مطالب خود را برای وبلاگچی ارسال کنید تا با نام و آدرس ایمیل شما منتشرشود.

اسپمرها يکي از موانع رخنه به اي ميل کاربران Gmail و Hotmail را از سر راه خود برداشته اند. کپچا (CAPTCHA) آزموني است که تعيين مي کند آيا کاربر يک ماشين است يا يک انسان. اين تست براي جلوگيري از عملکرد ماشين هاي مخرب است چون کامپيوترها نمي توانند اين تست را حل کنند. در واقع هر کاربري که آن را درست حل کند، انسان فرض مي شود.
عمومي ترين شکل کپچا همان خطوط کج و ناواضحي است که مثلاً هنگام نظردادن در يک وبلاگ وجود دارد و از شما مي خواهند تا آن را در يک جعبه آزمون (text box) تايپ کنيد.
به گزارش The Register اسپمرها توانسته اند کپچاي گوگل و مايکروسافت را دستکاري کنند و بدين سان يکي از موانع امنيتي نفوذ به حساب کاربران Gmail و Hotmail را از سر راه خود بردارند. اين گزارش که در آن بهsecuritylabs.websense.com استناد شده، حاکي از آن است که اوايل هفته جاري، يک شرکت امنيتي اعلام کرد هکرهاي کلاه مشکي توانسته اند سيستم پيشرفته کنترلي کپچا را که در Hotmail به کار گرفته شده، هک کنند.
هرزنامه نويس ها تمايل بسياري به شکستن اين مانع امنيتي دارند زيرا يک اي ميل با کنترل هاي ضدهرزنامه بسياري محافظت مي شود.
شرکت هاي فيلترينگ اسپم از قبيل MessageLabs، وقتي با گسترش رو به رشد اي ميل هاي ناخواسته مواجه شدند، به استفاده از کنترل هاي مختلف روي آوردند.
به نظر مي رسد اسپمرها که هميشه سيستم هاي محافظتي اي ميل هاي ما را دور مي زده اند و آن را با توصيه هايي در مورد سهام، قرص هاي تقويت جنسي و مزخرفاتي از اين دست پر مي کرده اند، باز هم نبوغ ديگري از خود نشان داده اند و توانسته اند سيستم راستي آزمايي ديگري را با موفقيت پشت سر گذارند.

با تشکر از امین . ب - فرستنده مطلب : ahoora_mazda15@yahoo.com

پیام های بازرگانی:

What you need is:

A image tag in your user form, the src of it should point to a program (.jsp,struts-action etc.) which returns a randomly image (which has text), but before returning this program must store the image text in Session too, so that it when the form is submitted, you can retrieve what the user typed for the image text and compare it against what i stored in the session.

Not clear?

Ok your user form looks like this:

<form action="/registerUser">

Email: <input type="text" name="email">

Name: <input type="text" name="thename">

<img src="/myapp/getMySecretImage.do">

Type the image text here: <input type="text" name="thesecret">

</form>

So, as you see above, the registration form has a image with an src that is pointing to a struts action. It could as well point to a JSP page or a CGI Script or whatever is capable of generating a image and returning.

Now, let us see what the image generation program looks like. Remember that it will not just return the image but also store the text that will display inside the image in user session.

So, if you are writing your struts action's (/getMySecretImage) executre method will look like this (you can put the same thing in a servlet or JSP):

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import java.awt.Color;
import java.awt.Font;
import java.awt.FontMetrics;
import java.awt.Graphics2D;
import java.awt.geom.AffineTransform;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.util.Iterator;

import javax.imageio.IIOImage;
import javax.imageio.ImageIO;
import javax.imageio.ImageWriteParam;
import javax.imageio.ImageWriter;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class MyCaptchaStrutsAction extends Action
{

public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request,
            HttpServletResponse response) throws Exception {
    
