This seems to be stopping the spambots while humans actually get to pick something that makes sense, is fully accessable, and adds another bit of useful data to the client.

CAPTCHA is not *not* a true Turing test, it doesn’t really test intelligence, it merely tests perceptual skills, which quite apart from being ambiguous in just the ways we’re discussing here, is nothing to do with intelligence. The Post Office uses letter-recognition technology to scan postcodes, and exactly the same technology can crack CAPTCHA tests.

For the time being, A is the only real answer for me. In the absence of a viable alternative, just don’t do it. It’s the same as generating email addresses in javascript or with images, or using those ridiculous SPAM-proxy filter services that make you write back and confirm that you’re a real person … it’s making other people take responsibility for your problem.

On a practical level, I’m afraid I have no ideas. I just don’t know how any such system could work without cutting out a proportion of legitimate people.

CAPTCHAs are meant to provide well intended humans with a simple ‘password’ - and that’s what I meant by my wording. Passwords are meant to be kept secret all the way, while CAPTCHAs can at best only separate humans from software. At worst CAPTCHAs separates humans from humans, whether these humans are well intended or not.

CAPTCHAs and ‘no-barrier followed by AI-filtering’ do not suffer from the same problems, in that the latter isn’t discriminating humans based on how able-bodied they are. I firmly believe the most accessible alternative to “the fuzzy, blurry, unreadable image” is ‘clear text’, and the problems should be dealt with on other levels - sorting the good from the bad.

The weak point with ‘AI’ is simply the “I” - not much intelligence there yet. However, there’s a lot more intelligence than any CAPTCHA can provide–once we get off the web. The playing-field is too leveled on the web, so my approach would be to keep it plain and open on this playing-field - say “no to CAPTCHAs and other barriers”, and improve AI to do the job usually done by a human administrator, on a level that’s completely outside control from the web.

We have to put limits on what can be entered from outside - simple and understandable rules and filters with no override. However, the AI behind the surface shall not be ‘locked in’ by rules more than a human counterpart is. All logic says that rules makes every system predictable. Whether its human or software based doesn’t matter. Ever heard the bad guys play by rules?

I may simply be too focused on open access, and too aggressive towards both the bad guys and the whole “arms race”. I’d solve problems with access first, and deal with the bad guys later.

“these barriers are meant to be cracked,” ???

These barriers are not meant to be cracked. This is like saying “passwords” are meant to be cracked. No, passwords and CAPTCHAs are not *meant* to be cracked. Their primary purpose is to make it fairly easy for humans with good intentions to gain access to a system and very difficult for all but the most determined spammers, human or spammers, to crack and exploit in a way that becomes a nuisance.

If a CAPTCHA can be made that’s just enough of a barrier that a bad guy has to expend considerable resources (either via software development or by running a sweat shop of humans) to assault your system, what’s the harm? You may need to update the CAPTCHA over time to stay ahead, but this is part of running a publicly accessible system, unfortunately.

It seems you are suggesting using filtering techniques to obscure the content created by bad guys from the good guys. This “solution” really has the same exact problem as a CAPTCHA. Namely, over time the bad guys figure out how to workaround the AI rules (your term) to get past the filters and a system administrator needs to work to stay ahead of them. What’s more problemmatic about this “solution” is that it offers a wonderful opportunity for denial of service (DOS) attacks on your system. If you can allow all content in, filter it out, yet thwart DOS attacks by limiting rate of content posting, okay. But then you still have a scaling problem. How much content should you allow any user to put into a system potentially wasting system resources. I’ve I’ve misinterpreted the suggestion to “use methods similar to intelligent mail-sorting,” please ellaborate so that I better understand this proposal.

I think it’s still a useful problem to consider how to make accessible CAPTCHAs as well as improve CAPTCHAs to be more usable by able-bodied good guys. Perhaps in trying to address the accessiblity problem, we can come up with a much better alternative to the fuzzy, blurry, unreadable image problem.

Unfortunately, using math problems will not address the problem. It would be *very easy* to write a script to “scrape” the contents of the screen, perform the math and include the result in the posting, thus defeating the purpose of a CAPTCHA.

why not use a simple calculation?
let visitors make the sum of 2 random numbers between 0 and 10