in reply to Re^3 : Another way to get around automated bots (fake IP)
in thread Another way to get around automated bots
Adrian & Tye,
you chaps are quite right, I had forgotten about the whole unreliability thing with IPs for a moment there, it creates a lot of issues. And the danger of blocking proxies, very tricky. Hmmm. What I was attempting to address is the possibility to just brute the form by selecting all the options sequentialy. Or one could just exhaust the list of questions and pay someone to handball the results </blackhat> Hmm, OK. Let's say we immediately change to another question, but we also present the choices in a random order each time, that's an improvement.
@ Nkuvu, Sorry, it was a flippant example, in reality we would choose something far simpler. Besides it was a trick question, there is one there that you _KNOW_ doesn't have a moustache, but he's not a real dictator. Also all the others were democratically elected in a valid vote at least once in their political careers and _then_ went crazy :)
I have heard other ideas too, such as getting the client to solve a costly puzzle (in code) so that a bot wouldn't be able to get up much speed. Unfortunately this makes the presumption that the client will let the server instruct it to execute arbitary code, which is obviously bad.
I think what I am trying to say is, as a general principle you need to find a puzzle that humans can easily solve but a machine cannot. In the end, if you make too many hoops for users to jump through they will just go to another site as Nkuvu says.
you chaps are quite right, I had forgotten about the whole unreliability thing with IPs for a moment there, it creates a lot of issues. And the danger of blocking proxies, very tricky. Hmmm. What I was attempting to address is the possibility to just brute the form by selecting all the options sequentialy. Or one could just exhaust the list of questions and pay someone to handball the results </blackhat> Hmm, OK. Let's say we immediately change to another question, but we also present the choices in a random order each time, that's an improvement.
@ Nkuvu, Sorry, it was a flippant example, in reality we would choose something far simpler. Besides it was a trick question, there is one there that you _KNOW_ doesn't have a moustache, but he's not a real dictator. Also all the others were democratically elected in a valid vote at least once in their political careers and _then_ went crazy :)
I have heard other ideas too, such as getting the client to solve a costly puzzle (in code) so that a bot wouldn't be able to get up much speed. Unfortunately this makes the presumption that the client will let the server instruct it to execute arbitary code, which is obviously bad.
I think what I am trying to say is, as a general principle you need to find a puzzle that humans can easily solve but a machine cannot. In the end, if you make too many hoops for users to jump through they will just go to another site as Nkuvu says.
|
|---|
In Section
Cool Uses for Perl