[Xastir] Captcha's

David A Aitcheson david.aitcheson at gmail.com
Fri Jun 13 13:45:18 EDT 2014 

Curt,

I also STRONGLY suggest and support the solution that "Hessu" has
developed as mentioned by John AB0OO.

Heikki Hannikainen OH7LZB (AKA Hessu) gave a talk on just this subject
at the 2013 ARRL and TAPR Digital Communications Conference that was
held in Seattle Washington during September 2013. (Hmm, I wonder if that
was near your QTH Curt? ;-)  )

This entire talk is the subject of HamRadioNow "Episode 113 from the
DCC: Authenticated Amateur Radio Web Services" that is available on
YouTube.com at http://www.youtube.com/watch?v=wQxtvvhf4K8

It is a video that runs 50 minutes and 25 seconds in total and if my
memory serves me correctly Hessu does offer to assist others on a
limited basis especially in the APRS world.

While my LotW Certificate has expired and I do not plan on renewing it,
or using LotW in any way, I do think it would be a good way to
authenticate new members going forward.

73
Dave
KB3EFS


On 06/13/2014 12:49 PM, John Gorkos wrote:
> Curt-
>   Not looking for work for you, but one option might be to look at the
> work Hessu has done in using ARRL LOtW certificates as authentication
> factors for Wiki log in.  The process is fairly straightforward on the
> server side, and you tell it to trust any client certificate signed by
> the ARRL cert.  In this way, the server has access to all of the
> information in the Client Cert, including callsign, full name, etc.
>
> Again, I know that your time is much better spent coding Xastir than
> monkeying around with HTTP servers, but it's a thought, and the ARRL has
> really done all the hard work in terms of creating a cert pool and
> issuing them to people who are "legit" ham radio operators...
>
> John Gorkos
> AB0OO
>
>
> On 6/13/14, 12:39 PM, Curt, WE7U wrote:
>> I implemented Captcha's last night, then turned the new user account
>> feature back on.  Wiki's can end up with new spam logins even with that,
>> but it's greatly reduced.  I guess
>> people actually employ others to get through the captcha's...
>>
>> If we start getting more than one or two new spam users a week I'll
>> change the configs so new logins must be authorized by an admin.  That
>> should put an end to it.  In fact I may just do that in any case!
>>
>> This captcha is easier (for humans) to get through than most I've seen. 
>> You see a series of dog and cat pics and must select all of the cat pics
>> to get through.
>>
>> The only bug I've seen:  The enlarged pic when you hover over them is
>> too high on the frame, so the top of the pic gets cut off.  Even so I
>> was able to get through the captcha each and every time.
>>
> _______________________________________________
> Xastir mailing list
> Xastir at lists.xastir.org
> http://xastir.org/mailman/listinfo/xastir
>

-- 
David A Aitcheson david.aitcheson at gmail.com Go Green! Print this email
only when necessary.

More information about the Xastir mailing list