« Open Mike: Wanna Play? | Main | Lightroom 5 Public Beta Released »

Sunday, 14 April 2013


Feed You can follow this conversation by subscribing to the comment feed for this post.

Mike, I think I would rather register than have to decipher CAPTCHAs every time I post. I really dislike CAPTCHAs.

As for spammers, send them all to an island in the middle of the ocean with no internet connection.

Blunt machetes.

relax mike, a captcha is "ok"!!!

If it means keeping TOP up I'll gladly do a Captcha or register.
Thank you for running a great blog, Mike.

Go for it. If Captcha does the job, all well and good. If not, registration (verified) to qualify for commenting is a small price to pay for maintaining the Comment Moderator's sanity.

FYI, Mike, I have long been occasionally challenged with this entry when commenting on TOP. It's unpredictable, not seeming to be related to the computer I'm using or any other discernible factors. It also does not seem to ensure that my comment gets admitted for moderation, either. In general I estimate that only about 3 in 5 of my comments ever gets posted. No profound losses to human knowledge but often a bit frustrating.

So if implementation of this checkpoint helps to at least ensure that valid comments pass through the gate the step will be welcome.

For many years, tech blog Coding Horror used a radically simplified CAPTCHA that only required users to type the word "orange" into a box when posting. The CAPTCHA image never changed, and it was easy to read. That ridiculously simple step was apparently enough to stop spam from appearing in the comments there for a long time.

I have heard that systems that pose a simple arithmetic problem ("What is 2 + 3?") are also surprisingly effective.

Although it's possible to program a computer to get around either scheme, that turns out to take too much time and effort. The economics of spam don't work if the spammer has to intervene; spam is profitable only when great tides of it can be produced with the barest of human effort. Even the smallest speed-bump may be enough to make the spammers look elsewhere.

My only objection to CAPTCHAs is that so many of the modern ones are only barely human readable, and it can take me several tries to get them right. Sometimes I give up. The "orange" system and the arithmetic systems don't give me any trouble, though.

Mike, I'm sure I'm not the first to say this, but: Do what you have to do to keep TOP running. Captcha's are inconvenient. TOP as a read-only experience would be even more inconvenient.

I want to register, especially if I get some kind of TOP lapel pin or wallet card.

I wouldn't mind user registration, maybe with 'anonymous' comments getting a captcha & a note that they'd be later to post, since they'd be in the queue.


A CAPTCHA is fine; much less of a pain than logging in, and still does a great filtering job.

Don't feel bad about this!

I was going to comment about your P.S. but it all just seems too hard now.

I'm pretty sure CAPTCHA is cracked in that there are computer programs that decode them fairly accurately ... in addition there are probably human worker farms that guess them for the spammers.

For my 'money' I would rather register than do the CAPTCHA thing. That is SUCH a pain.


Registering may well be a better answer...

It can take me four of five goes to the write answer on these captcha things... I just don't seem to be able to read them.. and it then reduces the amount of comments.

At least once we are registered we can comment easily..


It's probably an urban/internet legend, but I've read that a large proportion of those who are avowed opponents of the death penalty would be willing to make an exception in the case of spammers.

Probably necessary, we spend just a little more time and you get to manage yours much better. Just don't get too excited or expectations too high. You will go from "real comments" mixed in the spam to spam mixed in the "real comments". And if you add registration, you will need to deal with spammer registrants. Why? Because there is some pseudo business model to do with search engine optimization that makes people think that all hits are good hits. And there are people who will do this manually, all you can stop are the bots. But, hang in there. To us readers its worth it.

Hey, we'll get over it.

Registering for comments might be easier than the damn CAPTCHAs for me: I seem to have a 1 in 5 success rate with them...

I don't comment here that often, and when I want to leave a comment the captcha wouldn't bother me that much, but I would rather do a one-time registration and be done with it rather than have to fiddle with the verification every time I comment.

Too bad there is not a way to allow users to register and not be troubled with verification, while non-registered commenters would be subject to verification.

Have you ever played the sounds that CAPTCHA boxes offer you? I believe these sounds come from the mouths by spammers who have been disappeared by forces unknown. Seriously, click the speaker icon on a CAPTCHA box with your sound cranked up—it's very, very spooky.

Mike, go for it. We understand!!!

Spam is the bane of modern civilisation (or lack of it).

I reckon anyone with a blog of their own would be impressed you've held out this long!

Mike, no apology necessary. White noise: it is what it is. Not a big deal. Just hope the letters or words are decipherable. Sometimes they are quite difficult to discern.

