Nice article on accessibility and usability improvements to “CAPTCHA” technologies.
Generally, I’m not personally in favour of CAPTCHA - it’s essentially an exercise in security through obscurity. That means it won’t be long before those who find it a problem (spiders and bots) get better software that removes the obscurity. Long in this context means weeks rather than years.
If you have to do it, this implementation seems pretty cute.
Update
John K pointed out the timescale of CAPTCHA obscurity. I radically reduced the estimated time to crack. Guess you need to be really obscure to be secure…
John K wrote,
Actually, in the spam wars, long means 1 week, not 1 or 10 years.
Spammers & hackers have already perfected ways to defeat most CAPTCHAs without much hassle.
So now, CAPTCHAs are mostly impediments for the normal user.
Similarly, anyone who thinks they are protecting their email by using:
bob (at) bla (dot) com
or anything similar, is simply naive. In fact, do a google search like this:
*(at)*(dot)
and you’ll see you’ve just made it insanely to find those emails :)
Link | November 30th, 2006 at 7:43 pm
Jeremy Chatfield wrote,
Well - damn - you’re right. All those people telling me that character recognition was a tricky problem, defeated by raw power of spam. I guess if I’d ever deployed CAPTCHA, I’d have known. :)
I wonder if there’s a way to get spammers to tackle any other issues in AI. AI is *always* 10 years away…
Link | November 30th, 2006 at 8:00 pm