Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...)

. oscar.vives at gmail.com
Wed Jan 23 12:20:07 UTC 2013


On 23 January 2013 09:45, Rich Kulawiec <rsk at gsp.org> wrote:
> On Mon, Jan 21, 2013 at 02:23:53AM -0600, Jimmy Hess wrote:
>> that   sort of abuse is likely need to be protected against
>> via a captcha challenge as well,
>
> Once again: captchas have zero security value.  They either defend
> (a) resources worth attacking or (b) resources not worth attacking.  If it's
> (a) then they can and will be defeated as soon as someone chooses to
> trouble themselves to do so.  If it's (b) then they're not worth the
> effort to deploy.  See, for example:

CAPTCHAS are a "defense in depth" that reduce the number of spam
incidents to a number manageable by humans.
Not all bot writers have the same quality. A lot of them are crappy.

Because of this, maybe are worth the effort.


--
--
ℱin del ℳensaje.



More information about the NANOG mailing list