Hi, I've always been a bit warey about captcha solvers like Webvism. Given that most of the time that a captcha will need to be solved a user will be filling in a form, it's surely the perfect time to send a bit more than the captcha image to the server. The plugin will be accessing the DOM to get the image anyway, so from a development point of view I see no reason why it can't itterate through the form fields & harvist any data that has been entered already. Obviously you can mitigate this by having the captcha filled in before you enter anything, but I'm sure that the majority of blind people (maybe people on this list will be different) won't do this. I'd like to sniff Webvism to find out once and for all if it's doing anything evil, but it's fairly far down on the to do list at the moment. Cheers, Ben. On 11/18/14, Megan Bening <mebening@gmail.com> wrote:
Hello Vic, This is a great point! I’m sorry I neglected to mention this. I am a blind information technology student specializing in information security. I joined the SysAdmins list a few months back to broaden my horizons, but have mostly been sitting back and watching it until now. I am a user of Voiceover, NVDA, System Access, JAWS, and TalkBack. My research partner is visually impaired and does assistive technology training for our state, as wel as using screenreaders extensively himself and is an NVDA developer. Our main objective here is simply to educate our classmates and professor on possible security implications that screenreaders pose and to explain to them how those issues can be worked around or planned for and why they should be. I am seeing that there has been very little research on this topic and am interested, just for my own sake, in the information as well. We don’t plan to publish any of this information more widely and are really just interested in fleshing out our own research and conceptual ideas. Thanks for the question. Again, I apologize for the omission. Please email again with any further questions! Megan
On Nov 18, 2014, at 10:18 AM, Darragh Ó Héiligh <d@digitaldarragh.com> wrote:
Megan, are you blind or do you use any assistive technologies?
This seems to be your first message to this list if I'm not mistaken. IT's an unusual query. I cant speak for anyone else but I'd want a lot more information regarding your motives before I answered any of your questions.
Darragh
-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Megan Bening Sent: 18 November 2014 16:20 To: Blind sysadmins list Cc: Flint D Million Subject: [Blind-sysadmins] Looking for feedback on a grad project
Hello all, My partner and I are working on a graduate project that details some of the problems that accessibility poses to information security. This is a small class level project meant for educational purposes only and will not be presented in a wider market. We are looking for examples, anecdotal or sourced, of situations you have come across where accessibility has been a threat to information security or the other way around. Your name can be included in the project, or not, as you see fit. Please email either myself at mebening@gmail.com <mailto:mebening@gmail.com> or my research partner at flint.million@mnsu.edu <mailto:flint.million@mnsu.edu> with details, questions, or concerns. Thanks very much, Megan _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins