Captcha is broken – now what? The Guardian. I was quoted in today’s Guardian, which consistently has some of the best tech coverage around. ¶
24 Responses
Share your thoughts
You should follow me on twitter here.
Recent Essays
Projects
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- More...
Stephen R | August 28th, 2008 @ 12:57 pm |
I’ve been working on improvements to Andy Skelton’s Quiz plugin. Basically you make a custom question for each post, when you write it.
I like the idea of this a lot because it means that not only do you have to have human comprehension, but you have to have actually read the post. Slows down (hugely) the “captcha farm” spammers, and thins down frivolous comments to boot.
Martin | August 28th, 2008 @ 1:54 pm |
I hate Captcha with a passion. I have five sites and none will ever use it. I use Akismet and comment moderation and that pretty much solves everything without and hassles for my users or me.
m@ | August 28th, 2008 @ 2:05 pm |
The problem lies in usability vs. vulnerability. You want to make it as easy as possible for users while making it as hard as possible for spam bots. Captchas were never easy for users, and apparently now they’re easy for bots. Group sourcing filtering isn’t necessarily the answer either as you have to worry about bots being in the group. Now what? That is indeed the question.
Titanas | August 28th, 2008 @ 3:11 pm |
It was about time for someone to call captcha a bane. Sometimes it takes me 2-3 reloads to figure out what the captcha is displaying just to register to a service..
lemming | August 28th, 2008 @ 9:36 pm |
Congrats, Matt.
Btw. you have the best jolted domain i’ve ever seen so far.
Pingback: Le Weblog de Frederic Bezies » Archive du blog » Le captcha : gadget inutile ?
Inge Janse | August 29th, 2008 @ 3:43 am |
“Just because something came from a real human being doesn’t mean it isn’t spam, which is why content-based solutions like Akismet are the only long-term solution to the spam problem.”
Excellent quote. That pretty much dismisses all alternatives given in the article.
Neil | August 29th, 2008 @ 4:12 am |
Aww the guardian, for the intellectual man, good read!
nathan | August 29th, 2008 @ 5:42 am |
My first thought was, ‘not only is it broken, it’s also really annoying.’
Very interesting it starts with a Matt quote and ends with a Matt quote.
Obviously, someone has a good handle on how to fix captcha…
Lloyd Budd | August 29th, 2008 @ 8:20 am |
That article is disappointing in it doesn’t even mention reCAPTCHA. Maybe, they decided that reCAPTCHA got enough play in the news mid-month.
I can’t stand craptcha, but if someone really, really, really feels they must use it, reCAPTCHA seems like the way to go. You are both helping a great cause and there are accessibility options.
Khürt Williams | August 29th, 2008 @ 9:00 am |
I hate captcha! Hate! Hate!
Pingback: Captcha Broken says Matt, I agree! | Strangely Perfect
lambic | August 29th, 2008 @ 11:26 am |
I wrote about the horribleness of Captchas back in 2006 (http://www.lambic.co.uk/blog/archives/2006/12/captchas-who-needs-them/), why didn’t they quote me?! Oh right, I didn’t create the internet’s most popular blogging engine, sorry, forgot that part
Jacques Marneweck | August 30th, 2008 @ 9:59 am |
Something I found quite amusing on the subject of captcha’s today – there is a booming industry in India of guys employed to reply to captchas (http://blogs.zdnet.com/security/?p=1835)
::Wendy:: | August 30th, 2008 @ 2:43 pm |
‘are you mouse or man’ or girl?
The guardian for the intellectual man (Niel’s comment) come on fellows – at least demonstrate in your language that you are aware that women can write spam bots, spam, and be intellectuals.
amolpatil2k | August 30th, 2008 @ 9:09 pm |
Comment spam is a serious problem. There are 4 defences Captcha (proactive), filters like Akismet (reactive), admin moderation (reactive) and reader flagging (reactive). The problem with Akismet is that it is not transparent. How do we know it doesn’t harbor a bias in the guise of secret algorithms.
Michael Hampton | August 30th, 2008 @ 10:28 pm |
Hm, that reporter should have talked to me.
Pushkar Arora | August 30th, 2008 @ 11:14 pm |
‘ companies such as Microsoft are not abandoning the system. “We are updating our Captcha system to be both more readable for customers but more difficult to break through” ‘
Why waste more time and technology on something that, eventually is going to fall again.
Matt’s quote in the closing part in the article really defines what needs to be done ultimately for a spam free web.
Tim | August 31st, 2008 @ 8:37 am |
And unfortunately, it is also true that just because Akismet (or any content filter) says something is spam doesn’t mean it is spam. A valid message marked as spam by a filter isn’t a good user experience either.
Sure, we can review comments marked as spam, but if I’m going to review 100% of the filtered comments for false-positives, why have a filter at all?
I’m no fan of captchas either, but silently discarding a valid message that doesn’t pass a filter is an even poorer experience for that user and unacceptable to my application.
Chris Messina | August 31st, 2008 @ 10:59 pm |
Was also disheartening to discover how Mechanical Turk is being used for spamming purposes as well:
http://www.readwriteweb.com/archives/amazons_mechanical_turk_used_for_fraud.php
An Tu | September 1st, 2008 @ 2:59 am |
I never like the captcha system, none of my site use it
Paul B. | September 1st, 2008 @ 2:52 pm |
Your final quote is dead on. The focus should not be on whether the viewer is human or not, but rather we should focus on the content/data, which is where the spam actually is.
Sniff | September 2nd, 2008 @ 3:50 am |
Maybe you’ll find interesting CAPTCHA I’ve wrote – tEABAG_3D, you can see it at http://ocr-research.org.ua
Jeffrey Morgan | September 3rd, 2008 @ 2:11 am |
Moderating comments is the only sure way to avoid automated spam. I moderate comments on my blog and part of the moderation process is investigating the URL provided by the poster. Content which at first seems OK is often revealed to be spam when I look at the poster’s web page.