From: Gregory J. Rosmaita <oedipus@hicom.net>

Date: Thu, 18 Mar 2010 18:42:01 +0000

To: "Charles McCathieNevile" <chaals@opera.com>, public-html-a11y@w3.org

Cc: "Silvia Pfeiffer" <silviapfeiffer1@gmail.com>, "Steven Faulkner" <faulkner.steve@gmail.com>, "John Foliot" <jfoliot@stanford.edu>

Message-Id: <20100318183614.M77662@hicom.net>

Date: Thu, 18 Mar 2010 18:42:01 +0000

To: "Charles McCathieNevile" <chaals@opera.com>, public-html-a11y@w3.org

Cc: "Silvia Pfeiffer" <silviapfeiffer1@gmail.com>, "Steven Faulkner" <faulkner.steve@gmail.com>, "John Foliot" <jfoliot@stanford.edu>

Message-Id: <20100318183614.M77662@hicom.net>

aloha, chaals! you make several excellent points about: a) the need for an effective means of determining whether a user is a machine or human; b) the need for multi-modal CAPTCHA alternatives (not simply the boolean visual and audio options) c) the efforts of others to surmount the human-or-machine challange; however, what is a simple equation to you or me, may not be so simple to users with various forms of cognative issues... the best example of such a challange (and the first of its kind i encountered) is the quote simple unquote mathematical equation which norman walsh (member of the TAG) uses to verify that commentors on his blog are humans http://norman.walsh.name/ when i first tried norm's solution i had a screaming migraine at the time, and couldn't figure out a simple multiplication equation -- hence, my comments never made it to norm's blog feedback section, and i became "sensitized" to the cognative issues inherent in a logical/mathematical query... the other thing that worries me about the use of equations as an alternate to CAPTCHA, is that sooner, rather than later, equations will be expressed as a series of graphics, in order to (a) stop a bot from screen-scraping, and (b) sell graphical equations under the rubric that they provide double protection - protection from a text-readng bot, because the graphical components of the equation will not be ALT texted, as that would make it possible for a bot to obtain the equation, and, if smart enough, solve it... i discussed approaches to human-verification tests in 2006 with daniel dardailler, who believes that a simpler solution is to use logical questions that are based on human experience and not on mathematical eequations, which computers are quite able to compute... for example: Q: what happens when you touch a hot stove? Q: what do you do when someone tells you a funny joke? and other human-related quote real world unquote challanges... these, however, are culturally-based queries, and many have more than one correct answer (for example, when i touch a hot stove, i swear a blue streak, whereas the answer the question may simply be a variation on "get burnt" "burn hand" "burn myself"; moreover, any natural language challange presents an immediate internationalization problem, which is why implementors such as norm walsh chose the quote universal unquote language of mathematics... dave poehlman also had an interesting idea -- express the equation in words; for example: Q: seven minus five equals: a good idea to ward off bots, but there is still the problem of one person's simple equation being another person's nightmare... for more information on CAPTCHA discussions which have transpired since the publication of the Turing Test note, please refer to the CAPTCHA note update wiki page, located at: http://www.w3.org/WAI/PF/wiki/CAPTCHA_v2 gregory. --------------------------------------------------------------------- A conclusion is simply the place where someone got tired of thinking. -- Arthur Bloc --------------------------------------------------------------------- Gregory J. Rosmaita - oedipus@hicom.net AND gregory@ubats.org Camera Obscura: http://www.hicom.net/~oedipus/ United Blind Advocates for Talking Signs (UBATS): http://ubats.org --------------------------------------------------------------------- ---------- Original Message ----------- From: "Charles McCathieNevile" <chaals@opera.com> To: "Silvia Pfeiffer" <silviapfeiffer1@gmail.com>, "Steven Faulkner" <faulkner.steve@gmail.com> Cc: "John Foliot" <jfoliot@stanford.edu>, "Gregory J. Rosmaita" <oedipus@hicom.net>, public-html-a11y@w3.org Sent: Thu, 18 Mar 2010 17:44:34 +0100 Subject: Re: keep CAPTCHA out of HTML5 > On Wed, 17 Mar 2010 23:28:17 +0100, Steven Faulkner > <faulkner.steve@gmail.com> wrote: > > > Hi laura, I am happy to modify the example to include warnings about the > > essential inaccessibility of captcha and recommend it not be used, but > > think that for cases when it is used, advice on how to make it accessible > > as possible is still a good thing. > > Agreed. CAPTCHAs are bad. But they also solve a real problem, > and working out an alternative solution is important. Rather > than removing the example > (which I think will lead to people assuming that you can just > leave alt off CAPTCHA images) it should explain what sort of > alt can improve the accessibility of the CAPTCHA. > http://cssquirrel.com shows one example technique - making the > question one based on processing a question. A related example > is mathematical questions. > > (More detailed thoughts: > > Although they are not foolproof, we find that CAPTCHAs are, in > certain important cases (generally the ones involving broad > exposure to the public, like commenting on blogs) actually > reasonably succesful in reducing spam. (I.e. they don't stop it, > but they reduce it by orders of magnitude, which allows the > human filtering processes we add to have a chance of keeping up > with the work). > > There are some CAPTCHAs which are tests of cognition - asking > questions. We have used simple mathematical questions. Kyle > Weems' CSSquirrel cartoons ask readers to identify a certain > image from a set - they do contain alt text explaining what > they are, but increase the cognitive leap and required > background knowledge. All of these schemes are vulnerable to > eventual cracking, and authentication solutions are great - but > it turns out that a lot of authentication solutions, in order > to allow scalability, need a shortcut to determine whether > someone is a human - so they use a CAPTCHA. > > cheers > > Chaals ------- End of Original Message -------Received on Thursday, 18 March 2010 18:42:45 UTC

*
This archive was generated by hypermail 2.4.0
: Friday, 17 January 2020 19:55:33 UTC
*