I take my comment back. It is, at least for me, extremely difficult to make out one of the "words."

So, the last but one bastion of decency falls. Sigh, sigh.....

I too, despise spammers. To assist with the flow of my beloved TOP, I'm more than happy to assist with minimising the demands on Mike's time. I'm more than happy to log in with my (essentially inactive) typepad.com account. Besides, I can then quickly find all my previous comments -- a bit like my personal bookmarking into TOP.

Oh. That's interesting. There's no 'captcha' box.

How do you get the comment notices? If they come by e-mail with the contents of the comment, perhaps you could try Spam Sieve (a free trial is available). It is very good, and accurate, at detecting spam.

I'd bet that a way could be found to avoid having to resort to captcha if e-mail could be used to detect the spam for you. I'd be happy to consult.

Just thought I'd say thanks for the blog.

Hi Mike,

Just an option to consider but http://mollom.com/ is a very good option if you can afford to spend a little money on spam fighting.

It's a little different than most spam monitoring services as it fallbacks on CAPTCHA.


- Content is submitted and is known spam: marked as spam.
- Content submitted and is unknown whether it is spam or ham: send CAPTCHA to determine.
- Content submitted and is known ham: goes into your moderation process.

Just something to consider, good luck!

I'm no fan of spammers but I'm much less of a fan of the fools who actually buy their crap and thus encourage them to keep on spamming. There are too many folks out there who need a visit from the clue X 4.

Mike, it's only a small inconvenience, if at all. Hopefully you won't have to go over all the spam to find the real comments.

Just out of curiosity, I clicked on the red "microphone" button; it played a really creepy sound. I don't know if it's just me or what.

I'd prefer registering. Can be done via Google I believe. One other blog I read is on Yahoo. When one first registers the moderators read all your posts to ensure nothing out of line is coming through. After that your post goes straight on unless you blot your copy book when you would be back on probation for a while.

Why not appoint a few moderators to help weed out the spam whilst leaving approval of comments to der Fuehrer ?


Please either go with the mathematical problems or let us register. Some captchas are ridiculous. Thanks for your work.

While I agree that forcing us to register is undesirable, could you give us the option to register? That way people who don't want to be captcha'd have another option available.

Will register.

Sign of the times, Mike, keep up the good work.

Dear Mike,

The big thing is for you to stay sane. CAPTCHAs are fine if it helps you. I'd also have no problem registering and having to log in.

I'd prefer registration to CAPTCHA (particularly Google reCAPTCHA).

Someone mentioned the awfulness of the audio option. Last time I tried, it was so severely distorted as to be unusable. That would effectively block anyone with vision problems from commenting.

(Yes I'm aware this is a photography blog!)

Mike, I vote for registering, make all new members have to reply to an email to activate their account..

Steve G, not an urban legend at all. It is well known that Richard Nixon first said that in a Usenet posting.

Hi Mike,

As already suggested by some, I would suggest to go for both options: for those that do not mind, or only sporadically comment, provide the CAPTCHA, for the others provide registration as an option. Many of us support the site anyway financially, so will not mind a registration as an extra.

Also, registration can provide you with extra opportunities with regards to your loyal followers.

Good luck either way.


Very reasonable and understandable.

Thank you for so many years of interesting and thought-provoking posts on photography.

I'm always with you, Mike.


Can we register our guns at the same time?

I think it's much less of a inconvenience to log in with Google or Facebook than type CAPTCHA. I hate that thing. I'm usually all ready logged in with both Google and Facebook so all I have to do is click the appropriate button.

I wouldn't mind to register, considering TOP is my main-stop on the net every day.
As long as you don't hire some "sw-developer" to implement a retarded 1990's style flash interface, all is good ;-)

Years ago "Spam-Bots" did all the damage, and CAPTCHAs became an effective method to combat the pesky Spam Robots.
However, many of the Spams these days are created by an Army of Real People ;-( There isn't much you can do to fight them, other than moderate the comments.

Captcha is certainly OK if it helps with the spam. We have had to put a Captcha into our website for the same reasons. It is just too time consuming to deal with the spam, bots and webtrash that occur otherwise.

But how about a yearly registration/subscription model for those who would like to escape the Captcha? You could make the amount voluntary or set a suggested minimum - say $10/year? Exceptions can always be made based on need - students, for example. Many of us make donations periodically anyway so formalizing this would free us from Captcha. Making the amount voluntary like with freeware/shareware is a friendly thing to do.

