Arris -- a lesser known manufacturer of router and other network equipment -- is another company, who is hiring a complete morons as a developers.
These idiots implemented CAPTCHA it in... router's control panel!
So, here it is, in case you wouldn't believe it:
I have never seen any kind of software or service where I'd be required to provide CAPTCHA to save settings in my very own profile or device's configuration!
For those, who doesn't catch the irony -- CAPTCHA is supposed to differentiate regular human legitimate user from automatic spambots. So, if a spambot gains access to my router's configuration (meaning: that a spambot has my login and password and is able to login) then I don't give a shit, if it is stopped by CAPTCHA from saving configuration or not. I am already screwed (bot has my password!).
In simpler words -- adding CAPTCHA to configuration software brings absolutely nothing in terms of increasing security. But it does increases user irritation a lot.
In even simpler words -- have you ever seen CAPTCHA in any place, which you can access only after login?
2 thoughts on “Arris and CAPTCHA”
It seems that the individual who wrote this article is either a newbie or is technically shortsighted. Where captcha shines is where brute force attacks occur. Since a hacker can process a million or more password attempts a minute, the captcha feature absolutely stops such attacks. The author of this posting are the ones that screw up the world. Due to their ignorance and/or laziness they fail to see the bigger picture.
Randal, instead of wasting your valuable energy on offending others, I suggest that you try to learn yourself the extremely hard ability of reading with understanding what others says to you.
CAPTCHA feature stops attacks ONLY when it is correctly implemented! Implementing CAPTCHA on settings page is as pointless as your vision of the world. And your lack of ability of thinking before posting!
CAPTCHA has to be implemented in login page, NOT in settings page!
Using CAPTCHA in settings page brings ZERO additional security. If any hacker or bot reaches your settings section, they already know your login and password. And CAPTCHA helps you nothing. You are already screwed!
Unfortunately, your brain seems too small to understand this obvious fact.
Your ignorance expressed in your comment is so extremely huge that I have nothing else to add rather than to cite the last sentence of my post (which you either didn't read or didn't understand): "Have you ever seen CAPTCHA in any place which you can access only after login?".
Reading at least one book on security or UX (or watching any YouTube video about that, if reading is painful to you) BEFORE you say or write anything about these topics could save the world and make our lives a little bit brighter. Unfortunately, again, your brain is too small to understand that.