EverythingTech

Have you noticed one of those impossible to read word-in-a-box prompts when signing up for a service to logging into a web site like Facebook or Digg. These are called captchas, and they are used to prevent spammers from automating the login process and creating thousands of accounts in minutes. The scripts the spammers use are not smart enough (yet) to solve the CAPTCHAS. However, a number of research projects have been able to beat the visual CAPTCHAs by using following methods

1. Pre-processing: Removal of background clutter and noise.
2. Segmentation: Splitting the image into regions which each contain a single character.
3. Classification: Identifying the character in each region.

The captchas are being  made increasing more difficult for a human to read.  In the very near future, a program will have an easier time solving the puzzle than humans will and the point of this additional security measure would be nullified.

Google has realized this and is trying a different and much needed approach. The new captcha method will require users to choose the correct orientation of a picture or which picture is a cat, rather than decipher a word. This method effective as it is difficult for a program to determine what should be right side up or the difference between a cat and a dog. Other methods make you solve a math problem or answer a common knowledge question.

This makes much more sense to me than trying to figure out what the letters in the box are. The issue with these methods is the inability for visually impaired people to use these systems.  Such CAPTCHAs may make a site incompatible with Section 508 in the United States.  In order to comply with this regulation the site  should allow blind users to get around the captcha, for example, by permitting users to opt for an audio or sound CAPTCHA. It will be only a matter of time before the hackers try finding vulnerabilities in the audio captcha. Perhaps answering a question that a human would know and that can be provided in audio format is a way of providing security and accessibility.

My wife and I occasionally play World of Warcraft, but she is much more of a WoW-head than I am. I often hear from her that it is difficult to get a good cohesive guild and that makes playing end-game content a frustrating process. That’s when we came to the conclusion that there should be an e-Harmony or Chemistry.com for guilds so you can ensure your guild members will be compatible with each other. I created a proof-of-concept site using an open source social networking framework Elgg. Then I went to see if someone else has already had this concept, and of course they beat me to the punch again.

The site WoWHeadhunter.com is a place where those recruiting for a guild can screen potential guild mates based on the culture of the guild. Built more like a job site like Monster.com, those looking for a guild can search through recruiting guilds based on their class and server. The site uses some logic based on the guild culture to determine if you are a fit for that guild. Guild culture is determined on whether the guild members are Reckless / Deliberate, Sociable / Competitive, Fun /Serious, and  Learners / Veterans. You can then apply to the guild and begin interviewing with the guild. Guild leaders post the classes they are recruiting and the requirements of applicants.

The site and has been reviewed by GameSpot and WoW Insider and has the concept that I was going for, except my twist would have been to make it more like a Facebook for WoW players and Guilds. Well at this point I feel I have missed the boat and will not continue to develop this any further. I am glad to have played around with Elgg since it gives me ideas for other projects. What do you think about continuing development on this concept?

I was trying to write to a file in ASP.Net and was getting the following error:

Access to the path “D:\WEB\******\dump.csv” is denied.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access to the path “D:\WEB\******\dump.csv” is denied.

ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate=”true”/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET write access to a file, right-click the file in Explorer, choose “Properties” and select the Security tab. Click “Add” to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.

I thought this would be an easy fix. I added the permissions that the error specified but that did not fix the problem. In addition to the {MACHINE}\ASPNET account you also need to give permission to the NETWORK SERVICE account to the file/directory. Hope this helps you too