngy on
    Profile -> Signature Settings -> Hide signatures always. Then you don't have to read this worthless text anymore.
  • Options
    jothkijothki Registered User regular
    edited June 2007
    These forums seem to have a moderately obnoxious one, but fortunately it only comes up when you're trying to register an account or do a search without having an account.

    jothki on
  • Options
    FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    edited June 2007
    I'll start to consider DRM and CAPTCHAs analogous when I start seeing CAPTCHAs in products I bought and paid for.

    Feral on
    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • Options
    EchoEcho ski-bap ba-dapModerator mod
    edited June 2007
    Thanatos wrote: »
    The only way CAPTCHAs get cracked is by spam-farms using actual people to crack the code.

    To elaborate on this: spammers go "here's some free porn if you tell us what these letters are!"

    The letters are yoinked from wherever they want to spam.

    Echo on
  • Options
    Marty81Marty81 Registered User regular
    edited June 2007
    Feral wrote: »
    I'll start to consider DRM and CAPTCHAs analogous when I start seeing CAPTCHAs install malicious software on my computer.

    Fixed.

    Marty81 on
  • Options
    electricitylikesmeelectricitylikesme Registered User regular
    edited June 2007
    The other point is, CAPTCHA's aren't so obnoxious that they result in the ridiculous situation where it is easier to crack the activation on software you already own rather then try to call up the activation hotline.

    electricitylikesme on
  • Options
    an_altan_alt Registered User regular
    edited June 2007
    I liked the version that was which three of these nine dudes/chick are the hot ones or the cats vs other animals approach. It was pretty easy for a human, but apparently very difficult for a spambot.

    Put me in the "they're totally worth it" camp.

    an_alt on
    Pony wrote:
    I think that the internet has been for years on the path to creating what is essentially an electronic Necronomicon: A collection of blasphemous unrealities so perverse that to even glimpse at its contents, if but for a moment, is to irrevocably forfeit a portion of your sanity.
    Xbox - PearlBlueS0ul, Steam
    If you ever need to talk to someone, feel free to message me. Yes, that includes you.
  • Options
    FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    edited June 2007
    an_alt wrote: »
    I liked the version that was which three of these nine dudes/chick are the hot ones or the cats vs other animals approach. It was pretty easy for a human, but apparently very difficult for a spambot.

    Meh, all those do is cut your spam by 2/3.

    Feral on
    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • Options
    electricitylikesmeelectricitylikesme Registered User regular
    edited June 2007
    Feral wrote: »
    an_alt wrote: »
    I liked the version that was which three of these nine dudes/chick are the hot ones or the cats vs other animals approach. It was pretty easy for a human, but apparently very difficult for a spambot.

    Meh, all those do is cut your spam by 2/3.
    The trick would be to go "type the letters of the animals which are cats, left to right" and then randomize the letters each time. Probably randomize the animals too.

    electricitylikesme on
  • Options
    RandomEngyRandomEngy Registered User regular
    edited June 2007
    Feral wrote: »
    an_alt wrote: »
    I liked the version that was which three of these nine dudes/chick are the hot ones or the cats vs other animals approach. It was pretty easy for a human, but apparently very difficult for a spambot.

    Meh, all those do is cut your spam by 2/3.

    1/(3 C 9) != 1/3.

    RandomEngy on
    Profile -> Signature Settings -> Hide signatures always. Then you don't have to read this worthless text anymore.
  • Options
    The Muffin ManThe Muffin Man Registered User regular
    edited June 2007
    Endomatic wrote: »
    Captchas are fine when they are just letters. They can be twisted and scaled or whatever.

    But when you start throwing lines, obstructions, different colors etc is where they can fuck off. I can't see all that shit!

    Who's brilliant idea was it to toss in diagonal (that took like 30 tries to get spelled right) lines in a CAPTCHA with an O? Thanks, assholes.

    But in all seriousness, is it really too much to ask that you make it a Jpeg or something? Making it a colorblind test is not fun. Especially not when you have dashes all over it with Os and 0s, and K/k, P/p, and O/o as case sensitive.

    But I prefer these to DRMs.
    I'll take "eye-burning, annoying, minor deterrence to post, view, or otherwise participate" over "legally protected virus" any day of the week, to be honest.
    I liked the version that was which three of these nine dudes/chick are the hot ones or the cats vs other animals approach. It was pretty easy for a human, but apparently very difficult for a spambot.
    A comic voting site does that. It'll have a character from one of their hosted comics, with their name on the edge in readable font, and "Which character is in the picture above?"
    Then the three options. This is what we should lean towards. It's easy to see for humans, nearly impossible for a computer(unless it has an infinite trial and error sequence and can waste all day testing a characters name from a webcomic hosted on the site), it'll keep it out for a while. And being randomly generated always cuts down on possibly finding it eventually. There's no guarantee a dice roll will ever feasibly get the right number if it's constantly randomized with each INCORRECT roll.

    The Muffin Man on
  • Options
    His CorkinessHis Corkiness Registered User regular
    edited June 2007
    The problem is that as you make the patterns easier to recognise by humans, they in turn are easier to recognise by bots. That's the reason you have CAPTCHAs with tons of distortion and italicised letters and whatnot - it isn't terribly hard to implement very basic character-recognition. It's ultimately a losing battle though, because as pattern-recognition software gets better, and computer power increases, it's going to take patterns that are damn hard for humans to recognise to fool the bots.

