Hello,
As many times mentioned, people using authimage captcha are desperate to
upgrade to mediawiki1.5.
The image is shown, but it doesn't validate. Surely because of SESSION
pecularities since mediawiki 1.5
If someone is smart enough to create a captcha, could he simply get this
one working.
Desperately yours
François
Tino Reichardt wrote:
* Brion Vibber <brionatpobox.com> wrote:
I've been tinkering with an extension to
provide for a captcha to
reduce
automated linkspamming while still staying out of the way for common
use.
Yes.
My preliminary code is running now on
test.leuksman.com; the actual
"captcha" part is a really primitive plain text hack which would take
all of a few minutes for a dedicated attacker to crack, but don't
worry
about that -- I'm not testing the protection yet, just the framework
it
plugs into.
Is
test.leuksman.com down ?
As for a 'real' captcha generator to put
into this system; I'm not too
sure what code is already out there that's not awful. There's a Drupal
plugin which would be easy to rip GPL'd PHP code from, but it doesn't
seem very robust.
Maybe you take a look to this (temporary) site:
http://www.mcmilk.de/projects/wiki-captcha/
I just wrote it for my own wiki today ...
For testing:
http://www.mcmilk.de/wiki/extensions/captcha/
There's a set of samples of various captcha
output and their
weaknesses
here:
http://sam.zoy.org/pwntcha/
Hm... I think my version belongs to the better ones ... and it should be
easy, to add some more features.
Obviously it would be good to either find
something on the 'hard
captchas' list rather than 'defeated captchas', or roll our own that
doesn't suck too bad.
Does my suck too bad ;) ?
There's also the question of whether we can
feasibly provide an audio
alternative or whathaveyou.
I have no one :)