Invisible reCAPTCHA in the Core

https://www.phpbb.com/ideas/
Post Reply
Heo32
Registered User
Posts: 181
Joined: Sat Jan 07, 2017 10:08 pm

Invisible reCAPTCHA in the Core

Post by Heo32 »

Some of the plugins available for the spambot countermeasures are old, outdated and no longer work. The best one remaining within the core is likely the Q&A. Besides that, people have to rely on Google's Invisible reCAPTCHA. While that is good, reliance on it means having to change the core code over and over again with each revision.

I would like to propose the following:
  • Get rid of GD image.
  • Get rid of 3D image.
  • Get rid of simple image.
  • And yes, get rid of Q&A along with the reCaptcha (Google's).
phpBB should have it's own built-in Invisible reCAPTCHA plugin within the core itself. No more images, no more questions to answer, and no more reliance on a 3rd party such as Google. Let the forums determine, without any human involvement (invisible), if a human is registering or if a bot attempting to register.

I don't know how anyone would make this work, but maybe someone here will figure it out.
Is this for you? Windows & Nginx & PHP & MySQL & phpBB & WordPress & Cloudflare

Content-Security-Policy: Allow using Content-Security-Policy without unsafe-inline
stevemaury wrote:
Sun May 20, 2018 8:16 pm
I went to your board and looked for an hour or so, but did not see the women without underwear.
User avatar
3Di
Former Team Member
Posts: 16032
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: Invisible reCAPTCHA in the Core

Post by 3Di »

Get rid of GD image.
Get rid of 3D image.
Get rid of simple image.
Already planned. The rest of your idea is a no by my side.
Please PM me only to request paid works. Thx.
Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user
Extensions, Scripts, MOD porting, Update/Upgrades
Looking for a specific feature or alternative option? We will rock you! 🚀
User avatar
EA117
Registered User
Posts: 1805
Joined: Wed Aug 15, 2018 3:23 am
Contact:

Re: Invisible reCAPTCHA in the Core

Post by EA117 »

And "the rest of your idea is a no by my side", too, because it fails to account for all of the work and continual maintenance and improvement that is happening behind "Google's reCAPTCHA". We can't just "implement our own captcha" and suddenly be on par with what an experienced AI company is providing and maintaining for years; let alone stay on par with such a system.

And besides, "invisible" is only in reference to how the Google reCAPTCHA check becomes invoked. There are still images, and there are still prompts -- all of which is necessary in order to implement the reverse-Turing test reCAPTCHA provides. You cannot "silently" come to the same conclusions reCAPTCHA is coming to. "Invisible reCAPTCHA" is just a manner in which the captcha process "may" be invisible, unless the things they can check "silently" lead them to suspect there might be a toaster in front of the keyboard. In which case they start asking the toaster questions, to see if they're wrong and it's actually a human.

I do think it would be good to have options for other high-quality captcha, including those which rely on external systems other than Google. But it seems highly unlikely that we could ever create an effective "invisible" system of our own as part of phpBB. At the very least, not one whose performance or effectiveness could justify removing the other options.
User avatar
Mick
Support Team Member
Support Team Member
Posts: 22744
Joined: Fri Aug 29, 2008 9:49 am
Location: Watching cricket probably.

Re: Invisible reCAPTCHA in the Core

Post by Mick »

Q&A must stay, overall it’s still the best form of anti-bot software we supply and infinitely customisable. This is already in progress BTW, in a fashion:
  • Get rid of GD image✅
  • Get rid of 3D image✅
  • Get rid of simple image✅
  • And yes, get rid of Q&A along❌ with the reCaptcha (Google's)✅
"The more connected we get the more alone we become" - Kyle Broflovski©
Heo32
Registered User
Posts: 181
Joined: Sat Jan 07, 2017 10:08 pm

Re: Invisible reCAPTCHA in the Core

Post by Heo32 »

I've read what you all had to say. It makes sense. Thanks for the explanations.
Is this for you? Windows & Nginx & PHP & MySQL & phpBB & WordPress & Cloudflare

Content-Security-Policy: Allow using Content-Security-Policy without unsafe-inline
stevemaury wrote:
Sun May 20, 2018 8:16 pm
I went to your board and looked for an hour or so, but did not see the women without underwear.
rxu
Extensions Development Team
Posts: 3388
Joined: Wed Oct 25, 2006 12:46 pm
Location: Siberia, Russian Federation
Name: Ruslan
Contact:

Re: Invisible reCAPTCHA in the Core

Post by rxu »

Invisible reCaptcha v.2 is already in the core and v.3 will be in the core as of phpBB 3.3.1. That's Google reCaptcha plugin.
Personally, I think it makes no sense to reinvent the wheel own phpBB recaptcha.
User avatar
3Di
Former Team Member
Posts: 16032
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: Invisible reCAPTCHA in the Core

Post by 3Di »

Remove broken captchas:

https://tracker.phpbb.com/browse/PHPBB3-12960
https://github.com/phpbb/phpbb/pull/5422

---

Implement Honeypot Captcha === closed/dismissed as not effective:

https://github.com/phpbb/phpbb/pull/5437
Please PM me only to request paid works. Thx.
Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user
Extensions, Scripts, MOD porting, Update/Upgrades
Looking for a specific feature or alternative option? We will rock you! 🚀
Post Reply

Return to “phpBB Ideas”