    His Corkiness on
  • Options
    LindenLinden Registered User regular
    edited June 2007
    Endomatic wrote: »
    Captchas are fine when they are just letters. They can be twisted and scaled or whatever.

    But when you start throwing lines, obstructions, different colors etc is where they can fuck off. I can't see all that shit!

    Who's brilliant idea was it to toss in diagonal (that took like 30 tries to get spelled right) lines in a CAPTCHA with an O? Thanks, assholes.

    But in all seriousness, is it really too much to ask that you make it a Jpeg or something? Making it a colorblind test is not fun. Especially not when you have dashes all over it with Os and 0s, and K/k, P/p, and O/o as case sensitive.

    These are the CAPTCHA systems that are truly flawed – accessibility to humans is important, and similar glyphs really don't help. Now, logic problems or tests built on thematic knowledge have certain advantages. Still vulnerable to brute force, though.
    A comic voting site does that. It'll have a character from one of their hosted comics, with their name on the edge in readable font, and "Which character is in the picture above?"
    Then the three options. This is what we should lean towards. It's easy to see for humans, nearly impossible for a computer(unless it has an infinite trial and error sequence and can waste all day testing a characters name from a webcomic hosted on the site), it'll keep it out for a while. And being randomly generated always cuts down on possibly finding it eventually. There's no guarantee a dice roll will ever feasibly get the right number if it's constantly randomized with each INCORRECT roll.

    Technically, this remains vulnerable to the great flaw of CAPTCHA systems, namely that a high-traffic site under the control of a nefarious individual (and pornography is apparently a major source of this) can simply pipe the data elsewhere and ask someone else to solve it.

    Similarly, such a design, if widely adopted, would require a defence against current OCR technology – which suggests that it could quickly deteriorate into being very similar to current CAPTCHAs.

    As a note, using a random selection never guarantees that you will reach the correct result.

    For an interesting comment on the whole thing, see the claim that "you cannot apply a technological solution to a sociological problem." (Edwards' Law)

    There are limits to this, of course, but there's a point there.

    Linden on
  • Options
    FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    edited June 2007
    RandomEngy wrote: »
    Feral wrote: »
    an_alt wrote: »
    I liked the version that was which three of these nine dudes/chick are the hot ones or the cats vs other animals approach. It was pretty easy for a human, but apparently very difficult for a spambot.

    Meh, all those do is cut your spam by 2/3.

    1/(3 C 9) != 1/3.

    Yeah, you're right. I wasn't thinking.
    I actually did the math once and figured that it still wasn't worth it.
    I think it's a good idea for a captcha, but it really should use a larger grid. Right now, the chances of randomly selecting three are 3/9 * 2/8 * 1/7 = 6/504 = 1/84. That's pretty susceptible to a brute force attack.

    Just making it 4 kittens out of a 4x4 grid would decrease that chance to 4/16 * 3/15 * 2/14 * 1/13 = 24/43680 = 1/1820.

    I don't know at what level of probability we want to say that susceptibility to a brute force attack becomes negligble, but compare either of these to a six-character alphanumeric captcha: 26 lower-case letters, 26 upper-case letters, and 10 numerals makes (1/62)^6 = 1/56800235584.

    Kind of a big difference, no?

    Feral on
    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • Options
    RandomEngyRandomEngy Registered User regular
    edited June 2007
    Yeah well you can ban IPs that make a lot of failed attempts.

    RandomEngy on
    Profile -> Signature Settings -> Hide signatures always. Then you don't have to read this worthless text anymore.
  • Options
    OtakuD00DOtakuD00D Can I hit the exploding rocks? San DiegoRegistered User regular
    edited June 2007
    Paul_IQ164 wrote: »
    celery77 wrote: »
    I think it'd be nice if someone explained to me what a CAPTCHA is.

    One of those "type out the letters you see in this warped and distorted pictures so we know you're not a malicious piece of computer software, or at least if you are you're a really clever one" things.

    A Completely Automated Personal Turing test to tell Computers and Humans Apart, apparently.

    ...Completley Automated Personal Turing to tell Computers and Humans Apart. Something about that is incredibly ironic to my ears.

    OtakuD00D on
    makosig.jpg
  • Options
    GlalGlal AiredaleRegistered User regular
    edited June 2007
    I didn't even catch that.

    [edit] More like CAPTCHA that.

    Glal on
  • Options
    JaninJanin Registered User regular
    edited June 2007
    There was a very good post about CAPTCHAs on Jeff Atwood's site. Basically, even the most rudimentary of CAPTCHAs is enough to block spam almost entirely.
    Although there have been a number of CAPTCHA-defeating proof of concepts published, there is no practical evidence that these exploits are actually working in the real world. And if CAPTCHA is so thoroughly defeated, why is it still in use on virtually every major website on the internet? Google, Yahoo, Hotmail, you name it, if the site is even remotely popular, their new account forms are protected by CAPTCHAs.

    The comment form of my blog is protected by what I refer to as "naive CAPTCHA", where the CAPTCHA term is the same every single time. This has to be the most ineffective CAPTCHA of all time, and yet it stops 99.9% of comment spam. I can count on two hands the number of manually entered comment spams I've gotten since I implemented it. Granted, Yahoo is more popular than my blog by many orders of magnitude. But it's still strong evidence that moving the difficulty bar up even one tiny notch can be quite effective in reducing spam. I went from cleaning up comment spam every day to cleaning one per month. Big difference.

    Janin on
    [SIGPIC][/SIGPIC]
Sign In or Register to comment.