The current approach works. I've yet to see a compelling (or even plausible) reason to change it...
Though I (and I presume jason as well) would be all for a system which is even harder, perhaps involving counting the number of options in our default kernel config set to 'M'
]]>The problem are not the usual bots, but humans. These days they pay some poor guys a few cents a day to break captchas. I tried all kinds of different questions; problem was they could be easily solved using google or wikipedia.
There is already a lengthy thread with all answers you are looking for; but again: we are targeting competent linux users; so if this test is a little more difficult on windows it's not a real issue.
Anyway, if someone comes up with a better idea that has a similar success rate, let me know. (Questions like "Who created Arch Linux" or "What's the md5sum of the latest ISO" got bypassed after a short time.)
I was looking for something on amiga.org forums, and they used those kinds of questions just to use the search function!
]]>There is already a lengthy thread with all answers you are looking for; but again: we are targeting competent linux users; so if this test is a little more difficult on windows it's not a real issue.
Anyway, if someone comes up with a better idea that has a similar success rate, let me know. (Questions like "Who created Arch Linux" or "What's the md5sum of the latest ISO" got bypassed after a short time.)
]]>nomorewindows wrote:It would definitely be difficult to run that command line from inside Windows!
gnu tools for Windows do exist, as does cygwin. You can also fire up a VM with some Linux distro ;P
Doesn't the command expect the output to be "Linux"? What does "uname" return under cygwin?
Regardless, installing a working POSIX environment if you don't have one just to register on a forum is not KISS.
As for blocking bots, it can't be that hard to write a bot to parse the registration page and return the expected output. It only blocks bots now because no one has targeted this forum specifically.
]]>65Kid hit the nail on the head. A while back, the forums were being inundated with bottom feeding spammers. That little "Test" was put in place to filter out anyone who was not serious about running a Linux system from a command line. It is certainly over the head of the most of parasites that would spew their garbage on the forums.
Edit:: And no, it does not gather anything. Note that the input to the hash is the kernel you are running and the date. Those are fed into the SHA-2 hash which is nothing more than a signature of the input data -- the original inputs cannot be recovered from the hash. At our end, we know the date, and we know what the kernel is. We generate a hash of those as well. If the hash your system provides matches the hash that we generate, your in -- you become part of the club
oh, that's smart
]]>It would definitely be difficult to run that command line from inside Windows!
gnu tools for Windows do exist, as does cygwin. You can also fire up a VM with some Linux distro ;P
]]>fun and eye-opening experience nevertheless
You can use this: https://bbs.archlinux.org/viewtopic.php … 51#p999551 and register from a non-Arch system.
]]>had to read word by word from the screen, type word by word into arch (gosh sure hope the result is short).
oh guess what. one long string of numbers.
had to read number by number from arch, type number by number into pc.
fun and eye-opening experience nevertheless
]]>When registrating, why do they need to know the output of the command:
date -u +%j$(uname) | sha256sum | sed 's/\W//g'
What does it do?
65Kid hit the nail on the head. A while back, the forums were being inundated with bottom feeding spammers. That little "Test" was put in place to filter out anyone who was not serious about running a Linux system from a command line. It is certainly over the head of the most of parasites that would spew their garbage on the forums.
Edit:: And no, it does not gather anything. Note that the input to the hash is the kernel you are running and the date. Those are fed into the SHA-2 hash which is nothing more than a signature of the input data -- the original inputs cannot be recovered from the hash. At our end, we know the date, and we know what the kernel is. We generate a hash of those as well. If the hash your system provides matches the hash that we generate, your in -- you become part of the club
]]>