Hacker News new | past | comments | ask | show | jobs | submit login

No, the problem the author mentions is explicitly with ReCaptcha. He addresses your edit in the article, which you would know if you actually read it and didn't just skim. The problem, as evidenced by the author's many examples, is that the control word is often distorted beyond reasonable recognition, and the new word is not valid data. So neither of the two words is solvable.

Edit in response to your edits

You've deleted your previous edit. Still, even with your current edit it is clear you are not actually reading the article. You say:

Again, it's important to note, you only have to get one of the two words correct to pass the challenge. So.. probably 99% of the above list would pass.

However, the author of the article explicitly states that he did this:

I decided to just guess the first word and hope “secretary” was the control. It wasn’t.

So the author correctly identified one of the two words (and makes the same identification as you did), but was still rejected because it was not the control word.

You obviously don't have an accurate understanding of ReCaptcha implementation, and you apparently are not reading the article with comprehension, despite claiming several times that you have.




> You obviously don't have an accurate understanding of ReCaptcha implementation

I do (I've implemented them many times), but no point in arguing.

I must be the only person who finds the level of security a captcha provides worth the 1 to 2 seconds it takes to type in a Captcha. And if done properly, you should only have to type a captcha once per site.

Which is easier? Allow form spam on your site, or have a user type a captcha once the first time they visit and decide to post a comment or something? Captcha's have provided a tradeoff between inconvenience and protecting your site.


Pardon my confusion, but wasn't your original comment arguing against homebrew Captchas?

Also, you say that you have an accurate understanding of ReCaptcha implementation based on the qualification that you have "implemented them many times". ReCaptcha was created by Google, so unless you work for Google on the team that implemented ReCaptcha, it doesn't seem possible for you to have "implemented them [ReCaptcha] many times".


Minor point, but reCAPTCHA was purchased by Google, not created by them.


I don't think you understand how to implement a captcha on your website. Unless you use a 3rd party CMS where implementing a captcha is just a checkbox and pasting in your api key, then it's a lot more work.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: