Page 1 of 1

Human inclusive, robot exclusive, contact form.

Posted: Wed Sep 22, 2004 5:22 am
by agent
This form is inclusive for humans, but exclusive to programmers. Request for information are getting more complicated, because programmers are writing programs that circumvent security measures.

As of 2004.09.21, the latest trend is to display an image with crazy characters and other object that currently can not be read my a program, and then require the person to type in the characters before they can proceed. Some *beep* mega lo manic, found a way around this by linking the form to high traffic web sites and offered free content to people that would read the images and fill in the numbers so they could more easily collect data again.

Hopefully this idea will prevent any sort of automation, and stop the cycle of implement something good, only to see someone find a way around it.

But who knows.
http://www.theregister.co.uk/2004/09/15 ... _jpeg_bug/

It involves a series of step that require the person filling out the form to accomplish before then can contact you. The tasks are simple, and most people can accomplish them (I will ask my mother to confirm this when the code is complete).

1.A check the HTTP REFER to make sure no one has hijacked your form.
2.Person fills out the form, and you require you a valid email address.
3.You email them a chunk of data. Chunks of data could be a MD5 sum of the data collected, a text file with special instruction on how to continue (the text file could be zipped up), or just one of those crazy images.
4.They save the chunk of data to their computer.
5.They return to the completion page where they are required to browse for the chunk of data and submit it back to the server.
6.Once the chunk of data has been uploaded successfully, you can do a diff on two files and delete one or both of them. You can also verify any other information at this point.

Step five is crucial because the FILE element is the one input type, that I am aware of, that can not be automated. The VALUE attribute can not be set for it. The person will always have to browse for the chunk of data on their computer.

High volume websites, people that only want tech savvy people to contact them, or people that want to collect information after they know the person is legitimate are just a few people that will want to use this contact form process.

I am contacting the nms project to help out for the coding.
http://nms-cgi.sourceforge.net/

Some forms information:
http://www.cs.tut.fi/~jkorpela/forms/file.html

This is not an endorsement for Micro$oft, they just happen to have one of the craziest image makers I am aware of. You only get 2MB for a free hot mail account, gut Google's gmail gives you 1GB! That is even crazier than the image at the bottom of this page:
https://registernet.passport.net/

Good day,
-Steve

Form spamming.

Posted: Sat Feb 10, 2007 5:53 pm
by agent