You’ve probably heard of the World Wide Web Consortium (W3C); it’s is an “international consortium where member organizations, a full-time staff, and the public work together to develop Web standards.
According to their web site, their mission is:
“To lead the World Wide Web to its full potential by developing protocols and guidelines that ensure long-term growth for the Web.”
Well, lately they have been working hard to lead the web away from CAPTCHA, and with good reason. According to this article on their web site, CAPTCHA is giving webmasters a “false sense of security.”
They changed their tune over at my.opera.com on 10 March 2007 and the image-based CAPTCHA was replaced with a text-based one. No doubt the folks at Opera were tired of dealing with SPAM Bots that danced their way around the CAPTCHA images, so they decided to give text phrases a try.
This is actually the first time that I’ve seen a major popular site working with text-based CAPTCHA, and I was kind of surprised. Popular sites like my.opera.com are often the targets of specialized SPAM Bots that are designed specifically to defeat that one site’s defenses. Apparently the text gates are holding strong in this case, because they are still employing it.
We’ve got a press-release written and sent: “YOU ARE WANTED AT BBSPAM.COM”.
CAPTCHA routines are kind of like the flesh-eating dudes in those zombie flicks. They’re dead, but someone forgot to tell them. Well, the obituary was been written for CAPTCHA long ago, but the concept continues to live. Now, it seems, the word is finally starting to spread and more and more webmasters are starting to show up for the funeral.
CAPTCHA, or more precisely Completely Automated Public Turing Test to Tell Computers and Humans Apart, uses images to try and stop spammers. The problem is, the spammers have written some darn good image recognition software and that’s when CAPTCHA’s death knoll sounded.
So, what is it that the spam slayers are starting to support? SAPTCHA (Semi Automatic Public Turing Test to Tell Computers and Humans Apart).
Have you ever heard about XRumer? Even if not, you face with it every day. It’s that industry-leading program which delivers spam messages to your forums and blogs. XRumer is a wonderful piece of software. Unfortunately, it fights on the dark side.
Anyway, it’s always interesting to learn more about people behind great software. Recently I found an interview with Aleksandr Ryanchenko (“botmaster”), the author of XRumer. Translation to English is below. Thanks Aleksandr Nikolayev (“square”) for interviewing!
Good job! You’ve built a great web site that’s going to attract a lot of visitors. But before you start counting all of that money you plan to make, take a moment to meet Mr. FUD.
Yep, good old Fear, Uncertainty, and Doubt is about to step into your life if you’re thinking about adding a CAPTCHA gateway to your registration or message forms. Here are two reasons why:
I always wondered why the support forums of phpBB and PHP-Nuke are free of spam. Yes, there is a number of moderators, but bots work faster than people and they are never tired. Recently I stumbled upon the “don’t spam here” list of XRumer (the best spam bot) and realized it all:
The industry-leading spam bots don’t spam the developers’ forums! That’s why the developers don’t know that the spam problem is so important to users. That’s why the developers don’t improve the spam protection.
I’ve looked through the black (hmm… white?) list and decided to highlight some sites: