This solution, too, isn't perfect, because those auto-fill features like Safari's will still fill in the invisible box, and not everyone has CSS turned on.
The bottom line: We can all agree that Captchas are horrible, but we can't agree on a perfect solution. But if you're a Web-site owner, consider this: the spammers don't have much interest in you unless you're a major site. If you're a relatively small site, you can probably get away with using one of the easier blockades described here or an automated spam-blocking trick (www.sitepoint.com/captcha-alternatives)—or none at all.
See what we're tweeting about
13 Comments
Add CommentHow about if we just shoot hackers whenever we find them. Problem solved.
Reply | Report Abuse | Link to thisThat's a little drastic don't you think?
Reply | Report Abuse | Link to thisI was thinking more along the lines of something more simple and proportionate, like cutting off their hands.
How about a captcha that triggers with suspicious traffic load instead of all the time?
Reply | Report Abuse | Link to thisThe solution to many internet problems might be to create the ability to trace any post to the person who originally posted it; name address, and phone number. I have no idea if this could be possible but we who do nothing to be ashamed of online would probably not mind and those who do abuse the internet might become a bit more hesitant.
Reply | Report Abuse | Link to thisAfter all, cell phone use can be tracked and few complain about that. Yeah, I know, some cell phone users still do some incredibly stupid stuff but at least if it's criminal they stand a pretty good chance of getting caught.
But there are legitimate reasons for anonymity. What if you're a whistle-blower, or you live in a repressive country? Or if you're posting something controversial or "blasphemous" that might anger a lot of people or have other repercussions. Anonymity can literally be a matter of life and death. And then sometimes you just want a little privacy online, or you want the freedom to adopt multiple identities. The ability to act anonymously is vitally important to a free society because it is vitally important to free speech and privacy.
Reply | Report Abuse | Link to thisUsing a screening method that doesn't work well for non-english speakers doesn't seem like it would be much of a problem for sites that have content that is entirely English.
Reply | Report Abuse | Link to thisFor that matter how would a non-english speaker understand the instructions associated with captcha's.
You are right, of course. Could the Arab Spring have occurred without anonymity? I don't know. On the other side there are so many instances of personal attacks, bullying, spreading lies, libel, defamation, and the sometimes overwhelming burden of spam ans phishing. How much damage do these things do and do they put the freedom of the web itself in jeopardy?
Reply | Report Abuse | Link to thisHow do we find a way to curtail the misuse of anonymity for harm and still allow the uses that you outline?
I forgot to mention that the only site that uses captchas that I can navigate is Scientic American.
Reply | Report Abuse | Link to thisHere's another approach not mentioned in the article: http://www.confidenttechnologies.com/Confident_CAPTCHA_Demo
Reply | Report Abuse | Link to thisIt's a picture-based approach. Bots typically don't have the intelligence to be able to determine the semantic meaning of the subject matter of each photo. (e.g. "That's a picture of a house versus a picture of a boat", etc.). it takes just a few seconds for people to solve because you are simply asked to click on a few pictures. There's an audio option for the visually impaired and support for foreign languages for non-English speakers.
Seems to me that, in about 12 lines of js, you could do the following:
Reply | Report Abuse | Link to this1) set up a key listener
2) once any key is pressed, set a global boolean to true
3) turn off your key listener after #2 is accomplished (if you wish)
4) script the form to only be submitted if the global variable is true.
Any holes in this technique?
Ron
Captchas are too much annoying and inefficient; there's a good alternative technology called 'keypic', which does not make users verify their not being spammers. users don't pass any tests at all. and by the way, keypic won't cost you anything, just download a plugin you need, and that's it.
Reply | Report Abuse | Link to thisYes, there are holes in your technique but it may be a good first step though. Not all bots are sent from the form itself. The data can be remotely sent. Remote bot posts can be easily stopped by comparing the source and destination IP address, that is until they find a way to circumvent that too.
Reply | Report Abuse | Link to thisTo fight bots, it is best to use a combination of methods but you should avoid any user verification such as Captcha, picture methods and puzzles. IP verification, honey pots and imaginative JS tricks can stop most bot attacks on small to medium web pages. For larger websites, it is best to use an external service that can stop offensive comments as well as advertising, phishing etc.
Thanks for the information in Keypick Giulia. It looks like an effective way to stop bots attacks. It is funded by advertising using a small image to replace the annoying Captcha field.
Reply | Report Abuse | Link to this