

Google's CAPTCHA experiment and the human factor - edw519
http://blogs.zdnet.com/security/?p=3178

======
ashleyw
Captchas were designed to distinguish bots from humans. But that's no longer
the problem[1].

You've just got to assume even a "bot" is human now. Casinos don't spot many
cheaters at the door, but rather spot them in the act by monitoring their
behavior.

[1] Though still an issue, I don't think removing them totally would do much
good, you still dont want people cause semi-malicious damage of your site for
even non-profit reasons, such as the Time 100 poll which has been gamed by
4Chan (not that Time introducing a captcha has stopped them though, just
slowed them down — however I highly doubt they'd have started it if the
captcha was in place from day one)

------
Celcius
I wish more people would realized how cheap and easy it is for spammers to
break captchas and how extremely hostile captchas are towards people with
disabilites. Deaf-blind people aren't helped by the sound alternative, the few
times that's even an alternative. The only protection captchas give is one of
inconveniance for spammers, it's not a working obstacle and the whole idea is
flawed.

Spammers can be fought by traffic analysis, communication caps and community
based moderation. Even if you are absolutely insisting on captchas please
don't do it as a first line of defense, use them on spikes like how youtube
handles mass comment voting.