        String imageFormat = "jpg";
      response.setContentType((new StringBuilder("image/")).append(imageFormat).toString());
         try
         {
             Color backgroundColor = Color.red;
             Color borderColor = Color.black;
             Color textColor = Color.white;
             Color circleColor = new Color(160, 160, 160);
             //Font textFont = new Font("Arial", 0, paramInt(request, "fontSize", 24));
             Font textFont = new Font("Arial", 0, 24);
             int charsToPrint = 6;
             int width = 130; //paramInt(request, "width", 130);
             int height = 40; //paramInt(request, "height", 40);
             int circlesToDraw = 6;
             float horizMargin = 20F;
             float imageQuality = 0.95F;
             double rotationRange = 0.69999999999999996D;
             BufferedImage bufferedImage = new BufferedImage(width, height, 1);
             Graphics2D g = (Graphics2D)bufferedImage.getGraphics();
             g.setColor(backgroundColor);
             g.fillRect(0, 0, width, height);
             g.setColor(circleColor);
             for(int i = 0; i < circlesToDraw; i++)
             {
                 int circleRadius = (int)((Math.random() * (double)height) / 2D);
                 int circleX = (int)(Math.random() * (double)width - (double)circleRadius);
                 int circleY = (int)(Math.random() * (double)height - (double)circleRadius);
                 g.drawOval(circleX, circleY, circleRadius * 2, circleRadius * 2);
             }

             g.setColor(textColor);
             g.setFont(textFont);
             FontMetrics fontMetrics = g.getFontMetrics();
             int maxAdvance = fontMetrics.getMaxAdvance();
             int fontHeight = fontMetrics.getHeight();
             String elegibleChars = "ABCDEFGHJKLMPQRSTUVWXYabcdefhjkmnpqrstuvwxy23456789";
             char chars[] = elegibleChars.toCharArray();
             float spaceForLetters = -horizMargin * 2.0F + (float)width;
             float spacePerChar = spaceForLetters / ((float)charsToPrint - 1.0F);
             g.getTransform();
             StringBuffer finalString = new StringBuffer();
             for(int i = 0; i < charsToPrint; i++)
             {
                 double randomValue = Math.random();
                 int randomIndex = (int)Math.round(randomValue * (double)(chars.length - 1));
                 char characterToShow = chars[randomIndex];
                 finalString.append(characterToShow);
                 //maxAdvance * 2;
                 //fontHeight * 2;
                 int charWidth = fontMetrics.charWidth(characterToShow);
                 int charDim = Math.max(maxAdvance, fontHeight);
                 int halfCharDim = charDim / 2;
                 BufferedImage charImage = new BufferedImage(charDim, charDim, 2);
                 Graphics2D charGraphics = charImage.createGraphics();
                 charGraphics.translate(halfCharDim, halfCharDim);
                 double angle = (Math.random() - 0.5D) * rotationRange;
                 charGraphics.transform(AffineTransform.getRotateInstance(angle));
                 charGraphics.translate(-halfCharDim, -halfCharDim);
                 charGraphics.setColor(textColor);
                 charGraphics.setFont(textFont);
                 int charX = (int)(0.5D * (double)charDim - 0.5D * (double)charWidth);
                 charGraphics.drawString((new StringBuilder()).append(characterToShow).toString(), charX, (charDim - fontMetrics.getAscent()) / 2 + fontMetrics.getAscent());
                 float x = (horizMargin + spacePerChar * (float)i) - (float)charDim / 2.0F;
                 int y = (height - charDim) / 2;
                 g.drawImage(charImage, (int)x, y, charDim, charDim, null, null);
                 charGraphics.dispose();
             }

             g.setColor(borderColor);
             g.drawRect(0, 0, width - 1, height - 1);
             Iterator iter = ImageIO.getImageWritersByFormatName(imageFormat);
             if(iter.hasNext())
             {
                 ImageWriter writer = (ImageWriter)iter.next();
                 ImageWriteParam iwp = writer.getDefaultWriteParam();
                 if(imageFormat.equalsIgnoreCase("jpg") || imageFormat.equalsIgnoreCase("jpeg"))
                 {
                     iwp.setCompressionMode(2);
                     iwp.setCompressionQuality(imageQuality);
                 }
                 writer.setOutput(ImageIO.createImageOutputStream(response.getOutputStream()));
                 IIOImage imageIO = new IIOImage(bufferedImage, null, null);
                 writer.write(null, imageIO, iwp);
             } else
             {
                 throw new Exception("No encoder found.");
             }
             request.getSession().setAttribute("CAPTCHA", finalString.toString());
             g.dispose();
         }
         catch(Throwable e)
         {
          System.out.println("Unable to build Captcha image: " + e);
         }    
    
     return null;
    }

}

(NOTE: This image generation code in its JSP version is here. It has only been put in struts action form above.)

