Re: [PHP] captcha WAS Please visit my php program
This is a discussion on Re: [PHP] captcha WAS Please visit my php program within the PHP General forums, part of the PHP Programming Forums category; --- "Chris W. Parker" <cparker@swatgear.com> wrote: > Exactly what is the purpose of this? Let ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-29-2003
|
|||
|
|||
Re: [PHP] captcha WAS Please visit my php program
--- "Chris W. Parker" <cparker@swatgear.com> wrote:
> Exactly what is the purpose of this? Let me clarify. I know that > it's supposed to prevent computers from submitting forms > automatically because they cannot read the graphic, but what I > don't understand is in what cases this is useful? You have a page that collects credit card information for payment. An attacker finds a database full of credit card numbers but wants to verify which ones are still valid (it might be a very old database). So, after noticing your page, this attacker writes a quick little script in PHP that loops through the list of credit card numbers, submitting them to your site, and compares the output to distinguish success from failure. You end up with so many chargebacks that you lose your merchant account, and your company loses so much money that you lose your job. How's that? :-) Chris ===== HTTP Developer's Handbook http://shiflett.org/books/http-developers-handbook My Blog http://shiflett.org/ 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 03:12 AM.
