(01-13-2011 07:50 PM)Banalyst Wrote:  You do not know how this (btw legitimate and big) business works. Human solvers do not directly interact with web resources being cracked (in order to be legitimate, cheap and automatizable).  
KeyCAPTCHA can't be re-transmitted to 3d parties.

I fail to see how it cannot be transferred to third parties.  Just because you don't know how doesn't mean it's not possible.

(01-13-2011 07:50 PM)Banalyst Wrote:  "In fact, it [reCAPTCHA] became pretty useless on 4 January [2011] when spammers apparently got their collective hands on a piece of software that circumvents reCAPTCHA and allows for a fully automated registration process. The bots have been busy, very busy indeed, ever since"

Read more:
vBulletin forums hit by reCAPTCHA cracking spam bot | PC Pro blog http://www.pcpro.co.uk/blogs/2011/01/12/...http://www.pcpro.co.uk/blogs/2011/01/12/vbulletin-forums-hit-by-recaptcha-cracking-spam-bot/?DCMP=NLC-Newsletters#ixz

How about we quote some other parts of the article?

Quote:Google officially remains adamant that there is no problem with the reCAPTCHA system, which it operates. A Google spokesperson told PC Pro that it has “found reCAPTCHA to be far more resilient than other options while also striking a good balance with human usability”.

In other words, Google claims that it isn't a problem with the captcha system.  Considering the article only considers vBulletin forums and not the numerous other websites which use reCAPTCHA, one may think it just to be the vBulletin implementation which has flaws.

More support:

Quote:A Google source who did not wish to be quoted directly confirmed that the company had recently noted a higher amount of spam getting through on some forums, but insisted there was no evidence to suggest it was automated or impacting on larger sites.

And

Quote:Yet that same Google source insists the company modifies algorithms “rapidly to respond to new types of automated attacks” and any type of spam increase will not remain for long if it’s bot-produced.

Sounds very much like the claims that you're making with your system there...

(01-13-2011 11:09 PM)ZiNgA BuRgA Wrote:  In other words, Google claims that it isn't a problem with the captcha system

Why, then, Google does not use reCAPTCHA by none of its own on-line services, for ex., during Gmail registration, etc., only offers it to be used by others?

Do you expect Google to admit flawness of reCAPTCHA, i.e to advise everybody to start killing its goose that lays them the  golden eggs?

As I am not Google, I cannot answer that.  Perhaps it's because they only acquired reCAPTCHA more recently and haven't switched over systems, or maybe it's because they feel it too complicated to use for users, or maybe, it's just as you say, it sucks too much for them.

However, if it really is so bad, then why would everyone use it in the first place?

(01-14-2011 03:13 AM)Banalyst Wrote:  Do you expect Google to admit flawness of reCAPTCHA, i.e to advise everybody to start killing its goose that lays them the  golden eggs?

No, but I expect any captcha type service to do exactly the same, not just Google.
In fact, your entire business model lies on the effectiveness of your captcha system, whereas this isn't the case for Google.  If you want to view this issue from this perspective, I think it would be the small services which would most likely not admit flawness of one's system.

(01-14-2011 08:10 AM)ZiNgA BuRgA Wrote:  However, if it really is so bad, then why would everyone use it in the first place?

Is it rhetorical questioning for the sake of questioning?
Why does everybody eat fast-food if everyone knows it is bad for health?
Because it looks appealing, everybody eats it, ubiquitously advertised and accessible.
Because it is how money is being made.

Why is spamming so lucrative, if it is that bad?
Why does everybody hate and, at the same time, consume and promote it?
Because it is how money is made or saved

(01-14-2011 03:00 PM)Banalyst Wrote:  Because it is how money is being made.

I don't think people eat fast food because restaurants make money.  At least not directly.

(01-14-2011 03:00 PM)Banalyst Wrote:  Why is spamming so lucrative, if it is that bad?

That's because spamming is not "bad".  It's an annoyance to the majority, yet it is lucrative for a minority.  If it was "bad", no-one would be spamming.  And it's also why everyone doesn't go around spamming either.


All I can derive from you is that existing captcha systems are "bad" because they apparently get cracked, and automated spam just floods in.  Yet everyone still uses them to guard against automated submissions.  If it is as bad as you seem to put it, they're effectively using an anti-bot system that doesn't stop bots.  Which, using your examples, is like buying food [for yourself] you cannot eat.
Now, not everyone eats fast food - I'm certain a major proportion of people don't, at least on a regular basis (me included).  I dunno if this is the case in the obesity infested USA, but over here, there's plenty of people who don't buy fast food, one of the primary reasons of it being bad for health.
If an anti-bot system is rather useless against stopping bots, why would the majority use it?  Rhetorical question?  I think not.  Maybe there are lots of idiots out there, but I'm sure there would be many others using alternative systems, but I have seen little evidence of this.

Your system is quite an interesting idea.  And from what you seem to be saying, it's probably a good implementation.  I do question the ability of the system to stop automated solving attempts - I'm looking at algorithmic complexity to do so, and from what I can tell, it seems easier to write an algorithm to solve KeyCAPTCHA puzzles than regular CAPTCHAs (ignoring obfuscation techniques used, as obscurity != security).  You say that it can be changed, which, certainly it can be, however, I cannot assess how effective they'll be against a well tuned algorithm since I cannot predict your changes.

Ultimately, I do think your solution will block automated registrations, but not necessarily because it is resistant to bot answering.  There's a few usability issues with KeyCAPTCHA over regular CAPTCHAs which will probably hamper its success; if anything, familiarity to regular CAPTCHAs is one thing.
But perhaps your system isn't aimed at being a new standard, and more about success to another degree.
Either case, good luck.  I think we can just agree to disagree with most points here.

(01-13-2011 07:16 PM)ZiNgA BuRgA Wrote:  I didn't read.  I really don't think this sort of thing should require reading, and I certainly wouldn't expect it from my users.
I got the assemble geometric shapes puzzle, and from the image in the corner, it looks like all I have to do is assemble one of them, not every single piece

It is intuitive and supposed to be passable without any instructions. Our statistics shows that more than 98% of visitors pass it from the first attempt  and in less that 9 secs.

Seems like we are getting passionate volunteers helping us.
Please see their video on how to use and install keycaptcha. From 0:23 to 0:28 sec за it illustrates the pssing by visually (color blind) deficient visitors upon pressing on wheelchair (handicap) button

(01-15-2011 07:00 PM)Banalyst Wrote:  It is intuitive and supposed to be passable without any instructions. Our statistics shows that more than 98% of visitors pass it from the first attempt  and in less that 9 secs.

Again, I don't think that 98% is representative of the general population.  Certainly, the average Joe isn't going to be using your website.
Since the system _is_ aimed at a far greater population than the target audience of your website, I really don't think that's a good statistic to rely upon.

And regardless, it may be intuitive to you, and perhaps 98% of other people, but it wasn't intuitive to me.  The picture in the corner suggested to me that only one pair needed to be matched up.
If you think I'm just stupid, then be that way.  I don't really care, since I don't see your system being widely employed anyway.

It actually made me think. If they put in captchas that are difficult to answer, it makes you think if they really want member with them

For a spammer like you, I don't think many people would want you as a member...

Sound promising. The brand-new: Tato AntiSpam Plugin! - 0.1.