Hi all;
Solving captcha during registration is mandatory. Can this be replaced with a sound captcha for visual impairment people? It is a suggestion to the usability project too. Thanks.
Regards, emijrp
emijrp wrote:
Hi all;
Solving captcha during registration is mandatory. Can this be replaced with a sound captcha for visual impairment people? It is a suggestion to the usability project too. Thanks.
Regards, emijrp
That's an old bug https://bugzilla.wikimedia.org/show_bug.cgi?id=4845
Do you have an appropiate sound captcha implementation?
I believe reCaptcha has it implemented as part of their service (we do/did have a extension to implement theres) but then we would have to reply on third party servers.
On Sat, May 15, 2010 at 5:27 PM, emijrp emijrp@gmail.com wrote:
Solving captcha during registration is mandatory. Can this be replaced with a sound captcha for visual impairment people?
In theory, yes. Someone needs to provide the code, though. For now, people who want to sign up and can't solve a captcha can request that an admin make an account for them, like people whose IP addresses are blocked. I think enwiki has a toolserver project dedicated to that.
On Sun, May 16, 2010 at 12:00 PM, Aryeh Gregor Simetrical+wikilist@gmail.com wrote:
In theory, yes. Someone needs to provide the code, though. For now, people who want to sign up and can't solve a captcha can request that an admin make an account for them, like people whose IP addresses are blocked. I think enwiki has a toolserver project dedicated to that.
The en.wikipedia project for that resides at [[WP:ACC]](1), The toolserver system from memory is a request type system (although that may of changed since I last looked), where as the actual accounts are created on site using the [[Special:CreateAccount]](2) special page, there is a limit for that system so that a user may only create so many accounts per hour, but we do (or did) have a override for that
(1). http://en.wikipedia.org/wiki/Wikipedia:ACC (2). http://en.wikipedia.org/wiki/Special:UserLogin/signup
-Peachey
On Sun, May 16, 2010 at 11:09 AM, K. Peachey p858snake@yahoo.com.au wrote:
I believe reCaptcha has it implemented as part of their service (we do/did have a extension to implement theres) but then we would have to reply on third party servers.
Yes, reCaptcha does. However iirc it has been rejected in the past because of both the reliance on 3rd party servers and not all the code is open. - Chris
Perhaps, we can offer two captchas. First, the current one, and a link with this label "if you can't read this captcha, try this one" and a link to the sound reCAPTCHA. Requesting an account to admins is not a good solution (perhaps as a third option).
Regards, emijrp
2010/5/16 Christopher Grant chrisgrantmail@gmail.com
On Sun, May 16, 2010 at 11:09 AM, K. Peachey p858snake@yahoo.com.au wrote:
I believe reCaptcha has it implemented as part of their service (we do/did have a extension to implement theres) but then we would have to reply on third party servers.
Yes, reCaptcha does. However iirc it has been rejected in the past because of both the reliance on 3rd party servers and not all the code is open.
- Chris
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
On Sun, May 16, 2010 at 3:04 AM, Christopher Grant chrisgrantmail@gmail.com wrote:
On Sun, May 16, 2010 at 11:09 AM, K. Peachey p858snake@yahoo.com.au wrote:
I believe reCaptcha has it implemented as part of their service (we do/did have a extension to implement theres) but then we would have to reply on third party servers.
Yes, reCaptcha does. However iirc it has been rejected in the past because of both the reliance on 3rd party servers and not all the code is open.
- Chris
Yes, and I think that makes it pretty much a non-starter for both reasons. Nothing's really changed there.
-Chad
Interesting thread in Jimbo's talk page[1] from June 2008.
[1] http://en.wikipedia.org/wiki/User_talk:Jimbo_Wales/Archive_37#Wikipedia_and_...
2010/5/16 Chad innocentkiller@gmail.com
On Sun, May 16, 2010 at 3:04 AM, Christopher Grant chrisgrantmail@gmail.com wrote:
On Sun, May 16, 2010 at 11:09 AM, K. Peachey p858snake@yahoo.com.au
wrote:
I believe reCaptcha has it implemented as part of their service (we do/did have a extension to implement theres) but then we would have to reply on third party servers.
Yes, reCaptcha does. However iirc it has been rejected in the past
because
of both the reliance on 3rd party servers and not all the code is open.
- Chris
Yes, and I think that makes it pretty much a non-starter for both reasons. Nothing's really changed there.
-Chad
foundation-l mailing list foundation-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/foundation-l
On 16/05/10 07:27, emijrp wrote:
Hi all;
Solving captcha during registration is mandatory. Can this be replaced with a sound captcha for visual impairment people? It is a suggestion to the usability project too. Thanks.
Audio CAPTCHAs, like visual CAPTCHAs, are not accessible for all people and do not conform to W3C accessibility guidelines. What's more, they're easier to crack than visual CAPTCHAs due to their one-dimensional nature. This is especially true if you use a public source dictionary of spoken phrases, against which an FFT correlation can be run.
