Will Solve Captcha for Money?

alx_lo writes "Captchas are a nice idea to protect your blog or guestbook from being spammed by robots. But what good is this protection when you can hire "data entry specialists" to solve captchas for $0.60 per hour for 50 hours a week? Anyone here who can think up a solution that does not include drastically changing the global economy? How about captchas that require cultural background knowledge to solve?"

Still hurts spammers

[ZachPruckowski]

This still hurts spammers, because spamming is otherwise pretty cheap. Once you've grabbed bots, all you have to do is upload a few hundred KB of scripts to an IRC channel. It's practically zero overhead. This adds some to the equation. Adding overhead puts smaller spammers out of business, and it's the way to win. We can't stop spam, just make it harder.

Timing

[kevin_conaway]

Perhaps a solution is making the captcha time-intensive? If it takes an additional 30 seconds of 45 seconds, it might cut down on the number of captchas a person could solve in an hour.

This would probably work better for sites where you only enter the CAPTCHA once, say for creating an account.

Yeah, make your website more difficult.

[cowscows]

This issue quickly runs into the same sorts of problems that copy protection on software does. People who are dedicated to breaking the system will still be able to, but normal people trying to work with the system are just getting annoyed.

It's a mild pain in the ass to match a swirled up picture of letters (I've known the alphabet for about 25 years, and I still get them wrong sometimes), but I'll usually go through it. Make it much more difficult than that, however, and I'm pretty likely to decide it's not worth it, and go waste my time on another website.

The solution to this problem is not to make the visitor do more work, because you can easily drive your visitors away by making your website a hassle. The spam needs to be filtered on the server side, or just deleted as it appears.

I've encountered this problem on my own neglected website, and I haven't found a good solution that I have the skills to implement. I generally just delete the spam as it appears, and I turn off commenting on older posts. This works for my personal site, because it's low traffic, but I'd imagine someone who gets more readers and spam could find the motivation to set up some sort of filtering, similar to email spam filters.

Re:no good solution for now

[CastrTroy]

I highly doubt that most American, or people even could compute a square root without a calculator. I don't even think they teach that stuff in school anymore.

Re:refundable micropayments.

[BrynM]

Spammers don't get their dollar back, don't get added to the whitelist, and have their comment removed.

With the rates of credit card abuse and identity theft from where lots of spam originates (former soviet states, pacific rim), you can bet they wouldn't be spending their own dollar to post with such a solution.

Re:"Who's Hot"

[squiggleslash]

Ignoring any issues about offensiveness or whatever, that's not the problem with it. The problem is that it's easily broken.

How do you break it? Easy. Just pick a random number between one and the number of options you have. For a three option CAPTCHA, you have a one-in-three chance of getting through. You're a spammer remember, so these odds do not deter you, all you have to do is run your automated script three times and you'll be close to sending out the same number of spamvertisements as you would have sent without the CAPTCHA.

Realistically no multiple choice system, as advocated by a number of posters here, will succeed unless it has so many choices that it's improbable a real user will be able to use the system without issues.

CAPTCHAs are a bad idea in general. Yet again they're a poor, unwieldy, temporary "solution" to a problem the inventors barely understand that causes more problems than it fixes. Like 99% of anti-spam solutions. The only thing worse than a CAPTCHA is what'll replace them.