

I’m a bot - infinity
http://handrooster.com/2007/04/27/im-a-bot/

======
tdavis
I was unaware how abysmal the voice version of some CAPTCHAs were until I
tried one a week ago, having failed 5 times to register for an account
somewhere. It was completely intelligible. If that was the standard, blind
people must be completely incapable of registering for most sites (never mind
the constant breaches of accessibility most sites engage in.)

~~~
clippy
Did you mean unintelligible?

~~~
tdavis
Ha! Yes, that _would_ make more sense in context, wouldn't it... ;)

------
RyanMcGreal
Instead of captchas, which I can't stand doing myself and didn't want to
impose on my site users, I implemented a three-pass filter for anonymous
comments:

1\. Answer a simple math question (e.g. "What do you get if you multiply 5 by
1?").

2\. Hidden form field that is supposed to stay empty.

3\. Spam word filter ("cialis", "levitra", etc.).

After I put this in place a couple of years ago, the daily number of spam
comments my site got dropped from 200 to zero. I was worried that it wouldn't
last, but to this day I've only had to delete about five spam comments in
total - and they were posted in registered user accounts.

~~~
po
If you have a high-value site, none of those will work. By making your form
different than the masses, you've protected yourself from common attacks.
Diversity is good.

However, if you are implementing a sign-up form for an email service there
really isn't a great way to detect fraudulent signups without using a captcha.

That being said, the end game is that the bots will be able to detect anything
a human can. Already, they can detect better than elderly or disabled humans.
The path to take in this is to get better at automatically detecting behavior
we don't want (wether via human or bot) and to block or delete it.

~~~
Retric
I think the simplest solution is adding your phone number and have the website
call you back with the first password. Granted it's not anonymous for the user
and not free for the website. You would still need to ban accounts that
generated spam, but that now becomes a useful tool.

PS: Runs to the patent office...

------
Pistos2
Obviously it has failed to received widespread adoption to date, but I've
always thought that the hashcash concept was technically sound, and generally
applicable for both web and email.

<http://www.hashcash.org/>

~~~
Retric
Botnet's have plenty of computational power on tap.

------
dustingetz
Google and openid providers should host captchas and keep track of pass rates.
Im getting sick of doing 5 captchas on stackoverflow every time I ask and
revise a question. I've easily done several hundred of them, im not a bot for
chissake.

~~~
jerf
Sorry, they can't do that. Then an attacker could do one or a small number of
CAPTCHAs, and then use the now-proven-"good" account to do some amount of
mischief before getting shut down, where the amount of mischief is
proportional to how much Google et al accommodate your otherwise-reasonable
request.

~~~
dustingetz
trust can be more than a boolean, and P(captcha) can be proportional to my
trust. I bet of the people who have done hundreds of captchas on
stackoverflow, exactly zero of them are going to bot their accounts.

------
anigbrowl
Whew, it's not just me then. I've never been a fan of captchas, they're only
useful to the extent that a fake account/transaction has a lower economic cost
than the price of hiring someone for 2 minutes on Mechanical Turk.

~~~
smallblacksun
The main thing that they are used for is protecting against spam, which has a
very low dollar to account/post ratio, almost certainly lower than the cost to
use Mechanical Turk.

------
kyochan
I'm a bot, because I couldn't tell the difference between dogs and cats while
using Rapidshare a few years back.

~~~
adatta02
I've always been interested in truly alternative captcha designs. I like the
"math problem" idea or even something crazier like reading the time of an
analog clock?

------
kingkawn
wait, that's not XKCD?

~~~
klipt
Much as I enjoy xkcd, I have to point out that it doesn't have a monopoly on
stick men. Prior art and all that.

~~~
kingkawn
true enough in general, but it is clearly the origin of stick people talking
about hacker stuff.

------
dbz
These piss me off more than job interviewers that ask me how I would make a
bicycle for a blind man or how to figure out how much a plane weighs ect...

That's a lie. I find those questions more amusing, but I hope my point is
still seen =p

