• All submissions to this site are governed by Second Life Project Contribution Agreement. By submitting patches and other information using this site, you acknowledge that you have read, understood, and agreed to those terms.
MAINTENANCE ANNOUNCEMENT - JIRA will undergo maintenance starting 1:00am PDT through 3:00am on Saturday 2010.03.20. Please do not enter issues during this time as the system maybe restarted.
Issue Details (XML | Word | Printable)

Key: VWR-8638
Type: New Feature New Feature
Status: Open Open
Priority: Normal Normal
Assignee: Unassigned
Reporter: TigroSpottystripes Katsu
Votes: 1
Watchers: 1
Operations

If you were logged in you would be able to see more operations.
1. Second Life Viewer - VWR

Optional login captcha to filter potential bots

Created: 13/Aug/08 07:35 AM   Updated: 22/Feb/09 10:51 AM
Component/s: None
Affects Version/s: None
Fix Version/s: None

Time Tracking:
Not Specified

Issue Links:
Relates
 


 Description  « Hide
have the client do a captcha test when logging in, with the option of bypassing the captcha test, the result of the test would be verified server-side to help avoid cheating.

if the client told the server it was logging in bypassing the captcha, or if it simply didn't request the captcha image to be sent at all, that account would be ignored for traffic purposes for the duration of that session (till it was logged off, and in again)

this would help with preventing the (miss)use of bots to game the search ranking while not preventing any client from logging in (people logging with older clients would be ignored by the traffic system since they don't ask for a captcha test)

perhaps also have captchaless logins show as yellow (or grey or whatever) instead of green on the minimap and the main map to also reduce the usage of bots to trick people into thinking somewhere is popular by the amount of green dots it has on the maps

it probably would also be interesting to have the data about whether some avatar has done and passed the captcha test or not for that session avaiable to scripts to let people have their camping devices filter out bots if they so desire (some people like to only have real people using their camping sites, I guess to improve the social aspect of the place or somthing, dunno)

this wouldn't prevent the return of camping sites, but at least, with real people camping, some benefits, like giving newbies some money and having a place where real people gather around it would provide some benefits not brought by camping/traffic bots (from my understanding, what people call camping bots are usually bots owned by the owner of the land that use regular camping devices to give the illusion the place is a normal camping site while not leading to any money loss to the owner (possibly attracting human campers that will stay on the land for a while in the hope that some of the avatars they believe are controlled by humans will eventually leave and free a spot), and traffic bots are bots that just hang in the land to game the search rank)

ah, another thing I though, perhaps have the sim the person is logging into run the test instead of doing it on a central system to help distribute the load induced by the generation of the captcha images and the verifying of the user's answer that would follow, and then have it report the result to the rest of the system if the user passed the test (if the user failed, it wouldn't be logged in, and if it choose to bypass the test, there would be no result to report)

 All   Comments   Work Log   Change History      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Ezian Ecksol added a comment - 13/Aug/08 07:46 AM
If the captchas would be done client side ... what is with all the bot clients, they could bypass it and send fake information to the server.

I don't see on a technically side a possibilty to implement that.


[ Permlink | « Hide ]
TigroSpottystripes Katsu added a comment - 13/Aug/08 08:19 AM
the client would just display the image and send whatever the user typed back to the server, it would be the server that would then verify if the asnwer was correct, currently, with good captchas, there is no automated way to get the right answer afaik

[ Permlink | « Hide ]
Ezian Ecksol added a comment - 13/Aug/08 08:48 AM
But there are some good apllications for bots. E.g. models for clothes. With these captchas one would prevent them to auto-login.

Because in the several threads against bots I never read any Linden saying anything for or against bots, I think, they are happy with the current situation ...


[ Permlink | « Hide ]
TigroSpottystripes Katsu added a comment - 13/Aug/08 08:59 AM
please read the description of the proposal with more attention, there wouldn't be any blocking of logins, bots would still be able to login without human intervention, they would just be ignored by the traffic system

[ Permlink | « Hide ]
Lex Neva added a comment - 14/Aug/08 10:21 AM
I hate having to do captchas. They're annoying and hard to read. Plus, a determined bot writer can easily bypass a captcha by sending the image to mturk.com and paying a few cents for a human to complete it.


Powered by Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.2-#335) - Bug/feature request - Atlassian news - Contact Administrators