On Sat, 2008-08-30 at 15:02 +0100, Stut wrote: > On 30 Aug 2008, at 14:05, tedd wrote: > > At 11:39 PM +0200 8/29/08, Jochem Maas wrote: > >> I think both tedd and Stut make good points, I guess we'll all be > >> hacking away at such issues for a long time to come. > > > > That's the nature of the beast (no not Stut!) > > I am Stut - hear me Roar!! > > CAPTCHA's are not a magic bullet, and I'm definitely of the opinion no > such bullet exists. Each problem is different and we need to think > about them differently. We all know there has to be a better way, and > I think we all agree that if possible we wouldn't be using them at > all. However, while we must recognise that each site we create will > present different opportunities for validating UGC without needing to > "fall back" to CAPTCHA's we must also recognise that CAPTCHA's work to > a certain extent and should not be avoided simply because they're not > perfect. > > I can't remember who said it and I apologise for that, but someone > mentioned that the person who comes up with a better replacement for > CAPTCHA's will make billions. Unfortunately this is not true. Any idea > that has the potential to change the way the world works or plays will > not reach that potential if it comes with prohibitive licenses or > royalty fees attached. If it works make it free or adoption will be > severely restricted which makes it essentially worthless. > > That's all I've got to say about that. Unfortunately I see a convergence of conventional email spam technologies and online web form spam technologies. Basically this means wasted time and computer energy filtering out all the crap. As Stut has pointed out already, the best filter for spam I've encountered is to reject posts with links :/ Another approach in a similar vein is to calculate the link to non-link content ratio. I've noticed most spammers just post a block of links or a sinle link without any content. Unfortunately, ratio measuring will not be a lasting measure for reducing spam and we may end up employing full on measures of the likes of spamassasin once CAPTCHA becomes more weak to automated attacks. Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php