Captchas: Difference between revisions
From ASRG
Jump to navigationJump to search
No edit summary |
(Added note that spammers can simply pay people to solve CAPTCHAs.) |
||
| (One intermediate revision by one other user not shown) | |||
| Line 15: | Line 15: | ||
* All of the general problems with [[Challenges]] | * All of the general problems with [[Challenges]] | ||
* Not user friendly with people with physical deficiencies - blind people may not be able to correctly decode captchas (see [http://www.acb.org/board-minutes/bm070802.html American Council of the Blind] | * Not user friendly with people with physical deficiencies - blind people may not be able to correctly decode captchas (see [http://www.acb.org/board-minutes/bm070802.html American Council of the Blind] | ||
* Often not user-friendly to people with normal vision either; CAPTCHA system misbehavior is a common source of humor on the Internet. | |||
* Spammers can simply pay humans in poorer nations to solve CAPTCHAs. In 2010, [http://motherjones.com/kevin-drum/2010/08/price-captcha commercial CAPTCHA-solving services were seen] charging $1 per thousand CAPTCHAs solved. At those rates, a fairly large spamming campaign can still be cost-effective. | |||
== References == | == References == | ||
| Line 20: | Line 22: | ||
* [http://en.wikipedia.org/wiki/Captcha Wikipedia] | * [http://en.wikipedia.org/wiki/Captcha Wikipedia] | ||
* [http://www.acb.org/board-minutes/bm070802.html American Council of the Blind] | * [http://www.acb.org/board-minutes/bm070802.html American Council of the Blind] | ||
* [http://www.w3.org/TR/turingtest/ | * [http://www.w3.org/TR/turingtest/ W3C Inaccessibility of CAPTCHA] | ||
* [http://www2.parc.com/istl/projects/captcha/history.htm PARC history of Captchas] | |||
Latest revision as of 10:56, 30 September 2010
| Anti-spam technique: Captchas | |
|---|---|
| Date of first use: | ca. 2001 |
| Effectiveness: | Medium |
| Popularity: | Medium |
| Difficulty of implementation: | Medium |
| Where implemented: | MTA or MUA |
| Harm: | High |
Captchas (from "Completely Automated Public Turing test to tell Computers and Humans Apart") is version of mail challenges, adapted from a method originally designed to protect web forms from being completed by robots.
When using to protect a mailbox, a confirmation message is sent to the sender when he writes to the protected mailbox for the first time, indicating a web page where he will be asked to enter a textual code hidden in an image. If the correct answer is given, the sender is added to a whitelist so subsequent messages will be accepted without any further action.
Although some defenders of this method claim it provides "100 % spam stopped without loss of messages", in practice this method has many drawbacks including:
- All of the general problems with Challenges
- Not user friendly with people with physical deficiencies - blind people may not be able to correctly decode captchas (see American Council of the Blind
- Often not user-friendly to people with normal vision either; CAPTCHA system misbehavior is a common source of humor on the Internet.
- Spammers can simply pay humans in poorer nations to solve CAPTCHAs. In 2010, commercial CAPTCHA-solving services were seen charging $1 per thousand CAPTCHAs solved. At those rates, a fairly large spamming campaign can still be cost-effective.
