Learning time : CAPTCHA

We’re going to learn how how CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) works and how it minimizes automatic sign-up of forms. We will also be creating a simple CAPTCHA script in PHP to illustrate this.

Basically CAPTCHA works in the following manner:
  1. Create Random Value: Some random string is generated, random values are often hard to guess and predict.
  2. Generate an Image: Images are used as these are generally a lot harder to read for computers while being nice and readable to humans. This is also the most important step as simple text in images can be read (and CAPTCHA cracked) quite easily. To make it difficult for them, developers employ different techniques so that the text in the image becomes hard to read for computers. Some create zig-zag lines for background while others twist-and-turn individual characters in the image. Possibilities are many and new techniques are being developed all the time as crackers are always into finding ways to break them.
  3. Store it: The random string generated (which is also in the image) is stored for matching the user input. The easiest way to do so is to use the Session variables.
  4. Matching: After the above step, the CAPTCHA image is generated and shown on some form which we want to protect from being abused. The users fills in the form along with the CAPTCHA text and submits it. Now we have the following:
    • All submitted form data.
    • CAPTCHA string (from form), input by user.
    • CAPTCHA string (real one, generated by us), from session variable. Session variable is generally used as it can keep stored values across page requests. Here, we needed to preserve stored values from one page (form page) to another (action page-that receives form data).
  5. If both match, it’s okay otherwise not, in that case we can give the user a message that the CAPTCHA they had entered was wrong and their form could not be submitted. You could also ask them to verify it again.

CAPTCHA Generation and Matching

From the above image it’s quite clear that when someone requests the form page, the CAPTCHA text is generated and sent back to requesting user, but only in the form of an image. If the requester is a human he’d not have much difficulty reading the image and inputting the text when asked but if it’s a bot it might face difficulties guessing whats in the image. In the next step when we match the string generated and the one the user had input, we can restrict automated form submissions.

The following is the code that does this, it’ll just output the CAPTCHA image to the browser when the script is requested:

/********************************************************
* File:        captcha.php                             *
* Author:      Snehal Masne                            *
* Date:        12-Mar-2009                             *
* Description: This file can be embedded as image      *
*              to show CAPTCHA/                        *
********************************************************/

// The number of characters you
// want your CAPTCHA text to have
define('CAPTCHA_STRENGTH', 5);

/****************************
*        INITIALISE        *
****************************/
// Tell PHP we're going to use
// Session vars
session_start();

// Md5 to generate the random string
$random_str = md5(microtime());

// Trim required number of characters
$captcha_str = substr($random_str, 0, CAPTCHA_STRENGTH);

// Allocate new image
$width = (CAPTCHA_STRENGTH * 10)+10;
$height = 20;

$captcha_img =ImageCreate($width, $height);

// ALLOCATE COLORS
// Background color-black
$back_color = ImageColorAllocate($captcha_img, 0, 0, 0);

// Text color-white
$text_color = ImageColorAllocate($captcha_img, 255, 255, 255);

// Line color-red
$line_color = ImageColorAllocate($captcha_img, 255, 0, 0);

/****************************
*     DRAW BACKGROUND &    *
*           LINES          *
****************************/
// Fill background color
ImageFill($captcha_img, 0, 0, $back_color);

// Draw lines accross the x-axis
for($i = 0; $i < $width; $i += 5)
ImageLine($captcha_img, $i, 0, $i, 20, $line_color);

// Draw lines accross the y-axis
for($i = 0; $i < 20; $i += 5)
ImageLine($captcha_img, 0, $i, $width, $i , $line_color);

/****************************
*      DRAW AND OUTPUT     *
*          IMAGE           *
****************************/
// Draw the random string
ImageString($captcha_img, 5, 5, 2, $captcha_str, $text_color);

// Carry the data (KEY) through session
$_SESSION['key'] = $captcha_str;

// Send data type
header("Content-type: image/jpeg");

// Output image to browser
ImageJPEG($captcha_img);

// Free-Up resources
ImageDestroy($captcha_img);

How To Lock Your Computer With USB Drive

Tired of people starting your computer when you are not around and messing up custom settings? Wouldn’t it be cool if you could lock your computer by just removing your USB stick from it? I’ll show you how you can use your USB stick, Flash Drive or Pen Drive what ever you call it to lock your computer, among other things…


Boot Lock
 
This trick will allow you to use your USB to BOOT into Windows. If someone tries to start the computer without your USB stick, it will display boot errors. Before begin, you playing with the BIOS and boot files of your computer may result in you not being able to boot into your Windows partition; so continue at your own risk! 

