Thursday, February 14, 2013

CAPTCHA Cha-Cha

CAPTCHA is an ancronym for Completely Automated Public Turing test to tell Computers and Humans Apart

A Turing Test - named after Alan Turing - is a test of a machine's ability to simulate a human. A test to tell computers and humans apart.

[Obviously, the CHA part of the acronym is redundant and repetitive. Apparently those who coined the term wanted to add half of a dance step to it.]

Some people refer to a CAPTCHA as a "Reverse Turing test," since it is a computer program providing a test to a human (or another computer program). You're probably very familiar with CAPTCHAs. And you probably hate them.


Above is the CAPTCHA form you will find on blogs using the Blogger software. Often they are a lot more difficult to read than the sample above. I have been blogging since 2002, and up until November of 2012 I avoided installing a CAPTCHA. Here's a 2005 post on my non-genealogy blog explaining my anathema. (At that time I used a blogging system called MovableType. A week later I switched to Blogger. In February of 2006 I switched to WordPress. When I created this separate genealogy blog, though, I chose Blogger. MovableType still exists, maybe someday I will experiment with it again. Or try something else.)

Where was I? In November of 2012, on this blog, I was getting enough spam in my moderation queue on a daily basis I felt it was taking too much time to delete it all. I discovered Blogger's CAPTCHA had an audio option for the visually impaired, overcoming one of my major complaints about CAPTCHA in 2005. So I added the CAPTCHA, and that solved the problem instantly. For me. I'm sure it created problems for some of my readers. Most of you were kind enough not to say anything. (I do have an email address posted, even if you found yourself unable to leave comments.) However, I have received some comments recently almost begging me to remove the CAPTCHA.

I decided to test removing it, and see how much spam I received. November might have been a temporary fluke. For a few days the CAPTCHA hasn't been there. I have been getting some spam, but not nearly as much as I was getting in November. I can handle it at this level.

Some other bloggers recommended to me that I remove the "Anonymous" option in my comments. It is true that all the spam I receive in my moderation queue was/is anonymous (Back in November, and Today). However, I feel the Anonymous option is essential, at least for me.

Here is what the "Choose an Identity" portion of my blog's comment screen appears like currently:
For someone who doesn't own a Google Account, and has no clue what OpenID even means, much less how to use it, the only two choices are Name/URL and Anonymous.  If I could, I would remove just the Anonymous option. But on Blogger, removing "Anonymous" also removes "Name/URL."

Leaving:
There are many many many internet users who would look at that, scratch their head in consternation, and probably curse a little. CAPTCHAs might be irritating, but in my estimation this would result in greater confusion and annoyance. I want to scare away as few distant cousins as possible.

So What Happens if Your Spam Increases Again?
Will the CAPTCHA return?
Maybe not.

I've been investigating several other options.

1) Leave Blogger

WordPress allows for a lot greater flexibility in Spam Control. Their Akismet plug-in is exceptionally good at catching spam. I'm surprised Blogger isn't as good, as Google's Gmail is also exceptional. If the Akismet plug-in started to fail, there are some plug-ins with significantly more benign CAPTCHAs. Honeypots and Checkboxes are my current favorites.

A Honeypot Captcha inserts an invisible input box into the comment form; that is, it is invisible to humans. The spambots will see the box, and fill it in. The biggest problem with honeypots is that many people use automatic scripts on their browsers to fill in forms. Those scripts see the honeypots too.

Checkboxes, as the name suggests, inserts a simple checkbox asking if you're human. The spambots aren't (currently) expecting this. I suspect as checkbox CAPTCHAs become more common, the spambots will become smarter.

I prefer Blogger's user interface, but this is a possibility. There are other blogging systems I might investigate. My website host offers easy installation of either B2Evolution or Nucleus - neither of which I am familiar with. I'd appreciate insight from anyone who has used either of them. 

2) Install Disqus or IntenseDebate

I've heard that both of these comment systems can be installed on Blogger, and both have greater means of spam control. I would appreciate any insight from those who have used either of them, from the perspective of either blogger or commenter. I don't receive a lot of comments on my posts, so my main reason for using these would be spam control.

3) Install a completely separate comment script on my website, and link to it from my blog. There are lots of options here. I have a very simple guestbook/messageboard on another site that is completely spam-free. This would allow those who can't navigate the CAPTCHA to leave a visible comment for me.
 
Whatever I do, I will always provide some means for people to leave comments, and I will try to make it as user friendly as possible.
 
If anyone has any thoughts on this topic, please feel free to share them in the comments.

1 comment:

Bruno Laliberté said...

You've certainly given this some thought. Nice to see someone who cares about readers.
:)~
HUGZ