4 + 2 = 42

Stop Bugging Me!

CAPTCHAs improve the security of the internet and are a necessary evil important for well-being of us all, right? Well, for the vast majority of internet users they are just a nuisance. They are like your greengrocer telling you, “hey, show me that you are not a cyborg before I let you pay your lychees and take them home”.

CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”, but despite the impressive homophon they are first and foremost an insult for legitimate users. Ask people on the street to show you cars, buses, street-signs on photos. Let them solve arithmetic problems for first graders or check whether they can tell apart a cat from a dog. Don’t let people get away with cheap excuses like “I cannot see”. Let them spell the words that you play for them with your broken tape deck from the seventies!

CAPTCHAs are also discriminatory. Most of the commercial captcha services offer variations for the tasks they are posing. But there will always be people that are incapable of solving any of the tasks provided for one reason or another. Be aware that you lock these people out.

There are countless creative ways of automatically telling humans and bot software apart that do not require any interaction. Actually, the methods used do not have to be particularly smart. It is mostly sufficient that they are not in wide-spread use so that they become an attractive target for spammers.

One very simple and surprisingly successful approach is to use honey pots, traps for spam bots. These are input fields that are hidden for humans, for example by deleting them programmatically before a human can fill them out. And this can be done in so many different ways that it is simply too annoying and expensive to automatically crack it. In fact, this is usually more successful than using one of the large services because these large services definitely are attractive targets for spammers, and they are cracked on a regular basis.

If you are a web site owner, it is normally in your interest that people visit your site. They help you increase your income or improve your ego or both. You should really not insult your users first, just because you are ignorant enough to let them do your job.


blog comments powered by Disqus