Bem, sem desperdiçar mais tempo vamos falar sobre um solução muito comum hoje em dia e utilizada também para barrar robôs que servem como ferramentas de SPAM. Estamos falando do Captcha.

CAPTCHA é um acrônimo da expressão "Completely Automated Public Turing test to tell Computers and Humans Apart" (teste de Turing público completamente automatizado para diferenciar entre computadores e humanos): um teste de desafio cognitivo, utilizado como ferramenta anti-spam.

Um tipo comum de CAPTCHA requer que o usuário identifique as letras de uma imagem distorcida, às vezes com a adição de uma seqüência obscurecida das letras ou dos dígitos que apareça na tela.  

 Exemplo:

A classe que utilizaremos para este POST será a SecureImage, efetue o download do pacote.

Bem, no pacote já contém os arquivos necessários para implementar o Captcha em seus sites e sistemas on-line.

Um ponto interessante neste pacote disponível para download é que ele possui a opção de ouvir as letras e números que aparecem na imagem gerada. Isso ocorre devido à grande quantidade de pessoas cegas que utilizam a internet através de leitores de tela.

Galera, é muito importante que nossos sites fiquem protegidos de programas mal intencionados, mas pelo amor de Deus, não se esqueçam da ACESSIBILIDADE, os portadores de deficiência visual por exemplo não consegueriam acessar seu site se precisar passar por um CAPTCHA, uma vez que a intenção do captcha é impedir que um programa (como o leitor de tela por ex.) seja capaz de saber o que está escrito na imagem. Não é o caso deste pacote que estamos falando, pois ele possui a opção de áudio.

O áudio contido neste pacote está em inglês, seria legal se passássemos para o português ou se alguém conhecer um que já esteja em nossa língua, por favor nos indique.

Vou deixar esse link do exemplo:  Teste o captcha

abraços

SQL Injection

CAPTCHA

Inspired by UserFriendly.

Sério, a falta do que fazer, o excesso de tempo livre, a falta de vida dos nerds, a criatividade dos Geeks é uma coisa de outro mundo... Ainda bem que esse é um Captcha simples.

Para quem não sabe, CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) é um teste para verificar se você consegue identificar as letras e/ou números escritos na imagem para evitar registros fraudulentos de contas ou mesmo envio de mensagem automatizada via site da Claro. Ou seja, um método para garantir que aquilo seja usado apenas por seres humanos, embora macacos e alguns leitores de captcha já tenham conseguido decifrar-los...

Só não me pergunte qual a fixação que esse geek/nerd tem por CAPTCHA, que eu não faço a menor idéia.

Fonte: OhGizmo!

La mayoría de veces que ponéis un comentario en un blog o en una página web, o rellenáis una encuesta, u otras cosas en las que sólo interesa el factor humano (¿a quién le importa un carajo lo que piense una máquina sobre la crisis económica?) vemos Captchas.

El que no sabía lo que era, estoy seguro que esta imagen le ha aclarado la duda.

Un Captcha (acrónimo de Completeley Automated Public Turing test to tell Computers and Humans Apart [Prueba de Turing pública y automática para diferenciar máquinas y humanos]) es una prueba visual (a menudo varias letras distorsionadas) para distinguir a un ser humano de una máquina (hasta que punto hemos llegado, ¿eh?).

Los Captchas se utilizan para evitar comentarios o e-mails de spam, o resultados falseados en una encuesta. Los vemos a menudo (o, al menos yo) al hacer comentarios en los blogs, para evitar que los saturemos de spam y publicidad.

Espero haber resuelto la duda (a los que la tenían).

