Wednesday, October 26, 2005

CAPTCHA Bugs

I have not experienced the Word Verification for posting yet, but in commenting I have seen it plenty of times. I don't have any trouble reading the text, but I am still getting them wrong way too often lately. I am not the only one, Diane commented at fightsplog.com that she is having trouble too.

CAPTCHAs certainly aren't all that clear on purpose. They have to distort the text to attempt to defeat automated programs from solving them and allowing the spam through. It is assumed that humans (as long as they aren't visually impaired, which is an even worse problem) should be able to do a better job reading the distorted letters than a computer. Most of the time that is correct, but obviously not always.

I think making the image bigger might be of some help. Maybe get rid of some of the less clear fonts. I have been experimenting with some just now and I can't seem to find one that I can't solve, but this morning I was having trouble. Maybe it wasn't an unclear text problem but a software problem and Blogger fixed it.

Since it is so easy for a human to fail the test, how can they really stop spammers? Some of the images are far easier to solve than others. If a spammer program just keeps trying it will get a simple one it can solve. Hopefully it is enough of a deterrent to make spammers go somewhere else, but it is not fool proof and spammers can be stubborn.

So here are some examples from Blogger's Word Verification. How readable are they?



Anyway, why call it Word Verification? They aren't words.

Another problem with the new system it that bloggers who use external software like w.blogger or BlogJet to post can't post if their blog requires a CAPTCHA. That is something that I am sure will be worked out. The software designers will probably need to give a way for users to see and solve the CAPTCHA. I know people are annoyed by this, but spammers use software to spam so they can't just continue the way things were. Blogger is working on ways for you to become verified after solving the CAPTCHA a number of and likely some other criteria. Be patient. The splog problem on Blogspot was so bad solving it had to be a priority.

Update: Some of the problem with external posting software seems to be a bug that is already being worked on. See the BlogJet blog.

Update 2: Blogger Buzz has some info on what they are doing to fix the external blog editor problems.

Comments:
Joe,

You have far more faith in Google that I do. So far all I have seen out of them is arrogance.

My blog is moving to a site that respects it's users, and plans ahead.
Edit  
Manish's comment seems pretty spammy to me. I mentioned BlogJet once only in saying that they had information on a bug with Blogger. Manish also has no blogger profile which is unusual for most bloggers.

Seems like the second human spam to break my CAPTCHA.
Edit  
Those captchas actually aren't that bad. At least if you compare it to the captcha that splot spot is using on their submit form.

I really have no idea how to use that piece of crap.

PS: Took me three tries to circumvent the blogger captcha to be able to post this comment. I'm pretty sure I entered the correct nonsense the first two tries, though.
Edit  
I agree, I have seen much harder to read than Blogger's CAPTCHA. But if you aren't careful or don't have good vision, some of these could be a pain to figure out.

There must still be some bugs in the system. I can't believe even the worst of the CAPTCHAs they use are that hard to make out that it would requires three tries.

I had not seen SplogSpot's CAPTCHA. That is insane. I presume you are supposed to choose the bold (and maybe larger) letters that sort of line up in the middle. It appears that you get the same feedback for correct or incorrect answers. I am sure that greatly reduces the likelyhood of a spammer abusing the system, but how can a human figure out how to use it either?

PS: This is my second try through the CAPTCHA!
Edit  
Post a Comment

<< Home