After installing the spam-protected contact forum plug-in a week ago, I immediately wondered why all spam-prevention systems didn’t use basic human logic questions instead of CAPTCHA technology.
By human logic questions I’m referring to questions such as “What is 2+2″ and “What sound does a cow make?” where the user is to give the correct answer, as opposed to the image verification system, or CAPTCHA. The recent influx of such makeshift questions is an attempt to help solve the problem of automated spambots while CAPTCHA’s security continues to worsen.
I discovered CAPTCHA’s flaws firsthand when my various vBulletin forums started receiving mad amounts of spambots, or automated spam robots/scripts. CAPTCHA seemed like a good preventative solution, but unfortunately malicious programmers have found a way to actually program their bots to solve the image verifications. Now, CAPTCHA responds by making their images even more difficult to read, and while that does make it harder for the programmers, it also makes it a lot for legitimate users to try to decipher as the image are so badly warped!
When I upgraded vBulletin, the improved CAPTCHA system they were using definitely helped, and removed 99% of the spam. However, it’s only a matter of time before programmers “crack” the new CAPTCHA systems. It’s a neverending arms race.
That brings us back to why people have been recently using the human logic questions. What I want to know is: why don’t we use the human logic system for everything?
Please correct me if I’m wrong, but I don’t see how a spambot could ever answer such questions. Oh, sure, I’m sure in a decade or two, AI will have improved where spambots could answer questions such as “What is two plus two?” or “How many days are there in March?”, but would they be able to answer questions such as “How many toes does a one legged man have?”.
Even if they took the most common questions such as “2+2=?” and “What year is it” and added them into a database, all people would have to do would be to create their own unique questions and answers, such as my “How many toes does a one legged man have?” riddle above.
It’s a lot more fun to answer than trying to figure out a bunch of garbled numbers and letters, too. In fact, whenever I have to use a CAPTCHA verification, I often get it wrong at least once before being able to continue.
Am I missing something here, though? Why bother with CAPTCHA? Why not just use human logic questions? I don’t see how spambots can answer them, it’s a lot simpler, and is a lot easier on the user than having to squit to read a bunch of garbled text.
More information on CAPTCHA from Wikipedia.