UPDATE October 9th, 2008:  Hai Everyone!  In two days, I've been overwhelmed with online coverage of my Dream Captchas.  I want to give a huge thank you to all the bloggers out there who picked it up:  Neatorama (first!), Boing Boing, Gizmodo, Make:, Etre, OhGizmo!, Pixel-Shack, GEARFUSE, Unplggd, and so many more!  Thank you so much.

Also, the work is for sale.  The Dream Captchas will be made in a limited edition of 23.  Please send an Email to jeff (at) gus23 (dot) com for pricing information. 

I recently created new work called Dream Captcha. In a way, it’s made in a variable edition. But as of right now when this is published, there are only two. More are in the works. Please click here to see them on my site, but they are also pictured below.

Dream Captcha, #1
2008
mixed media
12" x 35" (30.5cm x 88.9cm)

Dream Captcha is a play on the idea of a traditional Ojibwa dreamcatcher and the technology of CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart).

So the idea of the dreamcatcher is something I’ve been exposed to since I was a young kid. In elementary school we learned how to make them. When I went on school trips to historic Waterloo Village in New Jersey, we saw them on display. After reading the entry on dreamcatchers in Wikipedia, it was interesting to read that they’ve become somewhat “tacky and over-commercialized due to their acceptance in popular culture”. I’m definitely from a generation that saw it as part of popular culture, kind of like it was the thing-to-do to wear a ‘holy rosary’ as a necklace.

Then there’s the idea of Captcha. Silly trivia: I went to Carnegie Mellon University where the Captcha technology was developed. Don’t you love that? As Wikipedia defines it, a Captcha “is a type of challenge-response test used in computing to ensure that the response is not generated by a computer”. You’ve probably encountered a Captcha before. You’re at a website, about to fill in a comment, and then the website asks you to type the letters you see in a box—the letters are all squiggly and distorted. Basically, a robot can’t read those letters, but a human can, so hurray, the site isn’t overloaded with spam and porn and whatnot. However, the Captcha technology isn’t limited to squiggly letters, and in fact, is readily deciphered by newer robots today.

As a side note, the latest version of the Captcha technology is called reCaptcha, and is the preferred choice. Not only is it more difficult for robots to decipher, but it’s also putting our human effort to work! I love this: so now that we’re in the digital age, tons of books are being turned into digital files. How do you do that? By scanning the pages, of course, and then having a robot read the images of words. But, sometimes the scanned image distorts the words such that the robot can’t read the letters. Oh Noes! So, the smart computer scientists utilized all of us humans during these seconds of Captcha deciphering to help the robots turn books into files. Yay!

Dream Captcha, #1, detail

Anyway, so here comes the artwork! I’m really interested in the relationship between my identity and the Internet. I’m interested in how I can become someone else or learn more about myself by using the Internet. Regardless of what that identity is, Dream Captcha is a work about protecting that identity.

Dream Captcha, #2
2008
mixed media
12" x 38" (30.5cm x 96.5cm)

The original idea of a dreamcatcher is an object to protect sleeping children from nightmares. And you can argue that one use of Captcha is to protect a website’s identity. Therefore, a main expression of the work is obviously protection. Another idea that arises is what I’m beginning to see as a thread connecting a lot of my work, and that’s the idea of superficiality. There’s a comment going on here about the appropriation of a sacred object that’s already been objectified in popular culture. And then there’s the use of a technology that’s already seen its heyday.

In terms of material, I was really excited to use my craftsmanship to make a beautiful object. The letters are cotton fabric secured by polyester thread and woven into a ring wrapped in satin cord. The hanging thingies are polyester batting and tulle, topped with a plastic bead. During my work with my Mouse Drawings and Tagged 3.0, I discovered that the Internet is designed in a hard-edged, grid-like way. So I was walking in the Garment District and I passed a fabric store with this grid-like tulle fabric just chillin’ outside, and I was like, “omg, the Intarweb!”. So I grabbed a few yards, and some of the batting (gray is so computer-ish) and had it in my studio even before I tried to figure out what I could use as that part of the dreamcatcher.

