— The RISC OS Authentication Service —
Frequently Asked Questions (Spam Prevention)
| Not logged in | Log in |
| Home |
| Register |
| FAQ |
| Terms of Use |
| Contact |
| Frequently Asked Questions | ||||||
| Purpose | Security | Privacy | Spam-prevention | Accounts | Kerberos | OpenID |
Spam-prevention
What is the purpose of the security code?
To make it difficult for a single user to programmatically create large numbers of accounts.
Why would that be a bad thing?
Many services have controls to limit the amount of harm that a single malicious user can do. Such controls are less effective if malfeasants can call upon an arbitrarily large number of accounts at little or no cost to themselves.
How is the security code supposed to achieve this?
By asking a question that is, it is hoped, more difficult for a machine to answer than a human being.
Could the security code be defeated by optical character recognition, or some other nefarious method?
Probably, but so long as it works most of the time it will have served its purpose. Whatever slips through the net can be managed by other means.
Are there not better ways to implement this concept?
Consider the current system to be a first attempt. If you have any specific suggestions then feel free to make them. Constraints are that:
- most of the necessary code must be available as pre-written free software; and
- it must be compatible with Perl, Apache and GNU/Linux.
Will this not cause problems for some users?
That is unfortunately very likely. We apologise for any inconvenience caused, but we believe that this is a necessary and proportionate countermeasure to what might otherwise cause serious disruption to this service and others.
What should I do if I cannot read the security code?
As an alternative to entering the security code you should contact the operator and ask for an account to be created manually.