I have 120 lists and thousands of blind and visually impaired users,
and if I were to implement any kind of captcha I would have a riot on
my hands!!!
David Andrews
At 06:19 PM 5/3/2008, you wrote:
> On 5/3/08, Zbigniew Szalbot wrote:
> > If the unsubscribe script cannot be exploited
remotely, then
> > I do not see probing as a real threat (especially if
additionally secured
> > by some captcha code or the like).
Note that people seem to really want one-click unsubscription.
CAPTCHA violates that design goal bigtime.
Brad Knowles writes:
> CAPTCHAs are not secure.
CAPTCHA-meme, die! Die, die, die, I say! Die-die-die-die-die!
Anyway, what Brad said being taken as given, what seems to be the case
is that trivial CAPTCHAs like
<!-- Guess which FAQ-o-matic uses this CAPTCHA, successfully AFAIK! -->
<form>
Please type "CAP-ME" in the box:
<input type="password" size="32"
name="nobody_would_guess_im_a_captcha_cause_theres_no_image">
<submit>
</form>
give all the protection that a CAPTCHA can give. This is somewhat
effective, because if the 'bot doesn't expect that particular CAPTCHA,
it will lose. And that's the best you can do.
What I conclude is that CAPTCHAs are a reasonable way for some low-to-
moderate-traffic sites to shift the burden of spam-fighting to their
users and to other sites, but that if Mailman ever implemented one,
that would immediately make Mailman sites a target for automated
CAPTCHA breaking. So sites serious about using CAPTCHA to discourage
spamming would need to implement their own, anyway.
------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/dandrews%40visi.com
Security Policy:
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
--
No virus found in this incoming message.
Checked by AVG.
Version: 7.5.524 / Virus Database: 269.23.8/1412 - Release Date:
5/2/2008 4:34 PM
------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy:
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
