E hoʻohana i kekahi akamai a pale iā Captcha

laptcha

Maliʻa paha ʻo kekahi o nā ʻike hoʻohana maikaʻi ʻole e hoʻomau wau e holo i ka pūnaewele ʻo ia Captcha keʻenehana.

ʻO Captcha ke kiʻi ʻia kahi kiʻi me nā helu, nā leka, a i kekahi manawa nā huaʻōlelo āu e pono ai e kikokiko hou i kahi kahua ʻē aʻe. ʻO kēia e hoʻokahuli i nā pou palapala hana automated mai nā spammers ʻōlelo. ʻOiai ʻaʻole hiki iā lākou ke wehewehe i ke code, ʻaʻole hiki iā lākou ke waiho i nā kia bogus.

Kāpena Captcha

  1. He ʻenehana hōʻoki. ʻAʻole hiki iaʻu ke haʻi iā ʻoe i nā manawa aʻu e hele ai e waiho i kahi manaʻo a hoʻouna i kahi leka ma kekahi pūnaewele a keʻakeʻa ʻia wau e kahi māla ʻo Captcha. Hoʻopau ia i ke kahe a kāpae i ka ʻike o ka mea hoʻohana. ʻAʻole hiki iaʻu ke kū. I kekahi manawa, hāʻawi wale wau a haʻalele i ke kipa ʻana i ka pūnaewele a hoʻohana ʻana paha i ka mea hana.
  2. Hoʻokumu ʻia ia e kahi kamepiula. ʻO ka mea i hoʻokumu ʻia e kahi kamepiula e haʻi iaʻu i kekahi lā e haki ʻia e kahi kamepiula. He mea wale nō ia o ka manawa.
  3. ʻO ia palaualelo. Ma kahi o ka hoʻoponopono ʻana i ka pilikia, hana ia i ka mea hoʻohana e hana a puni ia.

ʻO kahi ala maikaʻi loa

Ua nīnau mai kekahi mau kāne iaʻu no ke aha wau i hoʻohana ʻole ai iā Captcha i kaʻu kākau ʻana i kaʻu plugin Form Form. ʻAʻole wau i hoʻohana ia mea no ka mea makemake wau e hana i ka ʻike maikai, ʻaʻole ʻoi aku ka maikaʻi, ʻoiai e ʻalo nei i nā spammers ʻōlelo. Me kahi ʻōpio o ke akamai, hiki i nā ʻoihana polokalamu ke hoʻolilo i kēia mau pilikia i mea leʻaleʻa, ʻaʻole kahi wāwahi.

ʻO kaʻu nīnau hoʻopiʻi ma kaʻu HoʻokaʻaʻikeʻAoʻao maʻalahi maʻalahi, "hua ʻōlelo hope loa i ka poʻo inoa o kaʻu blog". Akā nānā ia i ke kanaka e nānā i kekona a maliʻa paha chuckle, pono lākou e komo i ka "blog". Maikaʻi a maʻalahi hoʻi. ʻAʻohe discolored, distended, wacky huihui o nā leka a me nā helu. ʻO kahi nīnau maʻalahi ʻaʻole hiki ke pane ʻia e kahi kamepiula - ka mea heluhelu wale nō.

Ke hoʻohana nei ʻo Facebook iā Captcha

ʻO Facebook CaptchaʻO ka ʻoihana hou loa e hāʻule i ka ʻenehana Captcha style ʻo ia Facebook. ʻAʻole wale ia he maka maka ʻole, hiki ʻole iā ʻoe ke heluhelu i ka mea dang. Ua nani loa ʻo Facebook i ka hoʻomohala ʻana i kekahi mau mea hana maikaʻi a hoʻohuihui i loko o kā lākou pūnaewele ... pono maoli nō lākou e hoʻohana i kēia ʻenehana naʻaupō? Maikaʻi loa e kūʻai ʻia aku ai ka typepad a me nā mea ʻē aʻe ma luna.

E hoʻopaʻapaʻa paha kekahi "hana". Hana wale ia i ke ʻano e kāpae i ka pilikia mai ka pūnaewele a kau i ka mea hoʻohana. ʻO kēia hoʻolālā inexcusable a aia kekahi mau ala ʻoi aku ka maikaʻi! C'mon Facebook ... e lawe i kahi manawa, e hana i kahi mea! E hoʻokalakupua.

23 Comments

  1. 1

    One innovative solution similar to captcha’s is HumanAuth (and KittenAuth). It’s also similar to your “last word in my blog title” idea. A human must read a clue and prove that they understand the semantics of the clue. No computer can do that, yet. But if you listen to AI folks, they will, soon! It’s just around the corner, really!

    If HumanAuth or something “standard” that computers can’t do would catch on and go into widespread use, it would somewhat alleviate the interruption you’re talking about.

