Slashdot Mirror
Will Solve Captcha for Money?
alx_lo writes "Captchas are a nice idea to protect your blog or guestbook from being spammed by robots.
But what good is this protection when you can hire "data entry specialists" to solve captchas for $0.60 per hour for 50 hours a week?
Anyone here who can think up a solution that does not include drastically changing the global economy? How about captchas that require cultural background knowledge to solve?"
Refundable micropayments. Seriously. Require people pay $1 to post a comment, payable via paypal or whatever. Once you have checked their comment, you can add them to a whitelist that will never be charged again and refund them their $1. Spammers don't get their dollar back, don't get added to the whitelist, and have their comment removed. The result over the course of a large number of blog entries would be to significantly increase the cost of doing business for spammers, while providing only a very minor inconvenience for legitimate users.
This is why I believe in the future there will be two Internets. The one we have now which is wild and wooly where you can remain anonymous, and one where you can't do anything without a Reputation ID that is tied to a biometric identification method (fingerprint, voiceprint, etc.). There will be third party companies like Google that have Reputation ID accounts and will handle the authentication. The Reputation ID based Interent is where eCommerce, government and medical records, etc. based web sites will live.
I hope to heaven that instead of a biometric authentication, someone can come up with a card reader for driver's licenses or some other ID method, but current events seem to indicate biometric authentication will prevail. Even in that case, I hope it is a "authenticated-user" token passing scheme so that the web site that you want to visit never knows who you are, just that you are a valid user that owns the account ID you claim to own (the Reputation ID web site acts as middleman and privacy shield, pray they are never hacked).
By the way, I don't like the thought of privacy problems and Reputation ID spoofing scenarios this implies. I just don't see any other way way to build an Internet with a high degree of trust. As I type this I am looking at the SlashDot captcha box for comments.
Robert Oschler - RobotsRule.com
To register, you have to be a "confident" user of a parternship website, like say ebay, paypal, amazon, yahoo, hotmail, google, etc, etc. They can proof that you are a real user, and an open api allows 1-1 relations between your accounts. If you are not registered to any of those website, you have to get X points using Folding@Home to be trusted.
I noticed that bots were signing up but not actually posting, (I donno, maybe they were meant to post but that part of the script broke -- either way, they never posted, but it annoyed me having them there.) They were just there, with links to sites selling vicodin/viagra/etc. Which annoyed me somewhat, but one time a child porn link showed up which was really the straw that broke the camels back, and I decided to stop it. I noticed that 99% of the sites were *.ru so I altered the reg form to throw an error if it detected a *.ru domain in the website field. Then I just started getting non *.ru domains instead, so I just thought, fine, fuck it.... Now if anybody signs up with ANY website in the website field, it throws an error, and has a message along these lines: Since then, no spam bots. w00t. Of course, that forum only gets a handful of signups per year, so I don't really care if it inconveniences people slightly, it's primarily intended as a "private"ish (real life friends) forum anyway.