Thursday, May 01, 2008

Captcha: a test that "you are human"; computers are becoming too smart?


Today, May 1, 2008, Paul Whoriskey has an important story in The Washington Post, “Digital Deception: With a test, Web sites let people in and keep out computers set to unleash spam attacks. Now, computers are cracking the code,” page D1 in print, Business Section, link here.

The story deals, of course, with the captcha, or “Completely Automated Public Turing Test to Tell Computers and Humans Apart,” based on British mathematician Alan Turning whose work helped the Allies break Nazi code during WWII. This is the "are you human" test. Turning himself is an important character in history. It is even possible that without Turing the War might have been lost. (Ironically, Turing was prosecuted in the early 1950s for “homosexual activity,” before Britain modernized its laws, and committed suicide, all of which is discussed in the Wikipedia article; in retrospect, this sounds like a “lesson of history”). The article also discusses the Turing Test(s).

Jonathan Zittrain provides some discussion of the Captcha in his book “The Future of the Internet,” review here.

The Captcha presents the visitor some numbers and characters in grossly distorted font, against a varied background, and makes the user key in what she sees. Captchas have been becoming more difficult to verity, as if is often hard to distinguish letters that are run together, to tell apart i and j, etc. They have been made more difficult to foil increasingly effective computer algorithms to break them. Some spammers have been trying to hire engineers to break them, according to the story.

Spammers sometimes try to generate blog entries or blog comments with multiple listings to the same domains to increase search engine rankings. However, search engine companies have proprietary algorithms to foil such schemes. Bloggers are encouraged to monitor or moderate comments (which I do). Use of captcahs in profiles will prevents some unwanted comments from getting sent into monitoring in the first place. Having to monitor comments is just a fact of life in blogging right now. I allow all comments that are “on subject” regardless of whether I agree with them or whether they are critical of me; I reject all comments that appear to be spam.

I do give links to support my points, and as much as practical I try to mix different sources within each entry.

I still think that major progress can be made with email spam by requiring Sender-ID verification and even by charging a microscopic postage amount for each email-destination sent.

Picture: I was trying to get a mockingbird to pose for me on the branch.

No comments: