February 22, 2012
Spam is a major issue on social networks, blogs and forums these days. Spammers have even resorted to hiring “human bots” to troll websites and post comments and postings just to get their site links a bit higher on search engine results.
To try to combat the problem, many sites have resorted to CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). This technology is simply the use of some manual test that a human being would have no issues passing, but a computer would be unable to complete correctly.
Generally speaking, the test takes the form of a series of letters and numbers that are rendered as a graphic (like in the picture above). A human has no issue typing the letters on the screen, but a computer can’t, since the computer only “sees” the image as an image, not as a series of characters.
The test gets its name from the work of Alan Turing, a computer scientist who spent a great deal of his life trying to figure out if a machine could ever think exactly like a human. The result of that work helped win World War II (he helped build the Ultra machine used to break the German ENIGMA code generator system); and also helped create a series of tests to see how “human-like” machines could get.
The so-called “Turing Test” is still used today against advanced computer systems. A human operator sits in an isolated room and sends a series of questions to both another human and to a computer. The operator then tries to determine which is the human and which is the computer based on the reactions, responses and answers they get from both subjects. If the operator cannot correctly identify the computer, it is said to have passed the test.
And so, in order to try to weed out automated computer systems trying to post spam to blogs, networks and forums, tech professionals often implement CATPCHA tests to block them.
While the idea is great in theory, the benefits to CAPTCHA are severely limited by several factors these days:
– Spammers are hiring human beings in depressed economies to answer CAPTCHA tests and post nonsense to forums and blogs, bypassing the test for a few cents per dozen posts.
– People with visual disabilities (such as being legally blind or color blind) have issues passing the tests. This is either because the CAPTCHA provider didn’t include an audible test with the visual one, or because the CAPTCHA itself is in non-contrasting colors that are difficult to read for someone who is color blind.
– The CAPTCHA’s themselves have become so intricate and complex that real humans can’t answer them correctly either. I’ve seen math problems, characters so twisted around they’re unreadable, so many intersecting lines that you can’t read the characters, etc.
– Computer systems are getting complex enough that they can actually pass the CAPTCHA.
While you will still see CAPTCHA on many websites, and while they still have some use in the overall war on spam, you should probably avoid forcing a CAPTCHA test for your blog or website.
Instead, require administrator interaction before a blog comment can go live, require registration before a forum can be posted to, and use other techniques that will help keep spammers away from your postings. Many content management systems (such as WordPress) allow you to permit those who’s comments you have allowed in the past to post without having to get permission each time; for example.
If you find a CAPTCHA that is unreadable, unusable, or both; let the site administrator know that they need to fix it or remove it.