E-mail List Archives

Re: NoCAPTCHA reCAPTCHA accessibility testing updates?

for

From: Cliff Tyllick
Date: Aug 31, 2015 9:02AM


> Although if it became widespread, a computer could solve it just as easily.

If a computer could solve it only as easily as a human, that would still be an improvement on current audio CAPTCHAs. One study showed that computers did better than humans against audio CAPTCHAs in use at that time by google.com and digg.com:

http://www.captcha.net/Breaking_Audio_CAPTCHAs.pdf

When you consider the impact of frustration—humans have usually dropped out no later than the second failed attempt and never seem to try more than 5 times; computers never tire out—then computers do far better than humans at solving current audio CAPTCHAs.

I guess that still accomplishes the objective of telling computers and humans apart: if it solves the audio CAPTCHA on the first attempt, it's probably a computer. If it's still trying after 5 failures, it definitely is a computer.

So even if Mollom's approach gives humans only equal footing with computers, it's still a significant improvement.

Cliff Tyllick
Accessibility Specialist
Texas Department of Assistive and Rehabilitative Services
<EMAIL REMOVED>
512-377-0366

Sent from my iPhone
Although its spellcheck often saves me, all goofs in sent messages are its fault.

>> On Aug 31, 2015, at 9:07 AM, <EMAIL REMOVED> wrote:
>>
>> On Mon, 31 Aug 2015, Gijs Veyfeyken wrote:
>>
>> Mollom (https://www.mollom.com/ <https://www.mollom.com/>) uses the phonetic alphabet (alpha, bravo, charlie,...), making the audiocaptcha very easy to solve, even if you're hard of hearing.
>
>
> I loved that, and did find it both accessible and easy to solve. Although if it became widespread, a computer could solve it just as easily.
>
> Like all audio captchas, it doesn't help deafblind people.
>
> I am still very fond of TextCaptcha (http://textcaptcha.com/), although that site as it exists is English-only, and certainly has cognitive disability implications.
>
> To be fair, every single captcha that exist has cognitive disability applications; TextCaptchas are merely much more obvious.
>
>> But SPAM-prevention that doesn't require an action from the user is still the best way to go (honeypot, time analysis or other).
>
> Agreed.
>
> If you make the garbage can so secure that a bear cannot get into it, it will be too secure for hikers to bother using. I know the bear-proof trash can analogy for security-related UX has been made for at least a decade -- http://innocuous.org/articles/2010/11/21/captchas-the-bear-proof-trash-can-problem/ is one example -- but that's because it's a good one. The arms race against spammers is much like the arms race against password crackers; if you are fighting against those who are willing to throw armies of pennies-on-the-solve labor or massive bitcoin-mining systems against a problem you want rank-and-file users to be able to solve, you are going to lose. Pick a different battle.
>
> Until then, the real losers are going to be people with physical disabilities (whose technological solutions to computer use often resemble automated captcha solvers), or people with cognitive disabilities (who can be stymied by many types of problems computers can solve).
>
> Deborah Kaplan
> > > >