Captcha Experiment

Some of you may have noticed that my "comments" form is looking a bit weird lately... that's because I'm getting WAAAAY too much comments SPAM, and needed to experiment with CAPTCHAs. These are little forms that attempt to distinguish a SPAM robot from a real live human. I'm testing out several varieties to see which ones have been cracked, and which ones are relatively OK.

Naturally, there are many many problems with CAPTCHAs... if the test is too easy, spammers win. If its too hard, people can't solve it, and you don't get any comments. Not to mention its tricky to make one that works for blind and color blind users. And even the best CAPTCHA can be beaten by a "porn proxy": an evil site would offer something good for free (like porn) if a random user solves 5 CAPTCHAs... then the evil site re-uses those solved CAPTCHAs to put spam on somebody's web site.

Others say CAPTCHAs are pointless, and the only real way to prevent comment spam is to make people pay to comment. This could be a micropayment of 2 pennies... or it could be a difficult problem to solve that costs the commenter 2 cents worth of electricity because the CPU is crunching numbers.

I like the latter concept... For example, the SETI @ HOME folks could put together a mini applet that does 1 second worth of CPU work... and then the user configures how many seconds he requires of a commenter before they can post. Most folks wouldn't care less... but spammers might. You could solve very complex, and very useful scientific problems while fighting spam! Not bad... but of course then you'll need Java applets or JavaScript enabled... plus its usefulness is debatable against a zombie network.

I love saying stuff like that...

This is along the same lines of the reCAPTCHA project... which uses the standard image recognition CAPTCHA, except these are images taked from actual books that computers can't read. In theory, you help digitize old books while you fight spam... but my log files says reCAPTCHA has either been hacked, Drupal's implementation is flawed, or reCAPTCHA is popular amongst "porn proxies." Too bad... it was a good idea.

Some sites, like Lifehacker, force you to earn a trusted user account before you can comment. I'm hoping such a solution isn't needed... and I can come up with something that is cross cultural, and fair to the visually impaired.

I'll keep y'all informed of what I eventually discover.

Recent comments