    BUT, you still have to be careful on the implementation. HumanAuth’s sample that I just went and looked at again has a flaw! The moment you click the right 3 images, it changes a button to let you know you’ve got it right. That’s ok, but it gives you unlimited clicks, so a simple recursive algorithm could easily figure out the 3 images.

    Your idea is simpler and simple usually means there’s less that can go wrong.

  2. 4

    Interesting opinion, though I am not really sure it deserves it’s own blog item…
    But what does one not do for just a little bit of attention… 😉

    Anyway, our site (http://ajaxwidgets.com) does not have a captcha for our blog system. And fact is that 99.99% of all spam blogs are being denied by the simple fact that we don’t allow HTML…!
    In addition we’re using “link condoms” for the URL field which also takes away a lot of spam. Not really all that hard 🙂

    .t

    • 5

      My objective wasn’t attention, Thomas. It really is to bring attention to a technology that is ‘acceptable’ mainstream but is not user friendly.

      Your example of how you’re dealing with it is exactly my point, there are definitely less intrusive ways of dealing with the problem.

      Thanks, Thomas! And I love widgets, so I’ll be checking out your site!
      Doug

  3. 6

    You fail to mention captcha’s which arent the tired and true distorted text image based ones.

    A captcha can be many things, text based, question and answer, subjective (pick cutest puppy) and these are much quicker to use and make more sense that trying to figure out if that is an o or a 0.

    I agree with you, and I hate them also, but your post didnt even cover the full breadth of the topic, and didnt offer any ideas about how to fix it.

    • 7

      Hi Garrow,

      I agree – I didn’t come up with the best solution… that’s what my call is to the companies with great resources and user experience experts. My motivation for writing the post was after seeing Facebook use this technology.

      I also didn’t realize that Captcha technologies overlapped outside of the simple font graphic that a user has to submit. If Captcha technology is expanding their footprint into challenge questions and answers that can be made to enhance, not degrade, the user experience, I’m all for them!

      Mahalo!

  4. 8

    Use variable-variable names. Once the user comes to the page set a session cookie that contains a random number. Then give your “input” tag a name=”comment__[title]”, and so one for the rest of your fields.

    Then reset the number every time someone visits the page.

    That will ensure it’s a human person going to the page: for a little while.

    Chris

  5. 9
  6. 10

    Captcha’s can be annoying. Some more than others. I’ve seen some that are impossible to read (which defeats the purpose). I use the “bad” type of Captcha you described in a few projects. However, I make it easy enough to read so that the human isn’t having to contort his/her brain to make sense of it. Also, I only “captcha” when the user registers, not every single time they give input into the site. It isn’t a perfect system, but I consider it low on the human annoyance factor.

    There you go, we could start rating Captcha’s on their “HAF” (Human Annoyance Factor), Spammer Annoyance Factor, etc.

  7. 12

    I don’t want to belittle your plugin but there’s already a much better way to filter spam in wordpress. There’s an amazing plugin that I use called SpamKarma and uses all kinds of heuristics to determine whether this post if human or whether it’s spam. I’ve been using it for about 1 1/2 or 2 years now and once it flagged someone’s comment as spam and once it wasn’t sure so it asked the person to fill out a captcha and then let the comment through. It catches hundreds of spam comments a week though and never lets any through.

    I hate captchas as well. If I really had to write a captcha I would do it like http://www.hotcaptcha.com/ since picking out the pretty people or the furry animals or the whatevers out of a series of images is trivial for humans and extremely difficult for automated scripts.

    • 13

      Hi Smokinn,

      I don’t use SpamKarma but I have heard of it. I do utilize Bad Behavior and I’m probably only having to deal with 10% of the comment spam I had before.

      I’ll check out Hot Captcha – sounds similar to what I’d like to see.

      Mahalo!
      Doug

  8. 14

    This post is pointless. Your solution doesn’t scale. A “bot” could be easily programmed to bypass your security measure by filling out “blog” every time. The solution has a finite number of questions – as many questions as you care to write. How would facebook, ticketmaster, or yahoo implement such a solution?

    This post was just ridiculous enough to get some attention and drive up your ad revenue. You’re going to have to try harder to “tip” this blog. I’d start with content worth reading.

    • 15

      Wow, Matt. Someone sounds a little grumpy today.

      Sounds as though you didn’t actually read my post. I never said my solution would scale nor should it be used by these companies. I i hana ai say that I’d like to see some companies (like Facebook) come up with a more ingenious solution. My plugin does allow you to change the challenge question and answer whenever you’d like – no bot is going to keep up with that. To date, I’ve had no SPAM on my contact page from this solution.

      One example: Perhaps Facebook could actually profit from using an advertisement on the page and asking “Who’s ad is on this page?”. Anything is better than punching in a bunch of numbers and letters – if you can actually read them.