Dream Captcha, #2, detail

The hanging thingies was the hardest part to conceptualize for Dream Captcha. I knew that the idea of the feathers and other small tokens hanging from a true dreamcatcher were sacred objects. So I thought, ‘what is sacred to an Internet user’? I even asked my buddies on Twitter. In the end, I took artistic liberties and forced myself away from being so heavy on the idea. The concept was to make an object that was similar to a dreamcatcher. Whether or not the tulle and batting are ‘sacred’ to an Internet user, who knows, but I’m glad I used materials that I knew had some kind of idea related to the Internet (especially one I had discovered during my artistic practice) as well as completed the look of a dreamcatcher.

Links Cited:
Wikipedia entry, Dreamcatcher.
Wikipedia entry, CAPTCHA.
Wikipedia entry, reCAPTCHA.

• 1) offers a “turnkey” Web site solution or “do it yourself” Web site tools;
• 2) charges their clients a minimum monthly fee of $40 (any lower and there’s usually not enough margin for our service);
• 3) has an established client base of at least 1,000 Web sites

We’re looking for CTOs who’d be interested in integrating our Form Armor anti-spam Web service to stop spam sent through any kind of Web site form, without the need for CAPTCHA. You’ll recognize these colleagues if you know a CTO or Web developer who’s receiving complaints from their clients and customers about Web site form spam and abuse – and who doesn’t want to implement CAPTCHA tests that require users to identify distorted letters just to complete a form.

Success fee: $1,000.

now i dont want the file, do i?

 

Yes, the concept is sound.  The mind of the inventor, however, is fair game for ruthless interrogation.

I declare this an abomination.

XRumer es una aplicación que permite pasar de modo automático los muchas veces engorrosos métodos de “validación humana” también conocidos como CAPTCHA o clave alfanumérica incrustada en imágenes que debes introducir para validar normalmente un formulario.

A día de hoy sus creadores han anunciado que han sido capaces de implementar el programa de forma que reconozca el CAPTCHA de Google y no sólo eso, ya que también afirman ser capaces de leer el típico código “elige al gato”. La nueva versión 0.5A de XRumer afirma reconocer una gran cantidad de CAPTCHAs entre ellos los incluidos en los sistemas de foros más populares como son phpBB 3, BMForum, Web Wiz Forums, Ukoz y VBulletin 3...sigue

LEER mas en theinquirer.es

Over the last few weeks I've blogged on using the Zend Framework's Akismet Service to "spam proof" your generic, run of the mill contact form.

Of course, services like Akismet and TypePad Antispam only come into play after the form has been submitted, a "cure" so to speak.

What we really need is some form of robust "prevention". Stop the spam bots right at the door. There's nothing more irritating than getting bombarded by 10k submissions every hour on the hour - even if they're being filtered out by your Akismet / TypePad service.

Which brings us to the now common place CAPTCHA component. Designed to stop automated spam bots in their tracks, its a pretty effective method. Ordinarily, it's not too difficult to implement a CAPTCHA component to your form, but ReCaptcha and the Zend Framework have now made it child's play.

ReCaptcha is an online service providing a free CAPTCHA API for you to use. What's also really nifty is that while your users fill in the CAPTCHA form, they're also helping develop OCR software used to digitize books and manuscripts.

As an example I've gone and written a basic contact form, zipped it up and made it available here. Inside the zip file is all the code necessary for a very basic and hopefully spam proof contact form.

The following Zend Framework components were used :

• Zend Loader
• Zend Config
• Zend View
• Zend Service ReCaptcha
• Zend Service Akismet
• Zend Mail
• Zend Validate
• Zend Filter
• Zend Registry

I've also included a simple wrapper for Zend View, since I didn't feel that it was necessary to go the whole MVC route on this one.

The code used is pretty straightforward and easy to follow with as many comments thrown in there as I could stomach, but if you have any questions please feel free to leave a comment or send a mail.

Before you begin, you'll need the following:

• A ReCaptcha key pair (multiple key pairs are supported by this script)
• An Akismet/TypePad Antispam API key

To use, unzip the file (it already contains the Zend Framework v1.6), edit the config.xml file and then simply customize the view scripts (view/form.php, view/success.php, view/mail.php).

