Well that plugin is not official out of the box Wordpress feature. It's a Peter's Custom Captcha. I consider it as a custom solution. If Peter's Custom Captcha is official WordPress out of the box feature and it's included in package and enabled by default, that would propably render it unusable after a while.
The OpenID tells me totally different story. you can read it from here: http://openid.net/about.bml. (In short, it doens't prevent the bad people from using is).
> Just the presence of the captcha was enough to
> effectively eliminate his spam problem.
Custom solutions tend to work. At least for some time. For popular OSS project this is usually not an option and not all users of the popular OSS software are capable or willing to write a custom solution.
What about using browser recognition and some JavaScript with normal Captcha fallback (if browser is recognized and JavaScript runs correctly the Captcha-image is not displayed). Or instead of JavaScript maybe we could use some Flash (or even Silverlight) to do this kind of validation.
Of course this isn't bulletproof (it depends on how the form posting bot is implemented - whether it has javascript-/flash-engine and how it can mimic the BOM for example). This way we would not need captchas to be shown to most users but users without JavaScript/Flash will fallback to normal Captcha. But then again, this is easily worked around by "the bad people".
Maybe we should just use the same methods that we are using to fight spam: baynesian filtering.
What about splitting files in smaller chunks so that the possibility that separate files contain the same chunk of data gets more likely. The downloading is then directed by some chunk ids for example (global chunk id database). To download the full file you just need to download all the chunks and then the file is composed using these chunks and some ordering information. This might be just a stupid idea that won't work in practice but it might be interesting to see a porn movie that is composed from parts of Slashdot comments.
Slashdot Mirror
Well that plugin is not official out of the box Wordpress feature. It's a Peter's Custom Captcha. I consider it as a custom solution. If Peter's Custom Captcha is official WordPress out of the box feature and it's included in package and enabled by default, that would propably render it unusable after a while.
The OpenID tells me totally different story. you can read it from here: http://openid.net/about.bml. (In short, it doens't prevent the bad people from using is).
> Just the presence of the captcha was enough to > effectively eliminate his spam problem. Custom solutions tend to work. At least for some time. For popular OSS project this is usually not an option and not all users of the popular OSS software are capable or willing to write a custom solution.
What about using browser recognition and some JavaScript with normal Captcha fallback (if browser is recognized and JavaScript runs correctly the Captcha-image is not displayed). Or instead of JavaScript maybe we could use some Flash (or even Silverlight) to do this kind of validation. Of course this isn't bulletproof (it depends on how the form posting bot is implemented - whether it has javascript-/flash-engine and how it can mimic the BOM for example). This way we would not need captchas to be shown to most users but users without JavaScript/Flash will fallback to normal Captcha. But then again, this is easily worked around by "the bad people". Maybe we should just use the same methods that we are using to fight spam: baynesian filtering.
What bout nginx instead of Lighttpd?
What about splitting files in smaller chunks so that the possibility that separate files contain the same chunk of data gets more likely. The downloading is then directed by some chunk ids for example (global chunk id database). To download the full file you just need to download all the chunks and then the file is composed using these chunks and some ordering information. This might be just a stupid idea that won't work in practice but it might be interesting to see a porn movie that is composed from parts of Slashdot comments.