CAPTCHA Alternatives Abound

0
After my earlier post about an alternative approach to CAPTCH that I discovered today, I decided to spend a few minutes looking at what alternative approaches are being used and how accessible they are to programmers. I must say I was impressed by my findings, particularly since I focused this particular search only on WordPress plugins.

Why WordPress? Three reasons:

  1. I've been studying WordPress lately for some actual site work I'm doing for myself and two clients.
  2. WordPress has such a huge following that it borders on being a standard.
  3. It is pretty easy to find WordPress plugins without spending hours rummaging around the Web's attic.
I found that several different CAPTCHA approaches are available as easy-to-configure plugins for WordPress, including:

  • Saber which allows you to choose from among image, math or text tests, set the complexity of math challenges, email link confirmations before post, and a number of other altrnatives
  • NoSpamX uses an interesting idea of creating hidden form fields that a human wouldn't see and therefore wouldn't fill in but that a spambot would find and fill in because it blindly fills in all fields on a form.
  • WP Captcha-Free creates two hashes, one for login and one for comment post and compares them to detect the probability that a bot is at work.
  • WP-NOTCAPTCHA takes an interesting approach. It presents the user with three icons and instructs him or her to rotate them so they are properly oriented. I find this one particularly intriguing because not only would it seem, at least, to be all but unbreakable, but it is language-independent as well.
  • Mollom is like NoSpamX and WP Catcha-Free in that it is transparent to the user. It uses intelligent text analysis to filter out probable spam and then confronts suspected spambots with a dynamic CAPTCHA challenge so that only suspects get the experience.
I'm sure there are libraries in PHP and other popular programming and scripting languages to implement these same strategies but clearly the world of CAPTCHA is one with lots of attention focused on it.

Posted via email from danshafer’s posterous

February 6, 2010 · Posted in Web technology  
    

How Do I Rid Myself of MagicCoffee Spammer on FaceBook?

0

I am being plagued by an offensive and exceedingly annoying criminal on Facebook. I've blocked and reported this reprehensible individual three times. I've sent him direct email demanding that he leave me alone. Nothing has worked. I am prepared to take any action within the law to make this person pay for being an inconsiderate slob. Any ideas?

His latest name is Charles Mitchell, though he seems to use lots of aliases. He's promoting some BS called Magic Coffee that he says is an aphrodisiac that works on both sexes. Clearly he's pitching an MLM. The attached image shows his alleged photo and other contact info. 

It is unfortunate that Facebook can't figure out how to stop this guy. Or gal. Or dog.

Posted via email from danshafer’s posterous

January 29, 2010 · Posted in Privacy  
    

OMG! Panetta Wants $650

0

I got an email this morning from CIA Director Leon Panetta. No bull. Actually heard from the top spook. I mean, he does make his home in Monterey, so maybe he just thinks we’re buds or something.

Seems he wanted to warn me about a Nigerian email scam and to let me know that the CIA is behind some of these activities on behalf of the Nigerian government. So I should not send these thieves any more money but rather send only $650 directly to the CIA and they’d take care of me for sure.

Wow.

I can’t believe anyone falls for these ludicrous phishing scams but I’m obviously wrong or they’d stop doing them. This note was so full of typos and grammatical errors that you wouldn’t believe it came from anyone intelligent. Or even from a relatively ignorant public official (which, I hasten to point out, Mr. Panetta is definitely not).

It is so easy to detect these things. In this case, e.g., the From email address purported to be infonews@cia.gov (which may even be a legitimate email address for all I know or care) but the Reply-to: address was centralintelligence@gazeta.pl. Which means it originates with or at least uses a server in Poland. Anyone answering this deserves to lose the $650 (plus a lot more that is yet to come, I’m sure).The only way I know to stop spam and phishing schemes dead is to sign up for LOQMail secure private email. (Disclaimer: I’m an investor in WebLOQ.)

Meanwhile, I hope the CIA tracks down this culprit and finds some suitable discipline for his nefarious scheming.

Posted via email from danshafer’s posterous

November 20, 2009 · Posted in Email Issues, Technology  
    

Many New “Followers” on Twitter, Only They Aren’t Real

0

Tonight I had about eight emails from new “followers” on Twitter. I was surprised; I haven’t done anything to promote my Twitter presence. But I dutifully looked into each of these new “fans” to see if I’d want to follow them as well.

Almost all of them were obviously artificially generated identities. They consisted of a series of one-line posts (a few words each) that showed definite patterns. “I like Keith because she’s beautiful.” “I don’t like Jenny because she’s difficult.” “I bought some Pepsi.” “I ate some fish.”

Clearly Twitter has spawned its own brand of spam. It’s probably already being called Twam or something equally ridiculous.

I don’t think Twitter — without major changes — will be nearly as big in a year as it is today. It is getting trite, boring and repetitive and when the scripting knowledgeable folks can get in and make these new identities and threads so easily, the spam factor is going to be humongous.

There’s just no there there.

June 19, 2009 · Posted in Web technology  
    

Bad Behavior has blocked 249 access attempts in the last 7 days.