Things you need: A 64MB or larger sized USB Stick, Windows Recovery Disk (just in case). Unhide hidden and protected files : Go to Tools > Options > View, check Show hidden files and un-check Hide protected system files.
  • From the drive where Windows is installed (normally C:\), copy the files boot.ini, ntdlr and NTDETECT.COM to your USB Stick.
  • Now, we need to go into your BIOS, so restart the computer and keep jabbing [F8] as soon as the computer starts.
  • Once in the BIOS, enable USB Drive as the first boot device. You might have to enable USB Legacy  Support on older BIOSes.
  • Restart your computer, if all goes well, you should be able to log into Windows. If not, then unplug the USB Stick, return to the BIOS and change the First Boot device to your hard disk drive and repeat the steps above.
  • Once you are logged into Windows, go to your Windows drive and rename boot.ini to boot.bak.
  • To check if you have setup everything correctly, eject your USB stick and reboot the computer. You should get error messages on the screen such as Invalid Boot.ini” or “Windows could not start”.

That's it !   :)

Google launches 'Swiffy' that Converts Flash to HTML5

Converting SWF files (the file format for Flash) to HTML 5 is now become possible with Swiffy.Googlelabs.com. 

Yes, Google's Swiffy makes Flash files HTML5 friendly, indirectly Google comes with Adobe Flash killer.. !

Using conversation tool, you will be able to reuse Flash content on devices which are not having Flash Player. You just need to upload SWF file to convert Flash Swf to HTML 5 video.


Swiffy.Googlelabs.com has been started in 2011. Swiffy is launched by Google Labs to convert Flash File to iPhone Friendly HTML5. Swiffy tool is like Adobe, called as WallyBy. The main difference between Swiffy and WallyBy is that Swiffy is web-based tool and code is made and compressed in a way which creates editing difficult, while Wallaby is a type of client which only works on Windows PC or Mac and the code is intended to be edited and reused. You can convert maximum 512 KB Flash files (.swf) into HTML 5 content.


How it works?


You don’t require registration to Convert Flash SWF to HTML5 Video at Google’s free online tool. To convert files into HTML5 Video, just upload flash file from your computer. Once you upload it, you can open flash files in any computer that does not contain flash player. You can also convert flash file into HTML, CSS, JavaScript, and SVG. Currently, the output of site only works on webkit-based browsers including Apple Safari and Google Chrome and Swiffy supports a division of ActionScript 2.0 and SWF 8. It works only with animation and content prepared using Flash 8.


Pros:

  • Convert Adobe Flash animation SWF Files into HTML5 easily
  • Open HTML 5 video on any computer which has no Flash Player

Cons:

  • Convert maximum 512 KB Flash files (.swf) into HTML 5 content

Swiffy vs. Wallaby


It should also be noted that Adobe launched a similar tool known as Wallaby in March. Like Swiffy, Wallaby converts Flash to HTML5, and again, mainly for the purpose of converting ads. Google explains the differences between the two programs in its FAQ:

Wallaby is an installable tool that converts .fla files, whereas Swiffy is a web-based tool that converts .swf files. Wallaby focuses on reusing parts of a Flash file in HTML, and thus produces code that can be edited by the developer, whereas Swiffy generates an efficient format that is not that easily editable.

For what's it's worth, Adobe says it's happy about Swiffy:

Adobe is pleased to see the Flash platform extended to devices which don't support the Flash player. The result is that anyone creating rich or interactive ads can continue to get all the authoring benefits of Flash Pro and have the flexibility to run the ad in the Flash Player or HTML depending on what's available on the system. Google and Adobe look forward to close collaboration around efforts like these.


Have you tried using Swiffy yet to convert any of your flash animations to HTML5?