Hmmm. Microsoft's captcha images are kinda lame. There's been OCR software available for years that could probably handle them, as long as the image is split up one character at a time, which is pretty simple to do. Godaddy.com had some very lame captchas too. Theirs was a 6 digit number in a plain simple sans-serif font, all the characters upright and evenly spaced, black on a white background. Perfect OCR fodder.

I started adding captchas to some of my sites a few months ago. Mine are substantially more obscure than Microsoft's while still being pretty easily readable. I've seen 10's of thousands of automated attempts at breaking them, and none have succeeded so far. The junk i get from bots filling out forms has dropped from thousands a day down to a trickle of a few a week.

Of course, there isn't very much incentive for breaking mine as there is for getting access to something like hotmail. I have to believe though that the bots making the attempts don't particularly care what site they're attacking or what the potential rewards are. If they find a form they can fill out they'll attack and let the humans behind them care about the results later.

The solution would seem obvious enough, charge for sending email. It'd only need to be .001 cents per email to kill off the problem.

Dumbest thing of all, I now get lots of spam in Russian. I can't even read the stuff. Probably a good thing the cold war is over or I'd be getting a knock on the door from ASIO.

Bob.

If you did a bit deeper you discover that these guys aren't using OCR, they use humans to type the codes back in. The humans get paid by seeing more of the naked lady for every code they enter.

Bob.

Is "CAPTCHA" a generic term for those crazy letters you have to type when signing up for sites?

I've notices over the last couple of weeks my forums have been getting sign ups from spam accounts. I still have to approve them but it's a pain. I employed these "CAPTCHAs" if that's what they're called, but I only used the 2nd level of security. Now I pumped it up to the real crooked/noisy letters to see if things get better.

Probably a good thing the cold war is over

Russia just had its traditional military hardware parade through Moscow to the Red Square, showing off its missiles, APCs, tanks, etc., just like in the good old days, and Putin and his new sidekick Medvedev seem very determined to escalate Russia's standing in the world.

I agree about charging for emails--it would end the problem immediately, with little negative effect on the rest of us.

The trickiest capchas I see are on the RapidShare site--little graphic cats and dogs in various poses and rotations. They show 6 very warped letters, and say to type in only those 4 that have a specific cat pose superimposed on them. Not easy for me, and I've always thought of myself as pretty good at graphics convolutions.

I would have to disagree that charging for email would stop spam. Considering the massive amounts of systems in botnets, you would just have ppl showing $10k email bills because their systems were compromised via trojans, worms, etc. Not to mention the 'legit' companies unable to find a better method of marketing.

Limiting the amount of email sent per day would help. I doubt this would happen as the inconvenience to companies that use a lot of email (other than spam).