

Humans Only - a podcast look at CAPTCHAs from Hacker Medley - natfriedman
http://hackermedley.org/archives/96

======
jasonkester
I've always hated CAPTCHA, so I use a simple javascript human-detection script
on the blog host that I run.

I keep records of all the spam that gets filtered on the site and why.
Surprisingly, the human detection filter hardly ever gets triggered anymore.
It used to in the past, but it seems that we've passed the point where
spammers use scripts anymore. Nowadays it's all done by cheap laborers.

Granted, the site requires users to register before posting, but the
registration form is seeing significantly less "robot accounts" than it used
to.

I actually blogged about this last week:
[http://www.expatsoftware.com/articles/2010/03/care-and-
feedi...](http://www.expatsoftware.com/articles/2010/03/care-and-feeding-of-
happy-spammer.html)

~~~
jamt9000
I imagine that IPv6 will make blacklisting IP addresses more difficult, as the
65,536 addresses in a /48 network prefix could either belong to one person or
an entire organisation, and there are many tunnelling services offering /48
prefixes to anyone, meaning a spammer could easily acquire millions of
different addresses.

~~~
there
no, /48 just becomes the new /29. it doesn't matter that there's many millions
of addresses in the space instead of 8, it's still one contiguous space
assigned to one customer, so you just blacklist the entire /48. it's currently
done with entire /24s for big spammers.

ipv6 tunneling services have been around for quite a while and have dealt with
spam fairly well, which is to say there's hardly any spammers using them
because there's nothing worth spamming on ipv6 yet. by the time there is
(meaning lots of mail servers), native ipv6 will be so prevalent that most
tunnel services won't be needed, or will be much smaller and easier to police.

------
boyter
Captchas are something I was seriously looking at when writing my thesis.

Because I could never find any website which had good examples on how to
decode them when I finished I wrote this article
<http://www.wausita.com/captcha/> which shows from a very low level how to
extract text from a picture and then read it.

I post it here because anyone looking at this podcast may find it useful or
interesting.

