Stack Exchange submits these to Ars (or at least, has some sort of deal), everything is linked off to Stack Exchange, and it says Stack Exchange all over the page. I dunno if you can call it 'ripped off', just because…
I wonder if a good approach would be to provide an audio-only website if you use the audio-only CAPTCHA? Cracking one word is one thing, but if the website then goes on with "Press 1 for your account balance..."
I don't think you'd be blowing it if you have a reasonable idea that the site owner just isn't big enough to get Google to return their calls.
The hack seems very well planned - I wonder just how many smaller sites have been hacked the exact same way as practice, and not picked up since they didn't have direct access to Google's security people?
Stack Exchange submits these to Ars (or at least, has some sort of deal), everything is linked off to Stack Exchange, and it says Stack Exchange all over the page. I dunno if you can call it 'ripped off', just because…
I wonder if a good approach would be to provide an audio-only website if you use the audio-only CAPTCHA? Cracking one word is one thing, but if the website then goes on with "Press 1 for your account balance..."
I don't think you'd be blowing it if you have a reasonable idea that the site owner just isn't big enough to get Google to return their calls.
The hack seems very well planned - I wonder just how many smaller sites have been hacked the exact same way as practice, and not picked up since they didn't have direct access to Google's security people?