Anybody know how I can see a demo of KittenAuth? is it animated/audio?
Anybody know what bot captch tool this website is using? it's easy to use and very clear!

Simple solution, get yourself an anti spam filter that works...

The most ironic thing is that I had to enter a captcha to post this LOL.

Instead of trying to fight against those who want us to do something (buy, read, visit...) why don't we just start to boycott them by not fulfiling their request (don't buy this brand, don't read this article, don't visit this site) and let the ones who are paying the price (those who are not bought, read or visited) fix the problem by stopping their spamming or by sueing the spammers. If this were not bought, then this were not sold...

"A click the moving object flash animation?"

Yeah like that's work, i see enough if the "smack the monkey on the head to win one bazillion dollars" animated flash obscenities already that i will just jump with joy seeing another one!

Didn't gmail have the captcha problem pretty much solved with the "only by invitation" thing? No bot-created email accounts 'cause there's nowhere to sign up?
Either way, it seems that there would be many other simple (ish) ways to foil these bots. Craig's example, for... uh... instance.

Kittenauth.

After installing it in my forums I went from 20 spammers a day to one in 6 months.

setup a "dummy" form field, then hide it from your users with CSS using display: none. Bots don't understand CSS, or at least aren't going to spend time parsing your CSS, so it won't know that your dummy field isn't visible.

When you go to process the form, simply discard the ones with the dummy field filled in.

Far from being "easy" this could be less effective than the current method.

Yes, in terms of creating a program to read and comprehend the image it would be many times more difficult.

However, the implication is that there would be some database of images, and their related solutions. This creates an obvious finite limit as to the number of possibilities that could be displayed. And what's to stop a caching of all these images, resulting in simple image comparason, as opposed to the more complicated current method, which has a much larger, though still finite number of permutations.

Given a large enough database of pictures you could certainly slow down the automation, but foil it, it would not.


Hi, I am a bot.


Everyone has sound these days. Use a sound file with slight distortions of someone (animated voice?) reading a code.

If they don't have audio then animated scrolling text with some kind of flashing or effect distorting the text at times

Lets just round up all these people and get them to write some optical character recognition software. That crap never works.

Easy.

A picture with three answers.

picture of a cat. Not an outline drawing, but a full colour real life picture so computers cant take shortcuts.

For a castle you would need to type in three answers.

castle,
mansion
building
windows
door
property


etc etc. so you describe three things, or ways in that pic. Not colours.

A click the moving object flash animation?

Get everyone using "ReCaptcha" then at least these nasty little bots will be doing something useful.

Now that they're being broken this easily by computers, can we get rid of them? Some of them have gotten so silly that it takes me (as a human) five tries to get it.

Is that Door, door, DOOR, DOORS, Doors, doors

not sure exactly which one you want me to answer with your picture but the current case sensitive ones get me, I give up and use a real e-mail address

uuuueme for the win (I received the same inq pic twice in a row!)

"Get everyone using "ReCaptcha" then at least these nasty little bots will be doing something useful."

But since the bots fail most of the time, the bots would be tainting the results.
From ReCaptcha's site:

But if a computer can't read such a CAPTCHA, how does the system know the correct answer to the puzzle? Here's how: Each new word that cannot be read correctly by OCR is given to a user in conjunction with another word for which the answer is already known. The user is then asked to read both words. If they solve the one for which the answer is known, the system assumes their answer is correct for the new one. The system then gives the new image to a number of other people to determine, with higher confidence, whether the original answer was correct.


Using pictures is also pointless because of the limited number of pictures available for use. You can't recycle them, because if you do, the bots will just store them and ask each other if they've seen that picture before, and which answers worked and which didn't.
Each bot could store a few thousand pictures, and could store them as greyscale, or at a lower resolution (as long as they all do the same thing, it won't matter) to save space.

It them becomes an arms race - we will see little duckies and kitties with scrambled noise all over them. The random noise will be added when the sign up page is requested, so the bots can't play the store and match game.

You then have to add your usual "I'm blind, read it out for me" link. And since they're so unreadable, most big sites give you a link to show a new captcha. Bots could just spam that link and store thousands of captchas.

Might as well just have people call a toll free number, key in an ID code shown on the screen, and then type in the response code the bot on the other end reads you. You can even do this with text messaging (so you got your blind and deaf covered).

Any spammers can be more easily traced via phone numbers.


Or, you could just limit account sign ups to 4 per 24 hours per IP, and 10 per month per IP. People with a single IP for a lot of people, or dynamic IPs that actually change, would be redirected to a live chat with a rep, for a true Turing test.