I think we should get rid of the CAPTCHA altogether and just rely on URL blacklists, rate limiting and a semi-automated tag and revert system. At least it's future-proof. Our visual CAPTCHA can already be cracked. Some day, every spammer will have access to a library capable of solving it.
-- Tim Starling
Tim Starling wrote:
Audio CAPTCHAs, like visual CAPTCHAs, are not accessible for all people and do not conform to W3C accessibility guidelines. What's more, they're easier to crack than visual CAPTCHAs due to their one-dimensional nature. This is especially true if you use a public source dictionary of spoken phrases, against which an FFT correlation can be run.
Just as with image captchas, you'd need to introduce noise into it.
I have been trying flite, and didn't find the synthesized text too understable by itself. :(
On 17 May 2010 20:05, Platonides Platonides@gmail.com wrote:
Tim Starling wrote:
Audio CAPTCHAs, like visual CAPTCHAs, are not accessible for all people and do not conform to W3C accessibility guidelines. What's more, they're easier to crack than visual CAPTCHAs due to their one-dimensional nature. This is especially true if you use a public source dictionary of spoken phrases, against which an FFT correlation can be run.
Just as with image captchas, you'd need to introduce noise into it.
If you are working from known constituents, you can use cross-correlation to ignore noise pretty effectively (I believe it's what humans do). The choice then is either to make the noise sound like the captcha's numbers (google's approach), which is very hard to solve (at least I find it so), or to use ReCAPTCHAs vast database of unknown sound files (with noise added to obscure the phonemes). The human brain is capable of filling in completely obscured phonemes in order to make the sentence "make sense" (assuming they speak the language in question - another usability problem with these), something that computers are not yet so good at.
It's likely to be much easier to improve the "request an account from a human" process - which has inbuilt rate-limiting, a little bit of turing test, and a nice splash of common sense that is so hard to instill in an automated system. (Alternatively we could just implement an insecure audio captcha, "safe" in the knowledge that no-one has enough motivation to crack it - I imagine the implementation would still take significant effort)
I have been trying flite, and didn't find the synthesized text too understable by itself. :(
In which case a computer could probably solve them better than you :).
Conrad
Conrad Irwin wrote:
Just as with image captchas, you'd need to introduce noise into it.
If you are working from known constituents, you can use cross-correlation to ignore noise pretty effectively (I believe it's what humans do). The choice then is either to make the noise sound like the captcha's numbers (google's approach), which is very hard to solve (at least I find it so), or to use ReCAPTCHAs
Funny. It turns out that now Recaptcha belong to Google.
vast database of unknown sound files (with noise added to obscure the phonemes). The human brain is capable of filling in completely obscured phonemes in order to make the sentence "make sense"
I wonder if we could abuse Wikimania presentations audio asking to write each word from it.
(assuming they speak the language in question - another usability problem with these),
Certainly. That's a very big drawback on adding audio captchas to WMF prjects.
It's likely to be much easier to improve the "request an account from a human" process - which has inbuilt rate-limiting, a little bit of turing test, and a nice splash of common sense that is so hard to instill in an automated system.
That would be removing the "Completely Automated" part :) It's not a bad idea, but what should we ask them? A too open textarea leads to "Plz make an account" reasons which have very little Turing entropy. "Please summarise the Main Page featured article so we know that you have a decent brain" would be more secure, but our users wouldn't be too happy with that.
I have been trying flite, and didn't find the synthesized text too understable by itself. :(
In which case a computer could probably solve them better than you :).
Surely. I suspect that would be quite easy to crack by comparing with each phonema. :)
On 18/05/10 05:05, Platonides wrote:
Tim Starling wrote:
Audio CAPTCHAs, like visual CAPTCHAs, are not accessible for all people and do not conform to W3C accessibility guidelines. What's more, they're easier to crack than visual CAPTCHAs due to their one-dimensional nature. This is especially true if you use a public source dictionary of spoken phrases, against which an FFT correlation can be run.
Just as with image captchas, you'd need to introduce noise into it.
I have been trying flite, and didn't find the synthesized text too understable by itself. :(
You have to introduce enough noise into it to defeat the computer, but not so much as to defeat the human. I've done some experiments myself, and I've read some articles on audio CAPTCHA design, and I'm not convinced it's possible.
I've seen an open-source audio CAPTCHA that uses speech synthesis, it seemed to be just designed as a deterrent. Like MathCaptcha, it'll only work until someone could be bothered to crack it.
If you use a public dictionary of spoken phrases, then the task is correlation, which is probably easier for computers than for humans. If you use a secret dictionary, then the task is speech recognition, which is more difficult. But if the dictionary is too small, then it's vulnerable to reduction to correlation, using precomputed or human-solved phrases.
-- Tim Starling
wikitech-l@lists.wikimedia.org