Technology
Negative Captcha

negcaptcha_20070204.jpg
Here’s an interesting thought. The flip side of “prove you aren’t a robot,” is “prove you are human.”

Though it’s no easier to prove, at least it places the onus of proof on the spam bot and not your human guests. It’s subtle, but there’s a philisophical difference between requiring people to do something that is difficult for a machine, versus asking the machine to do what a real human will do naturally.

Damien Katz writes about one way to approach this problem with the use of CSS.

It’s a neat idea, instead of asking the user to prove he’s human, it instead tricks the spam bot into revealing it’s a bot. It does this with a email field that is hidden from the user by CSS.

When a human user fills out the form, the hidden field will always be blank. But when filled out by a spam bot, it doesn’t know the field is supposed to be hidden, so it adds a bogus email address and submits the form. When the back-end code sees the email in the posting, it knows the email was filled in by a bot and ignores the whole submission.

It’s not perfect—this won’t stop custom-coded spam attacks—but it does kill some of the automated, roving, spider-based comment spam. Working negative captcha methods into a dynamic changing-key system (much like current captcha but transparent to your human users) is the obvious next step, and I bet we’ll be seeing (or should I say “not seeing”) stuff like this very soon. – Link.

12 thoughts on “Negative Captcha

  1. Any way to get BDE to work on VMware with a USB key? I’ve been testing it and I keep hitting a wall. Just curious to see if anyone has any success.

  2. How do you make a duplicate Bitlocker USB startup key? The Bitlocker program has a feature labeled “manage bitlocker keys.” Click this feature and you get a screen giving you the option to duplicate your USB key. This is good to create a duplicat startup key in case the original gets lost or stolen. The problem is that this feature does not work. I spent an hour on Sunday and another hour on Monday trying to get Microsoft technical support to make this feature work. My experience with Microsoft technical support was horrible. I don’t understand how they could be so incompetent. If you know how to make a duplicate startup key, please let me know.

  3. You don’t get to make duplicate USB keys, but you are forced to create a backup (or many backups) of the key when you first set it up.

    If you need to make a new backup – your key is regenerated making your old keys invalid. So be sure you can manage this before making backups willy nilly.

    The feature does work – it just doesn’t work the way you think it does.

  4. I am very impressed by this article it workedgreat on Vista ultimate. I was suprised it still worked with SSFL enabled which locks the maching down into a security monster. Anyway I’ve had no problems or bugs to report. Booting is a bit slower but it thats the sacrafice I have to make for bitlocker security so be it. Thanks so much for your hard work and great tutorial.

  5. Anyone get this message, and have any idea how to resolve it?

    bit locker could not be enabled. The system firmware failed to enable clearing of the system memory on reboot

  6. If your USB startup key is not working, just change the boot order in your BIOS so that your computer boots first from the hard drive. If it boots first from the USB drive, it may hang there and you will just get a message saying “no bootable partition” or maybe just a blinking cursor. To load the bitlocker key, your system must boot from the hard drive. It then scans for the startup key on your usb drive and loads it. Some USB drives will not cause this problem but many will. So, if you have this problem, change the boot order. Note: the writer who said you cannot duplicate your startup key is incorrect. Yes you can. Just open bitlocker and select manage keys where you will get that option.

  7. I got “firmware failed to enable clearing” on new Vostro 1310 w/o TPM and w/ Vista Ultimate Upgrade from business. Setting bitlocker gpedit.msc to ‘enable don’t write’ didn’t help. Dell couldn’t help. I gave up eventually and skipped bitlocker tests. There is an option in the BIOS to ‘protect’ memory which I didn’t try changing so that may or may not overcome the issue.

    I thought I had problem duplicating USB startup key (or (re-) writing it actually.) I probably didn’t, but have to enable visibility of ‘system files’ in Vista to see it. The .BEK file (re-)written has the same name and I suspect the same content, so I believe that ‘Spiral’ is incorrect.

    I eventually got the USB to work somewhat reliably after formatting it NTFS, and playing with boot orders and playing with which USB slot it is plugged into. Not sure which of any of these made the difference as my BIOS settings are back to original (HDD first, removable second but active.)

    I believe Dell to be prone to not being able to read USB for some time after power-up. I believe I’ve seen this with other Dell workstation and server gear. That would explain spotty function.

Comments are closed.

Tagged

I'm a tinkerer and finally reached the point where I fix more things than I break. When I'm not tinkering, I'm probably editing a book for Maker Media.

View more articles by Brian Jepson