W3C home > Mailing lists > Public > public-rqtf@w3.org > January 2019

Re: Redraft of CAPTCHA Conclusion Section

From: David Sloan <dsloan@paciellogroup.com>
Date: Mon, 21 Jan 2019 11:31:36 +0000
Message-Id: <C1D39052-BD9A-4288-AE44-4BE9CF0AA67B@paciellogroup.com>
To: "public-rqtf@w3.org" <public-rqtf@w3.org>
Hi Janina, all

I finally had time to read through the latest draft, and overall, it’s in very good shape—good work! I have a few suggested edits below, mainly editorial. Happy to discuss these further on this week’s call:

#1 §1, para 5

Current text reads "The point of distinction for people with disabilities is that a CAPTCHA not only separates computers from humans, but also often removes people with disabilities from performing the requested procedure.”

I’d suggest replacing “removes” with “prevents”.

#2 § 3.5.3 para 2

This paragraph’s text is prefixed with “Problems:”, which is inconsistent with other places where we assess limitations of methods used. I think identifying problems in this way could help a reader to quickly locate the content that summarises issues with a candidate solution, so maybe we should use this prefix more widely?

#3 § 3.5.4

I know we debated how to give the Hilton example in a way that allows us to convey the effect even if the example is subsequently removed, but the phrase “can be seen” still makes this paragraph vulnerable to becoming obsolete. Suggested rephrase in past tense (anticipating it may change in the future, yet we still have the link for people curious to see if it’s still there):

Hilton used an example of a honeypot CAPTCHA in the Sign In page for Hilton Honors, the Hilton Hotel Corporation's loyalty program website, with a prominent focusable field labeled: "This field is for robots only. Please leave blank.”

#4 Google reCAPTCHA

The section heading currently has no section number.

# 5 § 4.1.2

The current wording in the sentence on the Marrakesh Treaty could be interpreted to mean this applies globally, when my understanding is that it is limited to countries (states parties) that have signed and ratified the treaty. Suggest slight rewording (which may need further tweaking!):

An international copyright treaty administered by the United Nations' World Intellectual Property Organization (WIPO), known as the Marrakesh Treaty [marrakesh], provides for exceptions to national copyright law to allow copyrighted materials to be reproduced in specialized formats for print disabled users.

#6 Conclusion

Currently we use the text "Yet the need for a solution persists and will continue to persist.” The word “persist" to me implies a sense of continuity, so this sentence seems tautological. It’s also lacking an exit clause, unless we predict persistence for eternity. I’m not sure quite how to rephrase it while maintaining the effect of emphasising this is something that won’t go away soon.

#7 Conclusion

There are some typos: “governancea” “corelating”

#8 Conclusion

The sentence in para 3 beginning “It is rather ironic” seems to me to be a fairly strong opinion to include in a note on applicability of CAPTCHA to people with disabilities?

#9 Conclusion

Para 5, suggest qualifying “while some CAPTCHA solutions are better than others”. I think this should emphasise the focus of the note: “in terms of allowing people with disabilities to use them to prove they are human” or similar?

#10 General

The text is mostly written in third-person, but there are occasional uses of “we” (e.g. Google reCAPCHA section, para 6; § 3.2, para 7).

