Brendan Tompkins

Sponsors

The Lounge

Wicked Cool Jobs

Syndication

Recent Posts

Tags

View more

News

Archives

Advertisement

Brendan Tompkins » Not So Sure About CAPTCHA...
Images in this post missing? We recently lost them in a site migration. We're working to restore these as you read this. Should you need an image in an emergency, please contact us at imagehelp@codebetter.com
Not So Sure About CAPTCHA...

I've been comment spammed more and more lately too, but I'm not so sure I like the solution of CAPTCHA images to deter the spammers.  Why?  Because they deter us, the comment providers, too!  I groan every time I need to decipher one of those things, just to say “Nice Post!”

Now, I get about 10 spam comments a week, admittedly, not that many.  But, I just go and delete them, as soon as I'm notified that I have a new comment for “Holdem Poker” or whatever.  I feel like if I put CAPTCHA puzzles on my blog, I'd just be passing the buck, er the effort, to my readers.

There's got to be a better way.  I've heard of people using Blacklists or other intelligent filtering technologies, which are the real solution, IMO. 

The real reason you see so much CAPTCHA on blogs?  It's cool technology, and we love to play around with cool technology.. But is it the best solution for filtering out comment spam, I don't think so.

-B

Posted Mon, Dec 13 2004 6:40 AM by Brendan Tompkins

[Advertisement]

Comments

Scott Galloway wrote re: Not So Sure About CAPTCHA...
on Mon, Dec 13 2004 1:51 AM
What I was thinking of doing (no comment if I'll ever get round to doing it) was having an arbitrary membership system using CAPTCHA. So, idea would be that the first time you wanted to leave a comment, you'd have to enter the CAPTCHA letters correctly, at which point I'd set a cookie on your browser - you'd only then have to enter the CAPTCHA letters if that cookie didn't exist. It's the best way I though of to deter spammers whilst not annoying everyone too much. Actually, this was extended further, I wanter to implement an email validation routine for comments (I got a few dummy email addreses in comments) - so you wnter a CAPTCHA code, click on an email link and the cookie's set...more annoying but much more verifiable...
miguel jimenez's coding blog wrote RE: Not So Sure About CAPTCHA...
on Mon, Dec 13 2004 3:33 AM
Scott, with that solutions spammers can easily get a cookie manually and add that cookie to all the httprequest they send to post spam comments... so actually, no spam will be removed. But, if that cookie consists on a challenge-response method and has a good expiration date, it could be possible to stop it that way...
Darrell wrote re: Not So Sure About CAPTCHA...
on Mon, Dec 13 2004 5:11 AM
Blacklists never worked with spam email, and normal content filtering is easy to get around. That's why I suggested applying SpamBayes to comments. That way it would improve as time went on.
Brendan Tompkins wrote re: Not So Sure About CAPTCHA...
on Mon, Dec 13 2004 5:17 AM
Ah.. Yes. Must've missed that thread..

B
Scott Galloway wrote re: Not So Sure About CAPTCHA...
on Mon, Dec 13 2004 9:01 AM
Miguel - true, but it would require manual intervention to enter the Captcha code in the first place - which would effectively preclude completely autmated coment spam. Darrell, I still see a problem with SpamBayes - namely the use of post content in the comment spam. I regularly get fairly 'smart' spam which seems to take some form of automated summary of the main post as part of the comment spam...
Chris wrote re: Not So Sure About CAPTCHA...
on Mon, Dec 13 2004 12:06 PM
I don't see why comment spam couldn't be caught by bayesian filtering just like e-mail spam is. If only there was a freely available bayesian filtering dotnet library...
Rob Garrett wrote re: Not So Sure About CAPTCHA...
on Wed, Dec 15 2004 3:27 AM
I use CAPTCHA, all a commenter has to do is enter one number in a text field, it takes no more time than filling in the email, URL and name fields. If a reader really wants to make a useful comment on a blog posting then an additional text box would not put them off.
Brendan Tompkins wrote re: Not So Sure About CAPTCHA...
on Wed, Dec 15 2004 3:34 AM
Well, not sure. If you use form fill for your name and URL, you don't have to do that much tying. When you read and respond to hundreds of blogs, it can be annoying, IMO..
Scott wrote re: Not So Sure About CAPTCHA...
on Sat, Feb 5 2005 12:17 PM
Apparently CAPTCHA isn't even that effective. Casey (and I'm sure others) has "broken" it - see here: http://tinyurl.com/48wpg

Add a Comment

(required)  
(optional)
(required)  
Remember Me?
Devlicio.us