Unfortunately I haven't had much time to test the example thoroughly as it was written in a bit of a hurry (only had about an hour or so), so if you find or even fix any bugs please let me know and I'll sort it out as soon as I get an opportunity to do so.

One last note : the code is provided under the New BSD License, so have fun.

Read More...

The xrumer 5.0a has already been released on the wild. So now its turn for the spammers who can enjoy spamming by using this to create junk mail boxes in google.

To know more about the features of Xrumer 5.0a
check with this site : http://agha.st/2008/10/xrumer-50a---google-captcha-cracked.php

Interesting new approaches to search coming out of Yahoo!

Yahoo! Glue - a new web search interface
When you perform a search on Yahoo! Glue you get a sort of Topic Page - automatically transcluding relevant info onto a single page with a clean URL. For instance, a search for ‘yahoo’ would be at: http://in.glue.yahoo.com/page/yahoo. Curiously these pages are being indexed by Google. There are currently 159,000 ‘glues’ in the Google index – that’s more than knol.

BOSS (Build your Own Search Service) Yahoo!'s open search web services platform [yahoo! developer network]
Use Yahoo's search API to build your own search UI. Useful and it might be a smart move in the fight with Google, but more likely it won't be causing Google to loose much sleep.

Whether or not Captcha is broken, it is a human problem

Captcha is broken - now what? [The Guardian]
"Ultimately Captchas are useless for spam because they're designed to tell you if someone is 'human' or not, but not whether something is spam or not. Just because something came from a real human being doesn't mean it isn't spam, which is why content-based solutions like Akismet are the only long-term solution to the spam problem."

The new guardian.co.uk infrastructure is letting them do some interesting stuff, the right way

guardian.co.uk are doing a really good job rebuilding the site - the new user pages are now at lovely semantic URLs
The main page of a user's contributions (at http://www.guardian.co.uk/users/username) now contains a list of the most recent comments and clippings they've made, while the sub-pages /clippings and /comments contain exactly what their names might hint at.

Just down right scary...

Web of Debt - It's the derivatives, Stupid! Why Fannie, Freddie and AIG all had to be bailed out
The dominos go down in a cascade of cross-defaults that infects the whole banking industry and jeopardizes the global pyramid scheme. The potential for this sort of nuclear reaction was what prompted billionaire investor Warren Buffett to call derivatives “weapons of financial mass destruction.” It is also why the banking system cannot let a major derivatives player go down, and it is the banking system that calls the shots. The Federal Reserve is literally owned by a conglomerate of banks; and Hank Paulson, who heads the U.S. Treasury, entered that position through the revolving door of investment bank Goldman Sachs, where he was formerly CEO.

Don't know what's going on here - but these two are bonkers [news.bbc]
And how they didn't die is a mystery.

Heu... un système de... CAPTCHA ?

J'avoue, le nom est un peu bizarre, et pourtant je suis quasiment certain que, si vous vous êtes inscrits d'une manière ou d'une autre sur quelques sites ou forums, vous avez été confrontés à un CAPTCHA. On y est même confronté pour commenter sur certains blogs.

Les CAPTCHAs sont des "énigmes" destinées à être uniquement résolues par des humains, et pas par des ordinateurs. Leur création est partie d'un constat très simple : il faut pouvoir différencier l'humain de l'ordinateur. Par exemple, il y a quelques années, une recrudescence de messages publicitaires a défilé sur beaucoup de forums, tout simplement parce que les spammeurs avaient créé des logiciels (bots) capables de s'inscrire de façon automatique sur les forums en remplissant les champs demandés.

La plupart des CAPTCHAs se basent sur des mots très déformés pour ne pas être reconnaissables par un ordinateur, mais que le cerveau humain arrive quand même à reconnaître. On doit recopier ces mots lors de l'inscription pour prouver qu'on est humain.

Les CAPTCHAs sont des formes de tests de Turing, pour plus d'informations un petit tour sur Wikipedia s'impose :)

En quoi ça peut servir à quelque-chose d'autre, ce truc ?