Dave



> On 17 Jan 2019, at 08:41, Janina Sajka <janina@rednote.net> wrote:
> 
> Thanks, Scott. This is a good catch! I've incorporated it in the
> js-captcha branch at:
> 
> https://raw.githack.com/w3c/apa/js-captcha/captcha/index.html#conclusion
> 
> Note that there are additional tweaks to those posted on list yesterday,
> so I'd appreciate a further read as you're able!
> 
> Also, I've swapped out our reference to the U.S. copyright provision
> known as the Chafee Amendment to a reference to the WIPO Marrakesh
> Treaty, though I've not updated the bibliography on this point yet. I
> think I'll leave that to Michael or Jason as I'm unfamiliar with the
> markup subtelties.
> 
> I'm surprised none of us caught the Marrakesh anachronism for so long in
> our work on this document! <grin>
> 
> Janina
> 
> 
> Scott Hollier writes:
>> To Janina
>> 
>> This looks great! Only one suggested change. 
>> 
>> Change: 
>> 
>> " Furthermore, it must be acknowledged by anyone who deploys such a solution that they are also participating in exposing their..."
>> 
>> To: 
>> 
>> " Furthermore, deployers of such solutions should be aware that they are participating in exposing their..." 
>> 
>> Just a slight tweak to make it less personal and argumentative. 
>> 
>> Otherwise +1 from me. 
>> 
>> Scott. 
>> 
>> Dr Scott Hollier 
>> Digital Access Specialist 
>> Mobile: +61 (0)430 351 909
>> Web: www.hollier.info
>>  
>> Technology for everyone
>>  
>> Looking to upskill your staff with digital access training? Fill the room for one flat fee. 
>>  
>> Keep up with digital access news by following @scotthollier on Twitter and subscribing to Scott's newsletter. 
>> 
>> -----Original Message-----
>> From: Janina Sajka <janina@rednote.net> 
>> Sent: Wednesday, 16 January 2019 10:49 PM
>> To: public-rqtf@w3.org
>> Subject: Redraft of CAPTCHA Conclusion Section
>> 
>> As discussed in the call today ...
>> 
>> Conclusion
>> 
>> 
>> CAPTCHA has evolved over time. This has included the development of several alternatives to text-based characters contained in bitmapped images, some of which can serve to support access for persons with disabilities. However, it has also been demonstrated not only that traditional CAPTCHA continues to be challenging for people with disabilities, but also increasingly insecure and arguably now ill suited to the purpose of distinguishing human individuals from their robotic impersonators.
>> 
>> Yet the need for a solution persists and will continue to persist.  It is therefore highly recommended that the purpose and effectiveness of any deployed solution be carefully considered before adoption, and then closely monitored for effective performance. As with all good software and on line content provisioning, analysis should begin with a careful consideration of system requirements and a thorough profiling of user needs.
>> 
>> Clearly, some solutions such as Google's reCAPTCHA, Facebook Connect, two-step or multi-device verification can be easily and affordably deployed. Yet problems persist even in these systems, especially for non English speakers.  Furthermore, it must be acknowledged by anyone who deploys such a solution that they are also participating in exposing their users to a massive collection of personal data across multiple trans-national big data systems and quite apart from any regulatory governance.
>> 
>> It is important, therefore, also to consider available stand-alone solutions such as honeypots and heuristics, along with current image and aural CAPTCHA libraries that support multiple languages. As always, testing and system monitoring for effectiveness should supply the ultimate determination, even as we recognize that an effective system today may prove ineffective a few years from now.
>> 
>> In other words, while some CAPTCHA solutions are better than others, there is currently no ideal solution. It is important to exercise care that any implemented CAPTCHA technology correctly identify people with disabilities as human.
>> 
>> -- 
>> 
>> Janina Sajka
>> 
>> Linux Foundation Fellow
>> Executive Chair, Accessibility Workgroup:	http://a11y.org
>> 
>> The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI)
>> Chair, Accessible Platform Architectures	http://www.w3.org/wai/apa
>> 
>> 
> 
> -- 
> 
> Janina Sajka
> 
> Linux Foundation Fellow
> Executive Chair, Accessibility Workgroup:	http://a11y.org
> 
> The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI)
> Chair, Accessible Platform Architectures	http://www.w3.org/wai/apa
> 
> 

--
David Sloan
--
UX Research Lead
The Paciello Group
https://www.paciellogroup.com

A Vispero Company
https://vispero.com
--
This message is intended to be confidential and may be legally privileged. It is intended solely for the addressee. If you are not the intended recipient, please delete this message from your system and notify us immediately.
Any disclosure, copying, distribution or action taken or omitted to be taken by an unintended recipient in reliance on this message is prohibited and may be unlawful.
Received on Monday, 21 January 2019 11:32:01 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 17 January 2023 20:26:45 UTC