[Pdx-pm] Kwiki - is captcha broken in some way?
Keith Lofstrom
keithl at kl-ic.com
Wed Nov 17 08:47:37 PST 2010
I am using moin moin for most of my wikis, but I am still using
Kwiki for some of the older ones - I have not had time to do a
laborious content migration.
I set up the Scode 6 digit captcha system, but that did not stop
the bad guys. I assumed they had a room full of pennies-a-day
third world workers reading the captchas and typing them in.
So I diddled the captcha code, asking the user to jump through
the slight hoop of subtracting the displayed number from 999999,
changing a few lines of code to implement. A quick fix, I
thought, a small effort for real users but too much effort for a
bot or a person who can't read english or too busy for mental math.
Three days later, more wikispam. I'm going to change the
algorithm again, not disclosing it, but I suspect I will get
even more wikispam, because the bad guys have some way of
circumventing the captcha.
PDX perlmongers uses Kwiki - is there a good way to keep the
vandals out, beyond locking down write permissions on the server?
Is there a known flaw in Scode? Is there some automated way to
migrate Kwiki to Moin? Is there some way to track the vandals
back to their home, and hack WOPR/NORAD to glass their city? :-\
Keith.
--
Keith Lofstrom keithl at keithl.com Voice (503)-520-1993
KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon"
Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs
More information about the Pdx-pm-list
mailing list