Partager via


Are you a bot? Say hello to kitty!

Given that I am a Hello Kitty fan and the name of my blog closely resembles it, the news of a Hello Kitty style bot control piqued my interest. There is one more reason that induced me into writing a quick post on it. That is the NoBot control in the Toolkit that does something very similar (as its name suggests), ward off bots.

Captchas have always intrigued me. Although there are ways of circumventing them, they are still hard to break. The underlying concept upholds the fact that we are still far away from being taken over by robots; notwithstanding, it needs continuous refinement to maintain that status. But sites that use captchas turn me off. I do not like the idea that I need to decipher a very badly drawn captcha and attempt to submit a form ten times because I could not get the captcha right. It is also one more extra field required to be filled on a form which is annoying and shows a lack of trust on the website's part making me feel undesired. The Microsoft version, the Hello Kitty test, is even worse, because now I need to click x number of times on random pictures, some which may be badly taken and risk not knowing if the hybrid animal is a cat or not and be unable to submit the form because of that (rare, but could happen given the size of over-fed American cats). It takes up almost half a page and steals the context; here is a user filling out a form to order medical prescriptions for a sickness and it is asking him which of the five pictures contain cats, bleh!!! Could it get worse? Can't the verification be done automagically? Why do you need the user to know that you are frisking him or her? Aren't the airport security checks enough to justify that you don't need more people distrusting you?

Which is why I like the Toolkit NoBot Control. The user does not need know that he is being scanned for "bot" status. It has no UI. It may not be fool-proof, but that is the way bot prevention technology should be headed, which is performing checks under the covers. A real user should be oblivious of the security screenings. Bot tests should act like the watchful eye, protect the websites "knowing" who are honest humans and keeping bots at bay...