Re-CAPTCHA est parti d'un autre constat simple : les technologies de reconnaissance de caractères (OCR) ne sont aujourd'hui pas assez performantes pour être utilisées sur des textes mal imprimés, ou dont l'impression s'est dégradée au fil du temps.

Ci-dessous on peut voir un exemple de phrase scannée, et de ce que l'ordinateur "comprend" (image tirée du site de Re-CAPTCHA) :

Pas top, quoi :(

Et là, ils ont eu une super idée (enfin je trouve :D ) : utiliser des gens pour améliorer le procédé.

Et les gens, ils font ça gratuitement ?

Oui, parce que ça fait partie du processus d'inscription à un forum, un site communautaire, ou autre.

Re-CAPTCHA propose à l'utilisateur 2 mots, déformés et barrés pour ne pas être reconnus par un ordinateur. Les 2 mots sont tirés d'un texte où l'OCR est médiocre :

• un des mots est un mot de contrôle, déjà connu, et sert en fait de réel CAPTCHA
• l'autre mot est un mot que l'OCR n'arrive pas à reconnaître.

L'utilisateur doit taper les 2 mots. Ainsi le 1er mot sert de test pour savoir si l'utilisateur est humain, et le 2ème sert à aider l'OCR à s'améliorer.

En combinant les mots, et en proposant le même mot inconnu à plusieurs personnes, on finit par être sûr de son sens, et le logiciel d'OCR peut alors apprendre que ce mot s'écrit aussi comme cela.

Pas bête...

Personnellement, je trouve l'idée très sympathique. Chaque utilisateur prend 10 secondes de son temps d'inscription pour faire progresser la technique, et tout le monde est content. On peut même se servir (gratuitement) du service pour publier son adresse mail de façon protégée sur un forum, par exemple : on publie un lien qui demande de résoudre un Re-CAPTCHA avant de donner l'adresse.

Actuellement, Re-CAPTCHA est utilisé pour numériser des livres de archive.org et les vieilles éditions du New-York Times. Le site de Re-CAPTCHA estime à 60 millions le nombre de ces petites énigmes résolues par jour, soit l'équivalant de 150 000 heures de travail (quand même !). Ca en ferait des mots reconnus si tout le monde utilisait ce système...

Here's what I mean...

I'm a man and thats just easy to make mistage, isn't it?

Mystères algorithmiques ou "forces de l'esprit" ? François Mitterrand is back. Avec quelques fautes certes, mais il repart discrètement en campagne par le biais d'un captcha à remplir sur Google dans le cadre du projet pour fêter les dix ans du géant de Mountain View. L'internaute qui veut valider son post était en effet invité à taper : "voter Mitterand" (sic les 2 fautes). C'est ce qu'a relevé un lecteur de PCINpact :

I picked this up on ReadWriteWeb and if you want to actually know what the concept is I suggest you hit the link to find out. In brief however, the project takes the fact that roughly 100 million Captcha forms are filled in daily and aims to direct otherwise wasted time and effort into transcribing an estimated 160 books a day. That's a whopping one Tom Clancy novel a week. It's at times like this when my faith in humanity is restored. That freshly rediscovered faith is quickly lost, however, when I happen upon comments such as the one below, deposited following a BBC article about the Hadron Collider...

What a waste, indeed.

1. You must have Action and Interface class that handle Captcha request in a page.
2. Create Getter Method that return String URL Captcha, add also in Interface.
3. Manipulate Seam Captcha resource URL. Concat it with Current Time Millis String so the URL always change if a request come.
3. Call getter method from Action class in JSF page.

CaptchaAction.java
[sourcecode language="java"]
import java.io.Serializable;

import javax.ejb.Stateful;

import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;

@Stateful
@Name("captchaAction")
@Scope(ScopeType.SESSION)
public class CaptchaAction implements CaptchaInterface,
Serializable {

private static final long serialVersionUID = -4439063844300267504L;

public String getUrlCaptcha() {
return "/seam/resource/captcha?" + System.currentTimeMillis();
}

}
[/sourcecode]

CaptchaInterface.java
[sourcecode language='java']
import javax.ejb.Local;

@Local
public interface CaptchaInterface {
public String getUrlCaptcha();
}
[/sourcecode]

JSF page
[sourcecode language='html']

value="#{captchaAction.urlCaptcha}" />
required="true" />

[/sourcecode]

We have been working hard on a lot of new features and improvements over the past several months and we are finally at the stage where we can release it. Because of the large number of improvements and new features we have moved to major revision level 4 to indicate the large amount of work that has been carried out. A lot of the work is visible, but a lot of it isn't as it is in improved performance, better design, updated components and optimization in the database structures and software.

