CAPTCHA issues upon registration

Suggestions and comments about the ReactOS website

Moderator: Moderator Team

Post Reply
Torsten
Posts: 8
Joined: Wed Feb 21, 2018 10:26 am

CAPTCHA issues upon registration

Post by Torsten »

Hi all!

While I finally managed to register with this site (as you see :),
I'd however like to notify you about oddities I encountered during
the registration process.

Have to point out that my internet access bandwidth is limited (only
64 kbps, i.e. ISDN speed). With full-featured browser, complex pages
take several minutes to load. I thus prefer Mikulas' Links browsers,
which loads common sites at reasonable speed.

Alas, user forums nowadays make use of CAPTCHAs to register with their
sites, and so does reactos.org. There is no way to decipher CAPTCHAs
with a text mode browser ... As they rely on JavaScript code, Links
in graphics mode won't do the job, neither.

I thus tried to load https://www.reactos.org/user/register with
Epiphany 3.8.2 from my Raspberry Pi 3G internet router. No CAPTCHA
appeared, the [Create new acount] button revealed a "The answer you
entered for the CAPTCHA was not correct" reply. The same with
Firefox ESR 45.2.0 on Raspbian, i.e. no CAPTCHA shown at all.

Further attempt with an Ubuntu 16.04 live CD, on x86 platform. Comes
with Firefox 45.2.0 as well. Surprisingly, for the first time, a
reCAPTCHA's frame showed up here. However, the Google gadget reported
that I used an "unsupported browser". Erroneously! After several page
reloads (a small eternity later), the connection to Google's servers
seemed good enough to make a CAPTCHA appear.

Worth mentioning that completing one CAPTCHA alone was not enough.
Only after the fifth or sixth, a dearly yearned "A welcome message
with further instructions has been sent to your e-mail address."
was displayed. I opened the one-time registration link in this
confirmation mail in Links from my main computer, but first thought
that a default password should display.

Then (unnecessarily) tried to open ReactOS site's confirmation mail
in Firefox 45.2.0 from Ubuntu 16.04 CD boot. As my freemail account's
site heavily uses JavaScript for advertisments, a total of 100 megabytes
data transfer (over 64 kbps line) was reached here until the next day.
Reactos.org is not to blame for this, just an incurred inconvenience.
Thankfully, required steps from the one-time link could be performed
from Links as well (and the Firefox session be shut down). Login/
logout works fine in Links, so there.

The registration took some energy I'd better have used for contributions.
It seems that not the connection speed to reactos.org was the limiting
(cumbering) factor, but rather the redirection to external Google
servers. Suggestions or confirmation appreciated.

Regards, Torsten
ThFabba
Developer
Posts: 293
Joined: Sun Jul 11, 2010 11:39 am

Re: CAPTCHA issues upon registration

Post by ThFabba »

Hi, and thanks for your interest. It's unfortunate that you ran into problems with the registration. However those issues don't seem easy to fix. Here's what I know:

Captchas are unfortunately a necessity. The project has experimented with a variety of options, and the current solution is one of the few that is able to keep spam registrations at bay. By the very nature of a captcha it requires either images or sound; it pretty much by design has to be inaccessible to text browsers. But if you have experience with alternatives that work well at scale, I'm sure we're open to hearing about them.

Whether or not Javascript should be a requirement for web pages is arguable. But I'm not sure here is the place for that argument. Also, I'd argue that fight was lost a long time ago.

About Firefox 45... the site is right, it's unsupported. Its end-of-life was more than half a year ago (and that's 45.9.0). The primary reason this is relevant is that that makes the browser insecure. You shouldn't use it, and support for an end-of-life browser is a clear Won't Fix for most websites. I understand that your bandwidth is limited, but keeping your browser up to date really is a requirement you can't get around, since it is by its very nature constantly exposed to untrusted content.

If you have any suggestions that you think would make the site more accessible, I'm sure they'd be appreciated. However when considering changes we also have to take into account the maintenance effort associated with custom-built solutions, weighed against the number of users benefiting from those changes -- and extreme bandwidth limitations are an example that is not likely to be a problem for most.

Thanks for your input.
-T
User avatar
EmuandCo
Developer
Posts: 4722
Joined: Sun Nov 28, 2004 7:52 pm
Location: Germany, Bavaria, Steinfeld
Contact:

Re: CAPTCHA issues upon registration

Post by EmuandCo »

I hope you are not feeling attacked personally when I am quite shocked about your internet speed. Taking your german into account and the few countries where it's spoken I think you had bad luck or bad phone lines (F*CKING BAD) when I am thinking about the steadily increasing average speed we have (which still sucks compared to other parts of the world though).
Anyways, as ThFabba already told ya, the site is quite correct banning you out with a outdated browser. If you want to stay on one browser longer than right now, I recommend ESR builds from Firefox. (https://ftp.mozilla.org/pub/firefox/releases/52.6.0esr/) But beware, these are bigger than more recent versions due to the old XUL plugin system still being in place.
Regarding the captchas I must tell you that these will not change in any way. We had enough experiments before these and all failed. I have some numbers for you in that case: At some days we had 150+ new threads and 400 new posts all being spam. We don't have 30+ moderators filtering these out, so the new system with 1-2 spam posts a day is a relief for moderators AND users.
ReactOS is still in alpha stage, meaning it is not feature-complete and is recommended only for evaluation and testing purposes.

