[jaws-uk] Re: Thoughts on captchas

• From: Tristram Llewellyn <tristram.llewellyn@xxxxxxxxxxxxxxxxxxx>
• To: "'jaws-uk@xxxxxxxxxxxxx'" <jaws-uk@xxxxxxxxxxxxx>
• Date: Thu, 17 Mar 2011 17:36:33 +0000

I know this isn't much help and probably provocative at best but here goes, I 
hope it will at least provide some understanding of the issues involved.  

The CAPTCHA is a test designed to tell a human and computer apart.  It relies 
solely on the fact that there are certain tasks a human (properly equipped with 
senses) can only do.  It has (incorrectly as it turns out) been assumed that 
all humans have the same senses, and that assumption that sight makes one human 
is therefore equally suspect.  

However one must consider more carefully what is going on before assuming this 
is merely a case of discrimination against non sighted web users.

A CAPTCHA test normally taking the form of an image is displayed that a sighted 
human deciphers.  Because what you get as an image a screen reader cannot 
decipher it and therefore neither can a user of that software since their 
screen reader cannot help the crack the test.  Of course other software exists 
that aims to defeat CAPTCHAS is used both illegitimately by those who want to 
break into resources they shouldn't and those who may for legitimate reasons 
which to break a CAPTCHA just to get access to things.  At this point we should 
be clear both groups described above are essentially breaking the CAPTCHA which 
is a test of humanness (albeit flawed).

Blind users fall into this second category by using various software to 
effectively break a CAPTCHA that is sufficiently weak in order to do so (one 
such example is Webvisum for Firefox)  The other approach is effectively to 
hire some eyes like the Solona approach where a human intermediary is used as a 
service to decipher the CAPTCHA.

The problem philosophically is to genuinely find a test that a blind person met 
with a CAPTCHA can genuinely pass which carefully crafted software could not.  
When one begins to carefully consider what makes a person uniquely human over a 
distant internet connection it is actually really quite hard and therefore an 
accessible CAPTCHA is a tautology since by being accessible it no longer 
functions as an effective test of being a human..

The only ways I have actually thought may be of any help are re-purposing 
technologies that are really designed for authentication like OpenID or using 
some kind of one time password system.  Neither of these are really the answer 
however.  Therein lies the rub, there really hasn't been a solution so far 
offered that really tackles it since blind people are more heavily mediated by 
technology in order to access the websites that use CAPTCHA it is in effect 
more difficult to tell them apart from a sighted fellow human using the same 
website.

Apologies for the small essay but it may help people to understand why this 
problem seems so intractable rather than it simply being a question of nobody 
doing anything.

Regards.

Tristram Llewellyn
Sight and Sound Technology
Technical Support
www.sightandsound.co.uk

Mail:
Tristram: tristram.llewellyn@xxxxxxxxxxxxxxxxxxx
Technical: Support@xxxxxxxxxxxxxxxxxxx
General - info@xxxxxxxxxxxxxxxxxxx

Phone:
Support line: 0845 634 7979

Sight and Sound Technology Limited is a company registered in England and 
Wales, with company number 1408275.  

Sight and Sound Technology
Welton House North Wing
Summerhouse Road
Moulton Park
Northampton
NN3 6WD 
            
VAT Number - GB 860 2121 66.

-----Original Message-----
From: jaws-uk-bounce@xxxxxxxxxxxxx [mailto:jaws-uk-bounce@xxxxxxxxxxxxx] On 
Behalf Of Jamie Cuthbertson
Sent: 17 March 2011 15:18
To: jaws-uk@xxxxxxxxxxxxx
Subject: [jaws-uk] Thoughts on captchas

Hi there,

I know that there's been some discussion of the issue of captchas on this
list in the past but I'm looking for your thoughts on alternatives that a
web designer might use.

I'm currently working with a software developer who is considering
introducing a captcha on their site but which, even with the audio
alternative, is really hard to use.  I'm sure that most folk will have
encountered these at some stage.

I fully understand the reasoning behind the desire to have these as an
additional security defence but personally hate them with a vengeance.
Having said that, my dislike of them isn't a particularly pro-active way of
helping the company achieve their desire for increased security but at the
same time wishing to make the site as accessible as possible.

My question...does anyone know of any commercially available accessible
captchas or similar security device that will satisfy both requirements?

I also think that some people have mentioned that Firefox has some features
that make captcha solving easier - if this is correct, what is it about
Firefox that makes this possible?

Thanks in advance.

Jamie
 

__________ Information from ESET Smart Security, version of virus signature
database 5963 (20110317) __________

The message was checked by ESET Smart Security.

http://www.eset.com
 

** To leave the list, click on the immediately-following link:-
** [mailto:jaws-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** jaws-uk-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:jaws-uk-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to 
** jaws-uk-request@xxxxxxxxxxxxx with the Subject:- faq


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________
** To leave the list, click on the immediately-following link:-
** [mailto:jaws-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** jaws-uk-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:jaws-uk-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to 
** jaws-uk-request@xxxxxxxxxxxxx with the Subject:- faq

• Follow-Ups:
  • [jaws-uk] Re: Thoughts on captchas
    • From: Jamie Cuthbertson
  • [jaws-uk] Re: Thoughts on captchas
    • From: Rashmi Shah

• References:
  • [jaws-uk] Thoughts on captchas
    • From: Jamie Cuthbertson

Other related posts:

• » [jaws-uk] Thoughts on captchas- Jamie Cuthbertson
• » [jaws-uk] Re: Thoughts on captchas- Keith
• » [jaws-uk] Re: Thoughts on captchas- Tiddy Ogg
• » [jaws-uk] Re: Thoughts on captchas - Tristram Llewellyn
• » [jaws-uk] Re: Thoughts on captchas- Jamie Cuthbertson
• » [jaws-uk] Re: Thoughts on captchas- Tiddy Ogg
• » [jaws-uk] Re: Thoughts on captchas- Rashmi Shah
• » [jaws-uk] Re: Thoughts on captchas- Jamie Cuthbertson
• » [jaws-uk] Re: Thoughts on captchas- Jamie Cuthbertson
• » [jaws-uk] Re: Thoughts on captchas- Daniel McGee
• » [jaws-uk] Re: Thoughts on captchas- John SAVAGE
• » [jaws-uk] Re: Thoughts on captchas- Amro Bilal
• » [jaws-uk] Re: Thoughts on captchas- Kevin Morris
• » [jaws-uk] Re: Thoughts on captchas- Kevin Morris
• » [jaws-uk] Re: Thoughts on captchas- Jamie Cuthbertson
• » [jaws-uk] Re: Thoughts on captchas- Kevin Morris
• » [jaws-uk] Re: Thoughts on captchas- Jamie Cuthbertson

1. Home
2. jaws-uk
3. Archive
4. 03-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---