[cryptography] CAPTCHA as a Security System?
iang at iang.org
Mon Jan 2 18:21:37 EST 2012
On 3/01/12 09:06 AM, lodewijk andré de la porte wrote:
> I'd like to add to this conversation, as a side note, that a new type
> of security has (fairly) recently emerged: legal security. "It's
> illegal to break in, so we don't need security".
Right. But it needs to be a break in, not a trespass. So there needs to
be a security method to be broken -- no matter how weak.
From what I recall of this, there needs to be a reasonable notice and a
security system for the breaking of. This is why WAP, etc, works ...
because it is a security system, and even though it can be broken with a
boltcutter, it's illegal to break in. So the end result is that you can
commit the crime, and you'll leave your trails, and you'll be in
> Quite common in convenience stores, people's homes and now, the
> Internet. Some will find that this sort of security sucks. That it
> doesn't protect them very well. They won't care though, because even
> though the window was open, no one should've entered.
It somewhat depends on who the attacker is. If they are law-abiding
citizens and they happen to be in the same jurisdiction, a legal
mechanism works reasonably well. Indeed, if one of them is true, it can
This also happens to align well with online banks which only permit
transfers inside the country. As the mule who receives the money has
done so without permission, she has participated in fraud and the money
can be yanked right back out again. (Never mind that she already sent
the money to another jurisdiction...)
The thing is, just because a security mechanism doesn't seem to
translate to technological space doesn't mean it doesn't have legs.
More information about the cryptography