      Cheers! Be sure to subscribe! hehe
      Doug

      • 16

        The “Who’s ad is on this page” is an interesting idea. I’ve seen it implemented before on a website called Moola.com. However, they use it specifically as a way to direct attention to their advertisers (as an interstitial) rather than a spam-prevention method.

        Some of them would even force you to watch a 20 second ad video and then answer a question such as “Which company was this ad for?” While, I’m not a fan of that particular method (I hate to wait), it would be interesting to see what something like that does to ad revenue.

  9. 17

    Apart from annoyance factor, which is huge, CAPTCHAs are regularly inaccessible for anyone with less than perfect vision.

    Imagine a CAPTCHA that you find difficult to read and then let someone with poor vision have a go. Difficult? Almost impossible.

    How about someone with no vision at all, surfing the web with a screen reader or braille technology. A CAPTCHA is designed such that programs can’t read it. In this case, neither will the disabled user.

    There are few accessible CAPTCHAs, ones that include a voice CAPTCHA for those who can’t see are an example, but the added usability concerns make it a technology that I would never consider implementing. Beat the spammers another way, don’t make your real users pay (also the reason I use the dofollow plugin).

  10. 18

    Captchas aren’t bad. Bad captchas are bad. If they are so hard to figure out that you can’t read it, then that is bad.

    However I think the better solution is a basic math question, three variables:
    1. Number 1 (0-9)
    2. Number 2 (0-9)
    3. Solution

    It is done so the math is very easy, and you can figure out what the answer is from a script standpoint rather easily.

  11. 19

    One neat solution I encountered somewhere was a checkbox labelled “I’m a spammer”, that came unchecked by default. Granted, it’s more useful in the context of preventing automated signups than on comments (as blog comments usually don’t have checkboxes that need checking).

    Of course in the end it’s just a matter of time before AIs break that. But I don’t think there’s a perfect solution than robots will never break, so this is good enough and doesn’t disrupt user experience at all (unless, of course, you consider yourself a spammer…)

  12. 20

    What is with the negative comments about this being an “attention getting” post? Since when was it a bad thing to add your voice to the discussion. Heck, with 17 comments already, it is obviously a topic people are interested in.

    Besides, if this is a topic that gets people’s attention, why the heck would you _not_ want to blog about it?

  13. 21

    How is that not a CAPTCHA?

    True, its not the usual mangled letters in an artificially grainy image, but it is something trying to tell computer and human apart.

  14. 22

    Yeah, I agree that captchas are a little irritating, and I’m sorry to realize that they’re a hurdle for disabled users, but I recently just
    raved about how much I appreciate the dual nature of the reCaptcha system, in that it blocks spam (though not 100% effectively, as you point out) while helping to decipher books, and I’m still a fan.

    No disputing their detrimental effect on user experience, but you have to admit that using minimal effort from each member of a vast pool of humans to do what even a very brainy computer cannot (read mangled text that defies Optical Character Recognition) is a pretty elegant solution.

    Though generally speaking, yes, I’m all for using creativity instead of code when possible.

  15. 23

    Aloha ʻoe,

    Nice concise post. I, too, disagree with the flames regarding your post’s possible intention. Especially where others point out your lack of providing an “answer” or “alternative,” which I could have sworn you did with your comment-form plugin and discussion of your contact page (or did I miss something? 😉 I think too many people form opinions (and share them) without bothering to read even a relatively short post, such as this one, before they lash out (which accomplishes next to nothing)

    This is an interesting debate and, no matter whether a solution is proffered, worthy of writing about if you want. It’s your blog, after all and – this is what bothers me the most about some of the comments – since when has blogging become a public responsibility? If you want to write about something, write about it. Anybody who doesn’t want to read still has the option to not read it. If you were charging a fee, this would be a different story, but, if I’m correct, weblogs spawned from the mass’s desire to post just about anything and/or everything that pops into their head and put it out for public display, or to make it easier to share with friends. Many blogs’ contents are not publicly accessible or even interesting to those not directly involved.

    I had to laugh when I read about using this post to jack up your ad revenue. Perhaps (and I do hope so) your experience has been better than mine, but – unless you’re blogging to promote a product – you can write about captcha or you could write about how smelly generic dog food is and your contextual ad system will pay out at its usual unpredictable rate in either situation 😉

    That being said, if the CAPTCHA makers are reading, thank you for adding the audio! Black blackground with a tumultuously wavy white grid foreground over which ghostly white (and grossly distorted) letters are posted (sometimes over the edge of picture) is a perfect example of a situation that a human with reasonably decent vision will have difficulty deciphering, but a program will probably easily solve over time.

    ʻO kaʻu keneta 2 wale nō,

    Best wishes to you,

    Mike

Pehea kou manaʻo?

Ke hoʻohana nei kēia pūnaewele i ka Akismet e ho'ēmi i ka spam. E aʻo pehea e hanaʻia ai kāuʻikeʻikepili.