lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On 8/20/07, Gavin Kistner <gavin.kistner@anark.com> wrote:
From: PA
> Anyone has a suggestion for a simple (simplistic?) CAPTCHA mechanism?
> By simple, I mean not necessarily requiring heavy duty image
> generation
> or such...

A math-based CAPTCHA is exactly what I designed for a (Ruby) quiz a
couple years ago. I cannot vouch for its effectiveness versus bots, but
it seemed like it would be a sufficiently annoying amount of custom
programming for spammers to fight.

Something to avoid with the match captchas is trivially parsable text.  You could build up a formula tree in Lua, then serialize it, and then expect humans with their knowledge about parsing mathematical expressions to solve it.  A (good or bad, depending on your perspective) side-effect of increasingly-difficult math will result in filtering of *real* people, too.

The biggest problem with major captchas is that there's always a team of near-slave labor working somewhere to enumerate them all, so it becomes essentially a cryptographic arms-race.  You want an algorithm to produce so many possible outputs (that are all humanly solvable) that it can't be brute-forced by enumeration.