Opened 6 years ago
Closed 6 months ago
#13031 closed defect (fixed)
Text captcha does not obey order of operations
| Reported by: | dmr | Owned by: | Dirk Stöcker |
|---|---|---|---|
| Priority: | normal | Milestone: | plugin - spam-filter |
| Component: | plugin/spamfilter | Version: | |
| Severity: | normal | Keywords: | |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description
This was reported by a tor user over irc.oftc.net #tor:
The text captcha asks a simple math question. For example:
six plus two multiplied by four
The correct answer is 6 + 2 × 4 = 6 + 8 = 15, due to order of operations, but the captcha system does not accept that and instead expects you to do (6 + 2) × 4 = 8 × 4 = 32. This is confusing to many users who do multiplication first, as they should. Please explicitly specify that order of operations is ignored, or do not ignore the order of operations. Or accept both answers to the ambiguous question (e.g. both 15 and 32).
They reported that they were not able to add a ticket here, so I'm proxying the ticket creation.
Attachments (0)
Change History (6)
comment:1 by , 6 years ago
| Component: | general → plugin/spamfilter |
|---|---|
| Milestone: | → plugin - spam-filter |
| Owner: | set to |
comment:2 by , 6 years ago
comment:3 by , 6 years ago
Hmm. I'm not sure if fixing this ambiguity actually makes sense. This type of captcha is autosolved by most bots.
comment:4 by , 6 years ago
Replying to dmr:
They reported that they were not able to add a ticket here, so I'm proxying the ticket creation.
I see the attempts in the SpamFilter log. The user's IPs are blacklisted by multiple services and the user failed multiple captcha tries.
The reporter further notes that they typo'd the bug report. They meant
14instead of15.I asked them for clarification - whether they did the math wrong initially - and they confirmed that the typo is only for the bug report, not for the captcha answer they provided.