Sorry, can't remember. -----Original Message----- From: jaws-uk-bounce@xxxxxxxxxxxxx [mailto:jaws-uk-bounce@xxxxxxxxxxxxx] On Behalf Of Jamie Cuthbertson Sent: 19 March 2011 13:46 To: jaws-uk@xxxxxxxxxxxxx Subject: [jaws-uk] Re: Thoughts on captchas Hi Tristram, Tiddy and Keith, Thanks for your input - especially your essay Tristram!! (Smile) All very helpful feedback. Tiddy and Keith, can you remember any of the sites where you have experienced the numerical captchas? It would be good to be able to point these out as an example. -----Original Message----- From: jaws-uk-bounce@xxxxxxxxxxxxx [mailto:jaws-uk-bounce@xxxxxxxxxxxxx] On Behalf Of Tristram Llewellyn Sent: 17 March 2011 17:37 To: 'jaws-uk@xxxxxxxxxxxxx' Subject: [jaws-uk] Re: Thoughts on captchas I know this isn't much help and probably provocative at best but here goes, I hope it will at least provide some understanding of the issues involved. The CAPTCHA is a test designed to tell a human and computer apart. It relies solely on the fact that there are certain tasks a human (properly equipped with senses) can only do. It has (incorrectly as it turns out) been assumed that all humans have the same senses, and that assumption that sight makes one human is therefore equally suspect. However one must consider more carefully what is going on before assuming this is merely a case of discrimination against non sighted web users. A CAPTCHA test normally taking the form of an image is displayed that a sighted human deciphers. Because what you get as an image a screen reader cannot decipher it and therefore neither can a user of that software since their screen reader cannot help the crack the test. Of course other software exists that aims to defeat CAPTCHAS is used both illegitimately by those who want to break into resources they shouldn't and those who may for legitimate reasons which to break a CAPTCHA just to get access to things. At this point we should be clear both groups described above are essentially breaking the CAPTCHA which is a test of humanness (albeit flawed). Blind users fall into this second category by using various software to effectively break a CAPTCHA that is sufficiently weak in order to do so (one such example is Webvisum for Firefox) The other approach is effectively to hire some eyes like the Solona approach where a human intermediary is used as a service to decipher the CAPTCHA. The problem philosophically is to genuinely find a test that a blind person met with a CAPTCHA can genuinely pass which carefully crafted software could not. When one begins to carefully consider what makes a person uniquely human over a distant internet connection it is actually really quite hard and therefore an accessible CAPTCHA is a tautology since by being accessible it no longer functions as an effective test of being a human.. The only ways I have actually thought may be of any help are re-purposing technologies that are really designed for authentication like OpenID or using some kind of one time password system. Neither of these are really the answer however. Therein lies the rub, there really hasn't been a solution so far offered that really tackles it since blind people are more heavily mediated by technology in order to access the websites that use CAPTCHA it is in effect more difficult to tell them apart from a sighted fellow human using the same website. Apologies for the small essay but it may help people to understand why this problem seems so intractable rather than it simply being a question of nobody doing anything. Regards. Tristram Llewellyn Sight and Sound Technology Technical Support www.sightandsound.co.uk Mail: Tristram: tristram.llewellyn@xxxxxxxxxxxxxxxxxxx Technical: Support@xxxxxxxxxxxxxxxxxxx General - info@xxxxxxxxxxxxxxxxxxx Phone: Support line: 0845 634 7979 Sight and Sound Technology Limited is a company registered in England and Wales, with company number 1408275. Sight and Sound Technology Welton House North Wing Summerhouse Road Moulton Park Northampton NN3 6WD VAT Number - GB 860 2121 66. -----Original Message----- From: jaws-uk-bounce@xxxxxxxxxxxxx [mailto:jaws-uk-bounce@xxxxxxxxxxxxx] On Behalf Of Jamie Cuthbertson Sent: 17 March 2011 15:18 To: jaws-uk@xxxxxxxxxxxxx Subject: [jaws-uk] Thoughts on captchas Hi there, I know that there's been some discussion of the issue of captchas on this list in the past but I'm looking for your thoughts on alternatives that a web designer might use. I'm currently working with a software developer who is considering introducing a captcha on their site but which, even with the audio alternative, is really hard to use. I'm sure that most folk will have encountered these at some stage. I fully understand the reasoning behind the desire to have these as an additional security defence but personally hate them with a vengeance. Having said that, my dislike of them isn't a particularly pro-active way of helping the company achieve their desire for increased security but at the same time wishing to make the site as accessible as possible. My question...does anyone know of any commercially available accessible captchas or similar security device that will satisfy both requirements? I also think that some people have mentioned that Firefox has some features that make captcha solving easier - if this is correct, what is it about Firefox that makes this possible? Thanks in advance. Jamie __________ Information from ESET Smart Security, version of virus signature database 5963 (20110317) __________ The message was checked by ESET Smart Security. http://www.eset.com ** To leave the list, click on the immediately-following link:- ** [mailto:jaws-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** jaws-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:jaws-uk-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** jaws-uk-request@xxxxxxxxxxxxx with the Subject:- faq ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ** To leave the list, click on the immediately-following link:- ** [mailto:jaws-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** jaws-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:jaws-uk-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** jaws-uk-request@xxxxxxxxxxxxx with the Subject:- faq __________ Information from ESET Smart Security, version of virus signature database 5964 (20110317) __________ The message was checked by ESET Smart Security. http://www.eset.com __________ Information from ESET Smart Security, version of virus signature database 5967 (20110318) __________ The message was checked by ESET Smart Security. http://www.eset.com __________ Information from ESET Smart Security, version of virus signature database 5967 (20110318) __________ The message was checked by ESET Smart Security. http://www.eset.com ** To leave the list, click on the immediately-following link:- ** [mailto:jaws-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** jaws-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:jaws-uk-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** jaws-uk-request@xxxxxxxxxxxxx with the Subject:- faq ** To leave the list, click on the immediately-following link:- ** [mailto:jaws-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** jaws-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:jaws-uk-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** jaws-uk-request@xxxxxxxxxxxxx with the Subject:- faq