At 3:41 PM +0100 8/29/08, Stut wrote:
-Stut:
I agree with some of what you're saying here, but only to a certain
extent. CAPTCHA's are a tool that can be applied to any number of
different situations, so a blanket statement like that cannot
possibly apply.
Of course blanket statements can't apply to everything, but they can
generate debate and thus the reason why I wrote it that way -- to
generate discussion.
---
The main project I work on at the moment is a classified ad site and
it has CAPTCHA's in three places.
-snip-
I understand there are different reasons behind the use of CAPTCHA's,
but in the end they still present accessibility problems. And their
use is a trade-off that you accept.
In essence you are saying I understand the problems and this is my
best solution. You are cutting out a segment of the population due to
the fact that you cannot create a better solution.
Don't get me wrong -- I fully understand the problems involved and
there may not be a better solution. But to employ CAPTCHA's, means
that there isn't.
---
So I agree that CAPTCHA's do not and cannot solve the problem of
unwanted form submissions, but they're a damn good start.
I agree with most of that, but I think the "they're a damn good
start" is really "this works and that's that."
It's like the saying "Why are the things I'm looking for always in
the last place I find them?" They are because once you find them, you
stop looking. Likewise, the CAPTCHA is a good place to stop.
---
Whatever we do, the simple fact that we want users to be able to do
something means that anyone can do it whether they have good
intentions or bad, but we can put up as many obstacles to automation
as normal users can live with. CAPTCHA's are only a defence against
automation, not bad people and that's a very important thing to
understand.
That's a very good point. I often think that people who employ these
tactics (spam automation) actually know what they are doing when in
fact they may not. They may be ignorant of the harm they cause.
---
The reason I asked the question is that your comments on that page
imply that only lazy developers use them when this is far from the
truth. They are a valuable tool and until something better comes
along I'm gonna use them as part of my sites defences, unless you're
volunteering to moderate >7k messages for me for free? Didn't think
so ;)
I didn't mean to imply laziness, but now that you mentioned it -- on
one hand we say that CAPTCHA is good enough until something else
comes along, but on the other hand, because we are using CAPTCHA,
there's no need to develop something else.
I realize that this problem is difficult and may be one of those
thing that can't be solved with current technology -- I may be Don
Quixote looking at windmills differently than others.
Thanks for your comments,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
