[Mailman-Developers] Re: Opening up a few can o' worms here...

Chuq Von Rospach chuqui@plaidworks.com
Mon, 29 Jul 2002 20:30:19 -0700 

On 7/29/02 7:53 PM, "Ka-Ping Yee" <ping@zesty.ca> wrote:

> If you generate an image containing the entire e-mail address, it
> can be made extremely hard to read, even with state-of-the-art OCR.

Hard to read isn't enough. That was the essential failing of slashdot's
attempt to do the "we'll choose a random algorithm for the address". It
forgets that spammers don't need to read it all the time. It only needs to
read it ONCE. So "hard to read" merely slows them down, once they decide to
start harvesting that stuff. It doesn't stop them, and since it's all
automated, they don't care if it takes them ten passes across your system to
get 50% of your addresses or 5 passes to get 80%. They still win.

> And it raises the bar so high that it will be a long time before
> spammers bother to even try OCR -- it's much too easy to harvest
> addresses in other, simpler ways.

That makes me feel better.

But seriously, that's "the club" philosophy. Make your car enough harder to
steal that they go steal someone else's. Works fine, until either the other
cars get smart and use the clubs, also, the other cars are all stolen, or
the guy stealing cars decides he really wants your car and it's worth the
effort. 

In other words, that's no solution at all. Just a delaying tactic. And the
more people who adopt it, the faster it'll get cracked by the bots. So the
real answer is to find a way to "raise the bar" that really sucks, so nobody
else adopts it... 

> Just to give you an idea of what tricks are possible: a GIF can
> contain many different colour table entries that map to almost the
> same colour; the background can be patterned; the text can be
> distorted or blurred; the text can be drawn shadowed or embossed;

And I'll bet in most of those situations, you just made your web site
none-ADA compliant. Which means it's a no-go for a lot of sites where
accessibility is necessary. Actually, now that I think about it, the simple
use of the graphic iwthout an acceptable ALT tag (which defeats the purpose
of the graphic) makes this non-compliant with ADA for sight-limited people
who use reader apps.

That, right there, makes it a no-op for many sites.


-- 
Chuq Von Rospach, Architech
chuqui@plaidworks.com -- http://www.chuqui.com/

Very funny, Scotty. Now beam my clothes down here, will you?