Monday, October 10, 2005

What I won't miss, part two: attack of the spambots

Captcha some SPAM
Spam spam spam spam. Lovely spam! Wonderful spam!

I was perversely flattered when this blog began to receive comment spam. At first, I thought it was a sign that I had arrived. Then I realized that it was just another example of Moore's Law in action. Equipment and bandwidth keep getting cheaper, so the marginal cost of a new spam attack keeps getting smaller.

And the latest comment spam here were very marginal indeed:
• a small fraction (who clicks on traditional mortgage-enlargement spam?);
• reduced even smaller (even fewer care about mesothelioma-casino links);
• of a tiny number (this site's readers are a select group, but a small one).

The amount of spam was still small, so it was easy to delete. Unfortunately, the spambots weren't consistent enough for me to set up something like the amusing honeypot for spammers at chez Driftglass. So if you enter a comment (and you should), you'll have to prove your existence with a little Turing test, a captcha, where you'll see a distorted word and type its letters into a box (Blogger calls it
"word verification").

There are problems with captchas. They are really, really bad from an accessibility standpoint: computers can't read the distorted images, but neither can visually-impaired humans. And captchas may not work for long. The obvious tool, optical character recognition, is good enough to decode weak captchas; in the future, OCR will break strong ones, too. And right now, spammers can crack captchas with free porn. So captchas are a flawed and temporary solution.

But they are the best we have for now.


Post a Comment

<< Home