I've always hated CAPTCHA, so I use a simple javascript human-detection script on the blog host that I run.
I keep records of all the spam that gets filtered on the site and why. Surprisingly, the human detection filter hardly ever gets triggered anymore. It used to in the past, but it seems that we've passed the point where spammers use scripts anymore. Nowadays it's all done by cheap laborers.
Granted, the site requires users to register before posting, but the registration form is seeing significantly less "robot accounts" than it used to.
I imagine that IPv6 will make blacklisting IP addresses more difficult, as the 65,536 addresses in a /48 network prefix could either belong to one person or an entire organisation, and there are many tunnelling services offering /48 prefixes to anyone, meaning a spammer could easily acquire millions of different addresses.
no, /48 just becomes the new /29. it doesn't matter that there's many millions of addresses in the space instead of 8, it's still one contiguous space assigned to one customer, so you just blacklist the entire /48. it's currently done with entire /24s for big spammers.
ipv6 tunneling services have been around for quite a while and have dealt with spam fairly well, which is to say there's hardly any spammers using them because there's nothing worth spamming on ipv6 yet. by the time there is (meaning lots of mail servers), native ipv6 will be so prevalent that most tunnel services won't be needed, or will be much smaller and easier to police.
It's clear that CAPTCHA is not a cure-all, and needs to be combined with content filtering and IP banning and other techniques. But (as we say in the show) the idea is to make spam uneconomical with a minimum disturbance to the user. Some users (e.g. handicapped, impatient) are obviously more disturbed by it than others.
Captchas are something I was seriously looking at when writing my thesis.
Because I could never find any website which had good examples on how to decode them when I finished I wrote this article http://www.wausita.com/captcha/ which shows from a very low level how to extract text from a picture and then read it.
I post it here because anyone looking at this podcast may find it useful or interesting.
I keep records of all the spam that gets filtered on the site and why. Surprisingly, the human detection filter hardly ever gets triggered anymore. It used to in the past, but it seems that we've passed the point where spammers use scripts anymore. Nowadays it's all done by cheap laborers.
Granted, the site requires users to register before posting, but the registration form is seeing significantly less "robot accounts" than it used to.
I actually blogged about this last week: http://www.expatsoftware.com/articles/2010/03/care-and-feedi...