If my post/reply offends or insults you, be sure that you know what sarcasm is...
Torsten
Posts: 8
Joined: Wed Feb 21, 2018 10:26 am

Re: CAPTCHA issues upon registration

Post by Torsten »

Hi ThFabba,

thanks for your in-depth explanations. A consolation after a six-hour effort!
I didn't know that forum sites are so highly affected/ attacked by spammers.
Back in 1998, I simply wrote to mailing lists (and quickly obtained replies),
or posted to newsgroups. Today, many mailing lists require subscriptions,
obviously for undesired contributions, and the usenet's role seems to fade out.

I imagine what might happen if the spam business used artificial intelligence
to resolve captchas ... and understand why you rely on Google's services
here, to keep pace (e.g. upcoming biometrical captchas which, however will
require some sensor to acquire such data). Upon registration, it was mainly
the connection to Google's captcha server which caused problems ...

Your words on JavaScript sound pessimistic. I didn't know that Firefox 45.2.0
is outdated, one and a half year after I actually installed it. Contrary to
Google's notification, it worked anyway. I was in fact concerned about the
100 MB traffic caused by it overnight, as even Live DVDs mount recognized
partitions. It's not my browser for every-day use, rather a last resort for
resolving captchas. I appreciate slim, efficient code - this is why I
actually like ReactOS, which is only three times as big as Windows NT 4.0.

Likewise, this site is more streamlined than other user forums I have seen.
It allows me to read and post using Links 2.13. Please do not change this.

@EmuandCo:
400+ spam posts per day is a lot. I've seem such content in an *archive*
of a forum site, ref. http://mirrors.pdp-11.ru/www.drdosprojects.de.tar.gz ,
which was closed shortly afterwards. I clearly prefer this forum being alive.

Greetings, Torsten
User avatar
dizt3mp3r
Posts: 1873
Joined: Mon Jun 14, 2010 5:54 pm

Re: CAPTCHA issues upon registration

Post by dizt3mp3r »

When spam-creating businesses use artificial intelligence to successfully resolve captchas then that's close to being the end of the internet - bar spilling a sample of your blood onto your keyboard for DNA testing.

By the time AI rises, captchas will be the least of our problems... We can only hope that it spawns from Microsoft and will be full of bugs with a poor interface.
Skillset: VMS,DOS,Windows Sysadmin from 1985, fault-tolerance, VaxCluster, Alpha,Sparc. DCL,QB,VBDOS- VB6,.NET, PHP,NODE.JS, Graphic Design, Project Manager, CMS, Quad Electronics. classic cars & m'bikes. Artist in water & oils. Historian.
User avatar
linrx
Posts: 9
Joined: Fri May 19, 2017 4:09 pm
Location: Singapore

Re: CAPTCHA issues upon registration

Post by linrx »

ThFabba wrote:Captchas are unfortunately a necessity. The project has experimented with a variety of options, and the current solution is one of the few that is able to keep spam registrations at bay. By the very nature of a captcha it requires either images or sound; it pretty much by design has to be inaccessible to text browsers. But if you have experience with alternatives that work well at scale, I'm sure we're open to hearing about them.

Whether or not Javascript should be a requirement for web pages is arguable. But I'm not sure here is the place for that argument. Also, I'd argue that fight was lost a long time ago.

About Firefox 45... the site is right, it's unsupported. Its end-of-life was more than half a year ago (and that's 45.9.0). The primary reason this is relevant is that that makes the browser insecure. You shouldn't use it, and support for an end-of-life browser is a clear Won't Fix for most websites. I understand that your bandwidth is limited, but keeping your browser up to date really is a requirement you can't get around, since it is by its very nature constantly exposed to untrusted content.
Pretty much agree with ThFabba,

1. Even without captchas, some form of anti bot and anti spam is usually preferred these days.
2. Javascript has been around since the 1990s, the workaround regarding javascript is simply not using a web browser, try any of the other app stores from Microsoft, Google and Apple instead.
3. Firefox is open source in at least one way, it does not come with a commercial guarantee that it is perfect.
andreas84
Posts: 101
Joined: Sat Oct 25, 2008 4:09 pm

Re: CAPTCHA issues upon registration

Post by andreas84 »

I really dont like the google captchas stuff.
Its not always working as it should.
Google is known to track user which means if you include google frames they likely can track ros users.
User avatar
EmuandCo
Developer
Posts: 4722
Joined: Sun Nov 28, 2004 7:52 pm
Location: Germany, Bavaria, Steinfeld
Contact:

Re: CAPTCHA issues upon registration

Post by EmuandCo »

Thread necromancy? Come on! Anyways. Google CAPTCHAS are the best right now, you are free to recommend another way to block bots and spammers
ReactOS is still in alpha stage, meaning it is not feature-complete and is recommended only for evaluation and testing purposes.

If my post/reply offends or insults you, be sure that you know what sarcasm is...
andreas84
Posts: 101
Joined: Sat Oct 25, 2008 4:09 pm

Re: CAPTCHA issues upon registration

Post by andreas84 »

How about a bot honeypot:
A question bots are filling for certain but with the note for humans to leave it open.
Post Reply

Who is online

Users browsing this forum: No registered users and 6 guests