If you have had some of the recent updates you will have seen the nice new form design and the improved menu. We have continued to improve the look and experience for the user by adding some AJAX functionality. We are constantly working on improving the user experience with some great new killer features coming soon.

It is our intention to keep Elite Autoresponder the best autoresponder system on the market.

Some of the new features we have added include:

New ! Branding Page :

This makes it easier to re-brand the software without having to edit any of the existing templates. You use the built in WYSIWYG editor to design your page header and footer. You can also use the built in image uploader to upload the graphics that you want to use in your design.

New ! Security Tab :

We have added the ability to use a CAPTCHA image for the login page and new account sign up page. This is just a bit of added security to prevent automated systems from creating accounts or automated systems trying to guess logins and passwords. The one we chose to use to is the reCAPTCHA system which is very easy to setup. You just need to go to the reCAPTCHA website and register your domain to get the necessary security keys and enter them into the Security Tab on the System Configuration page.

New ! Can-Spam footer features :

Some new tools have been added to prevent problems with SPAM. We now have a message which can be added to the bottom of every email sent by the software. There is a Plain Text and HTML version which has some extra personalization tags which relate to the user sending the emails. So every email can be easily identified by the recipient as to who sent it. This will reduce the chances of legitimate emails being accidentally identified as unsolicited mail.

New ! Edit HTML Unsubscribe Link :

Something which has been asked for a few time is to be able to change the text used in the automatically generated unsubscribe link in HTML emails.

New ! Improved Database Performance :

Although Elite Autoresponder™ has excellent database performance, some of our customers have very large subscriber databases, containing several Millions of subscribers. We have have been working with them to improve the performance of certain aspects of the system. This resulted in a number of changes being made to the table structures within the database. This has delivered a significant improvement in performance and a reduced load on the MySQL database server.

بردلی آنیستیس، نایب رئیس محصولات مارشال در این زمینه می‌گوید « آنها در بخش امنیت ایمیل فناوری، OCR پیشرفته‌ای را توسعه داده‌اند تا با هرزنامه‌های تصویری مقابله کنند » وی می‌افزاید: «برخی از هرزنامه‌ فرستان از ابزارهایی که خود ایجاد کرده‌اند برای شکستن سد کپچا استفاده می‌کنند » با این‌که گذر از سد کپچا غیر‌ممکن نیست، اما تعداد بدافزار‌هایی که قادر به عبور از آن هستند، هنوز چندان زیاد نشده است. درحقیقت عبور از کپچا یکی از سخت‌ترین موانع موجود بر سر راه گسترش هرزنامه‌ها و بدافزارها است شاید به همین دلیل است که وی می‌گوید: «خیلی از شرکت‌ها و سایت‌ها هنوز از کپچا استفاده نمی‌کنند و این مشکل بزرگی محسوب می‌شود » حساب‌های کاربری هرزنامه‌ها در سایت‌های معتبری چون یاهو، گوگل و هات‌میل ایجاد می‌شوند و از این رو آدرس فرستنده از سایتی معتبر است؛ به‌این ترتیب استفاده از راهبردهای مسدود کردن هرزنامه با استفاده از آدرس فرستنده چندان موثر نیست.

Você pode inserir esse sistema no seu site e ajudar a digitalizar livros antigos.

No site http://recaptcha.net/ você pode baixar um plugin para o seu site e usar a verificação de caracteres desse site gratuitamente.

[/caption]

Today I've seen this for 1st time ever using the web. Registration page contained usual CAPTCHA... usual, until I've read the caption (marked in red rectangle in image).

Haven't ever heard (nor Wikipedia does) that CAPTCHA tests help digitize any texts.

UPD: investigation continued here.