By now, most of us are familiar with CAPTCHA graphics, or the graphics with squiggly text that we have to retype correctly in order to submit a form. I understand that CAPTCHA was developed to stop spam, prevent bots from hijacking forms and surveys, and prevent dictionary attacks against sites. But I’ve noticed recently that these tests are getting harder and harder, to the point where they are preventing me from submitting forms on the first, second, even third try.
CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. A CAPTCHA is a type of challenge-response test used mainly on Web pages to ensure that the response is not generated by a computer. For example, humans can read distorted text on a graphic, but computer programs (most of them at least) cannot.
Here are some examples of CAPTCHA:
- On the Matrix Group Contact Us form, you have to pass a CAPTCHA test in order to fill out the form.
- If you click on Email Us on the same form, you have to pass another CAPTCHA test to view and click on the e-mail address.
- To send a message to John Grau on his blog, you have to follow the instructions and type “transmissions” in a box.
Here’s the problem. Computer programs are getting smarter and smarter. “Spammers and malware authors are able to break Captcha process,” says Carl Leonard in an article in The Guardian. As a result, CAPTCHAS are getting harder and harder.
On my personal blog, which I host on Blogger.com, I sometimes have to type the text 3 or 4 times before I get it right. I sometimes look at the squiggly text and think, “you’ve got to be kidding.” I just hit submit and hope the next test is easier, which I guess defeats the idea behind CAPTCHA.
BTW, new CAPTCHAs are being developed in an effort to foil the spammers, scrapers and bots.
- SQUIGL-PIX gives you directions and asks you to draw lines around the correct pictures. It took me a couple of tries before I figured out that I had to draw the lines in the direction shown.
- ESP-PIX asks you to look at a set of pictures then select the word that best describes all the images. Either I’m really stupid or this test is broken because, for the life of me, I can’t get past the first test.
My favorite CAPTCHA is RECAPTCHA. This is a project to digitize books, which are scanned and run through OCR (optical character recognition). RECAPTCHA sends words that cannot be read by computers to the Web in the form of CAPTCHAs for humans to decipher. This is the CAPTCHA that we use on the Matrix Group Web site; it uses traditional, squiggly text but we think it’s cool to save books.
Of course, CAPTCHA is not the only answer to stopping spam posts on blogs, dictionary attacks against searches, etc. This blog, for example, uses a spam filter to filter out possible spam comments. We opted against a CAPTCHA as an experiment and because the Akismet filter we’re using has been so effective.
The final word on CAPTCHA? I guess here it’s to stay, but it will morph into more complex tasks , and I will surely continue to struggle against these increasingly complex tasks that I need my CMU grad husband to help me figure out. :-)