Re: ASCII Captcha

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At 3:41 PM +0100 8/29/08, Stut wrote:

-Stut:

I agree with some of what you're saying here, but only to a certain extent. CAPTCHA's are a tool that can be applied to any number of different situations, so a blanket statement like that cannot possibly apply.

Of course blanket statements can't apply to everything, but they can generate debate and thus the reason why I wrote it that way -- to generate discussion.

---
The main project I work on at the moment is a classified ad site and it has CAPTCHA's in three places.

-snip-

I understand there are different reasons behind the use of CAPTCHA's, but in the end they still present accessibility problems. And their use is a trade-off that you accept.

In essence you are saying I understand the problems and this is my best solution. You are cutting out a segment of the population due to the fact that you cannot create a better solution.

Don't get me wrong -- I fully understand the problems involved and there may not be a better solution. But to employ CAPTCHA's, means that there isn't.

---
So I agree that CAPTCHA's do not and cannot solve the problem of unwanted form submissions, but they're a damn good start.

I agree with most of that, but I think the "they're a damn good start" is really "this works and that's that."

It's like the saying "Why are the things I'm looking for always in the last place I find them?" They are because once you find them, you stop looking. Likewise, the CAPTCHA is a good place to stop.

---
Whatever we do, the simple fact that we want users to be able to do something means that anyone can do it whether they have good intentions or bad, but we can put up as many obstacles to automation as normal users can live with. CAPTCHA's are only a defence against automation, not bad people and that's a very important thing to understand.


That's a very good point. I often think that people who employ these tactics (spam automation) actually know what they are doing when in fact they may not. They may be ignorant of the harm they cause.

---
The reason I asked the question is that your comments on that page imply that only lazy developers use them when this is far from the truth. They are a valuable tool and until something better comes along I'm gonna use them as part of my sites defences, unless you're volunteering to moderate >7k messages for me for free? Didn't think so ;)

I didn't mean to imply laziness, but now that you mentioned it -- on one hand we say that CAPTCHA is good enough until something else comes along, but on the other hand, because we are using CAPTCHA, there's no need to develop something else.

I realize that this problem is difficult and may be one of those thing that can't be solved with current technology -- I may be Don Quixote looking at windmills differently than others.

Thanks for your comments,

tedd

--
-------
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux