Sorry about the CAPTCHA
A quick metablogging note. Those of you who comment on this blog (6700+ comments and counting, thank you all) have probably noticed that it now has a CAPTCHA, that little "please prove you're a human" test before the comment is posted.
I understand why. The MSDN and TechNet blog sites are high-value targets for unwanted commercial advertisers, for attackers who wish to attempt to influence search engines to drive traffic to their sites, and for vandals. The people who run security for this site have their hands full; we've experienced some pretty serious denials of service based on ham-fisted spammer attacks. Adding a CAPTCHA to regulate comments massively slows down the rate of successful comment spam.
That said, I'm not thrilled about this. I find CAPTCHA-style solutions distasteful for several reasons:
- The benign commenter -- precisely the kind of person we want to encourage -- is forced to do additional work. This is a small but nonzero disincentive to writing comments.
- Sometimes mistakes will be made; providing new ways that computers can tell us on a daily basis that we are failures seems irksome.
- The assumption of innocence is changed to an assumption of guilt; the benign commenter must prove their innocence. Every time I have to fill out a CAPTCHA I feel a small but real insult; I'm a trustworthy person, so trust me already. As Joel Spolsky once pointed out, it's like walking into a train station and the first thing you see is the NO SKATEBOARDING NO PANHANDLING NO THIS NO THAT NO THE OTHER THING sign. Its unwelcoming. It makes you feel attacked and guilty and reminds you that there is evil in the world.
- There are accessibility concerns. Not everyone who uses computers has decent vision but that doesn't make them evil robots. They deserve as much as a chance as everyone else to contribute and have to overcome plenty of obstacles already; let's not throw more in their way.
- And so on
So, sorry about that, commenters. I don't like it any more than you do, but there's not much I can do about it; I don't run the blog servers. The only thing I can control is how purple the text is.
Comments
Anonymous
September 10, 2009
As a new commenter, I'll just leave this comment so you don't feel so bad about the captcha issue. Your blog is definitely one of my top fives. Thanks, and keep it that way.Anonymous
September 10, 2009
The comment has been removedAnonymous
September 10, 2009
> The only thing I can control is how purple the text is. And Jeff Atwood probably still wants you to reduce the purpleness. http://www.codinghorror.com/blog/archives/000750.htmlAnonymous
September 10, 2009
I don't know why Jeff hates purple so much. It's quite easy on the eyes. That said, at least it's not one of those Yahoo CAPTCHAs that you have to actually stop and wonder "which letter is that? It looks like a webding!" By the way, my computer-illiterate friend couldn't get past a CAPTCHA a few days ago because he didn't know that he was supposed to copy the letters... It seems we really should find a new way to annoy users because this one is too difficult for some of them to pass.Anonymous
September 10, 2009
There is just one issue. Some braindead policy prohibits me from accessing any URL with "live" keyword in it. Priliminarily, it seems, that some of the CAPTCHAs are delivered using URLs containg that term and hence, are noit visible to me at work. All I see is a generic red X in its place. It follows logically that I can not comment on several of the blogs that I follow regularly.Anonymous
September 10, 2009
Captchas can be annoying for all the reasons you listed, but what other tools are there at present? At least it's better than having to register and sign in just to post a comment. Like the sign in the train station, when I see a Captcha I think of it not as a personal affront, but rather an indicator that the caretakers of the public space are making at least some effort to create a comfortable environment for everyone, including me.Anonymous
September 10, 2009
>The only thing I can control is how purple the text is LOL! :D Atleast the captcha is not all that bad, many websites have severely twisted characters for captcha that make me think "Am I the only one who din't get that ? Maybe I am not human enough"Anonymous
September 11, 2009
I am so used to Captcha's that I do not really find them offensive at all. I'd prefer the minor annoyance of a Captcha to the massive annoyance of having to read spam comments. Or the thought that you had to spend time deleting spam comments when you could be writing more brilliant blog postings!Anonymous
September 11, 2009
The comment has been removedAnonymous
September 11, 2009
Captchas can be used to convert visual scans of old books into text data. If you're not familiar with the concept, google reCAPTCHA. It may be a little annoying, but we can make knowledge more accessible through CAPTCHAs. Although, I assume this is not the case with the CAPTCHA used on MSDN. I got "000".Anonymous
September 11, 2009
Eric, you're worth the hassle of a 3-digit code any day. :)Anonymous
September 11, 2009
This can be mitigated. For instance, if you used something like OpenID to allow people to identify themselves then you can set policies. For instance "Anyone who has submitted a comment in the past which was not then deleted for being spam will not get a CAPTCHA in the future."Anonymous
September 11, 2009
The one problem I did have with the CAPTHCHA, just once, was that someone managed to use the code displayed for me while I was still ironing out the text of my comment; consequently, when I tried to use the same code, it told me I was some evil agent Smith from the Matrix, or something, and I had to refresh the page for a new code. :-) WOW!!! Here it come again: a second time!!! :-DAnonymous
September 13, 2009
Wow, and it's not even a very good captcha, I think i've seen that one on the list of captchas broken by grad student projects. I tried 3 times, and each time it spits back an un-obsctured slightly static-y 3 digit number. Sorry man, we feel for you and understand it's out of your control.Anonymous
September 13, 2009
The problem with captchas is that most implementations are broken and can be easily hacked by someone who is willing to; with a minimal amount of effort. For instance, every community server site that uses Captcha stores the captcha text in the plain text cookie (on this site the cookie is called AreYouHuman), all a bot has to do is read the cookie's content and submit that along with the spammy comment and there ya go, the entire purpose of Captcha is defeated.Anonymous
September 18, 2009
The comment has been removedAnonymous
September 18, 2009
@David - That is noit specific to London. It works the same way at many locations in the USA [specifically: Long Island (New York) Railroad, and New Jersy Transit).Anonymous
September 21, 2009
@David - you'll no longer find that to be the case. The majority of stations now have ticket barriers, so there's that suggestion of guilt again. As for the Captcha here, it's woeful. I'm sure it could be broken easily with current tech. A more mature offering like ReCaptcha would have been far better, but I guess that couldn't happen because Google just bought them out ;) You'll also find that many Captchas have assistive tech for people who are, for example, partially sighted. It's pretty shameful that Microsoft don't in this case.Anonymous
June 28, 2010
I realize this is an old topic, but I prefer entering a CAPTCHA over being required to "register" at every random site I would like to post a comment on. Registering is more onerous than entering a CAPTCHA. (Granted, TechNet and MSDN are not the run-of-the-mill sites. At many other sites, I'll abandon my comment rather than registering.)Anonymous
January 09, 2012
"The only thing I can control is how purple the text is." Lol! That right there just made my night :D I'm adding it to my facebook quotes.