[il-talk] Fw: Use It Better-8 Alternatives To Captcha
Don Gillmore
don.gillmore at gmail.com
Wed Feb 29 16:00:11 UTC 2012
So right
----- Original Message -----
From: Dick & Mary Scholl
To: Undisclosed-Recipient:;
Sent: Tuesday, February 28, 2012 7:29 PM
Subject: Fw: Use It Better-8 Alternatives To Captcha
----- Original Message -----
From: Tom Kaufman
To: Undisclosed-Recipient:;
Sent: Tuesday, February 28, 2012 6:19 PM
Subject: Use It Better-8 Alternatives To Captcha
Use It Better: 8 Alternatives to the Hated Captcha
?
Yahoo! News
Captchas are those annoying "What does this garbled text say?" puzzles that
you have to solve before you're allowed to sign up for something online.
(Read
more about Captchas in March's Scientific American.) They're designed to
thwart spammers whose automated software bots would otherwise pollute the
Web
site with phony sign-ups.
But Captchas are sometimes so difficult that even humans can't solve them.
And although they're no longer sufficient to stop spammers' increasingly
sophisticated
bots, they're 100 percent effective in keeping out blind people.
Various people have come up with alternatives to the hated Captcha. Each has
its charms-and its drawbacks. For example:
Task Puzzles, Image Puzzles In a world of tablets and touch-screen phones, a
typing puzzle is extra clumsy. In a task puzzle, you're asked to do
something,
like "Tap here if you're human." In theory, a software bot can't do that.
Unfortunately, non-English speakers won't know how to respond, either.
Some sites now offer image puzzles: "Draw a circle around the photo of a
lighthouse." Great-unless you're blind.
The Audio Captcha You hear a garbled, scratchy recording of someone saying a
word, and you're supposed to type in what it says. But the same problems
apply:
sometimes it's hard for even a human to understand the word, and of course
deaf people are left out.
The Math Puzzle Instead of trying to interpret a garbled-looking word,
you're asked to solve a simple math problem like "What's 3 + 3?" Both blind
people
and seeing people could solve this one.
The trick here, of course, is finding puzzles that are simple enough for
everyone to solve, regardless of education level-and still hard enough to
stop
automated software bots. "What's 3 + 3?" won't stop many determined spammer
bots.
The Trivia Puzzle Another proposal: Ask a pitifully easy question like,
"What color is the sky?" This kind of blockade is great if you're an English
speaker
and a perfect speller. Otherwise, it might keep out innocent bystanders as
well as bots.
Text-Message Verification When you try to sign up for a Google Voice
account, you're asked for your cell phone number. When you click "Connect,"
your phone
dings, and you're asked to type in a two-digit code that the Web site is
displaying. Fast, easy and foolproof-unless, of course, you don't have a
cell
phone or you're blind or you don't live in the United States.
The Confirmation-Page Trick Once you've filled in your sign-up information,
you click "Okay"-and you arrive at a final confirmation page, where a
message
says, "Click 'Confirm' if this information is correct." This non-puzzle
puzzle works very well, because software bots aren't expecting the
additional step.
Unfortunately, if yours is a popular site (such as Yahoo or Google), it
won't take long for the spammers to catch on.
The Timing Trick If you're a real person, it might take you a couple of
minutes to fill in the fields of a Web form; if you're a software bot, you
can fill
it in instantly. A Web site's code can measure the time it takes you to fill
in the form, and gauge your humanness that way.
Unless, of course, you use a Web browser (such as Safari or Firefox) that
offers a one-click "Fill in my standard information button," which would
make
the site conclude that you, in fact, are a software bot.
The Hidden-Field Scam The Web site's creator makes a tempting-sounding text
box labeled something like "E-mail address"-and then makes it invisible,
using
CSS (cascading style sheets) coding. Humans will never see that box, and
will leave it empty; software bots will fill it in.
This solution, too, isn't perfect, because those auto-fill features like
Safari's will still fill in the invisible box, and not everyone has CSS
turned
on.
The bottom line: We can all agree that Captchas are horrible, but we can't
agree on a perfect solution. But if you're a Web-site owner, consider this:
the
spammers don't have much interest in you unless you're a major site. If
you're a relatively small site, you can probably get away with using one of
the
easier blockades described here or an automated spam-blocking trick
(www.sitepoint.com/captcha-alternatives)-or none at all.
Follow Scientific American on Twitter @SciAm and @SciamBlogs. Visit
ScientificAmerican.com for the latest in science, health and technology
news. © 2012
ScientificAmerican.com. All rights reserved.
__________ Information from ESET NOD32 Antivirus, version of virus signature database 6923 (20120228) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET NOD32 Antivirus, version of virus signature database 6923 (20120228) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
More information about the IL-Talk
mailing list