on Jun 2, 2007
As a follow up to my post back in mid-April: This CAPTCHA thing is incredible. For fellow WordPress users, the plugin I’m using is Peter’s Custom Anti-Spam Image Plugin for WordPress. As I said at the time, I used to get many hundreds of spam a day. Traffic here has jumped up since then, and I wouldn’t be at all surprised to find I’m getting a couple of thousand a day by this point. But all of them bounce off the CAPTCHA, and I never even see them. I only see a spam make it through about once every other week, and I’m betting the ones that do make it though are entered manually.
One more thing to note is that I’m not even sure those few spam are really spam. What I see is that every once in a while I’ll get a comment from someone that is something like, “That’s great!” or “I have always thought so too.” Their name is something harmless, but their URL links back to a page of ads. Are these people really spammers? It’s arguable. Since their name isn’t something like “get a free Wii!” it means they aren’t trying to game the Googlebot. In any case, I tend to can these comments since “me too”-ing doesn’t serve any real purpose, so other readers aren’t missing anything.
In any case, these are really impressive results for a CAPTCHA with only one short phrase that never changes. It really is amazing how well it works. This more or less proves that nearly all spam comes from automated scripts that don’t even attempt to cope with CAPTCHA. I’m more convinced than ever that the CAPTCHAs of warped, mixed case pink-on-purple letters with blue polkadots that are so difficult for humans are pretty much a waste of everyone’s time. An easy-to-read three-letter word is more than enough to defeat automated scripts.
Shamus Young is an old-school OpenGL programmer, author, and composer. He runs this site and if anything is broken you should probably blame him.