[Owasp-leaders] Good Code Advice Requested

Justin Searle justin.searle at owasp.org
Thu Dec 6 20:15:43 UTC 2012


Hi Petr, it sounds very interesting, but I'm not sure what the
sub-project is or what type of feedback you are requesting.  It is
going to be an opensource tool project?  It appears that its being
offered as a service right now.  Also, I'm not sure how this is
implemented.  The three examples you have on your website show how
Good Code can be implemented with a CAPCHA, but its not clear how the
process works or if Good Code provides both the CAPCHA and the Email
Service, or only the Email Service allowing people to use any CAPCHA
they want.  Could you provide a more detailed explanation of what Good
Code does?

Also, one other technical point.  Words and audio in CAPCHAs are not
"encrypted".  It would be more correct to say they are "distorted".
Justin Searle
Managing Partner - UtiliSec
801-784-2052


On Wed, Dec 5, 2012 at 9:00 AM, Samantha Groves
<samantha.groves at owasp.org> wrote:
> Hello Leaders,
>
> This e-mail is from Petr Zavodsky from the OWASP Czech Republic. See below:
>
>
> -------------------
> Hi Leaders,
>
> New subproject "Dobry kod" (in english: "Good Code" :)) (a followup part of
> OWASP Web Application Security Accessibility Project):
>
> http://www.dobrykod.cz/en/
>
> Users with sight impairment, dyslexia, and other similar conditions may
> experience difficulties with reading the encrypted characters in the picture
> of a CAPTCHA code.
>
> For this reason picture-based security tests can be supplemented with audio
> version, where the sound is distorted to prevent unwanted bots form
> accessing the information. Unfortunately, safely encrypted audio recordings
> are less discernible or almost indiscernible even for users with perfect
> hearing. Further difficulties can arise due to different phonetic systems of
> the user's language and the language of the recording.
>
> Please, send me your questions, objections etc.
>
> Thanks,
>
> Petr Zavodsky
>
> OWASP Czech Republic
> -------------------
>
> --
>
> Samantha Groves, MBA
>
> OWASP Project Manager
>
>
> The OWASP Foundation
>
> London, United Kingdom
>
> Email: samantha.groves at owasp.org
>
> Skype: samanthahz
>
>
> Book a Meeting with Me
>
> OWASP Contact US Form
>
> New Project Application Form
>
>
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>


More information about the OWASP-Leaders mailing list