I understand completely. My website has been hacked twice and my email taken control by some nefarious spammer operation just over the past three weeks. I've heard stories that several countries are targeting US site for hacking as means to find security breaches in merchant accounts. Who knows? At any rate, there are a lot of jerks wreaking havoc on the www.

Well, I am completely unobservant of the sidebars on TOP, silly me. You already do have a subscription model!!!! So nevermind my previous suggestion. "-)

Either way is fine with me. I think Captcha might be more effective as it is a bigger PITA. and BTW, if you are ever in Austin, Minnesota, the Spam Museum is a great place to visit and there is a diner across the street that serves, guess what?

We had a great morning there.

Register is OK with me Mike. Better than CAPTCHA, at least for me.


The CAPTCHAs depicted in the post are of a brand and design that is poorly designed and often incomprehensible. I've seen other types that are much better. Registering might be less annoying---you only have to do it once, or once in a while. Good luck with this.

I would also prefer registration to a captcha. The downside, of course, is that it makes it harder to entice new readers, and it can stifle spontaneous debate on hotbutton issues that bring new readers from other sources.

I personally like the idea of a captcha that doesn't change or a simple math problem, since apparently I am a non-human that is incapable of reading or understanding captchas...


I hate captchas because I have endless difficulty getting them right and cannot usually see where I am going wrong -- I suspect that I am filling them in correctly according to the instructions but that the instructions are wrong or inadequate.

I would prefer a registration and sign in process.

You already have a subscription available for TOP (which I think you do not publicise enough) so can you use the subscriber list to weed out spammers etc?

Ii agree - do what you have to do to retain what sanity you have left. However, I find captchas hard to read and often have to do multiple before i get in. I like the simple math kind. If people can't complete the simple math kind, you probably don't want them as readers.


As long as the words are easy to read I'll keep commenting. Many times,or times, one of the two words is just to hard to read.

Well here is goes.

It's the price you pay for popularity.

My 2¢:I'd rather register, than Captcha.

Too many times I got the puzzle wrong, and gave up after the third try.

Why not do a poll?

I'll add another vote for a registration system. I'm another of those people who has to cycle through a lot of CAPTCHAs before I hit one I can read.

I'd actually be OK with registration; captchas are a pain. But then you do have to balance whether other people will be turned away from commenting by the registration, particularly those who aren't "regulars".

It's sad that these things even have to be considered, but it can't be helped as long as spamming is even slightly effective (and that it's effective at all is the saddest part of all this).

I'm with all the people who would rather register. That particular captcha engine you showed can be ludicrously indecipherable.

Remember as well that lots of spam comments may be done by real people and not machines. "spam-shops" as opposed to "sweatshops"

Are there no options for whitelisting commentors with Wordpress? Someone like Kenneth Tanaka (and others) should be "known good" commentators.

BTW, I'd noticed a couple of my recent comments disappeared recently too. I was presuming the spam filter ate them.

Registration is another option especially if you can blacklist spammer that use humans to register.

I'd rather register and log in only to comment, for sure.

But if that sends you into some sort of complicated orbit then the CaPthCha is ok..

Even though they drive me nuts, I would slog through the CaPTuRe=D so I can spam you with nonsense. Do what you need.

As others have said Mike, no need to apologize for this. We can understand that it is (unfortunately) necessary.

I agree with those indicating a preference for registration over CAPCHA. Seems like it would be a bit less intrusive. But hey, whatever works for you. It's not a big deal.

Completely Automated Public Turing test to tell Computers and Humans Apart


Not a trivial question for "open resource" sites which allow comments. For all the reasons enumerated in the CAPTCHA link. Not least of which is accessibility for those who are CAPTCHA challenged.

Spam is a problem hounding blogs with a large following, which are a magnet to opportunistic spammers. High traffic forums such as dpreview's usually require registration. CAPTCHA or registration deters spammers and bots. Actually, it's the spammers' computer or malware which CAPTCHA or registration is designed to stop. (I don't consider spammers humans, so it's OK to lump them with bots.)

But registration or CAPTCHA aren't designed to filter or deter snarky comments, drive-by snipes, flame wars, oneupmanship, and other forms of uncivil and boorish discourse which have desolated popular but unmoderated online forums like dpreview or even Luminous Landscape's.

It requires a human to moderate humans. And it requires a special kind of human to moderate opinionated fellow humans and yet let through a broad range of viewpoints in a manner worthy of the First Amendment. This is already a tough job even without having to deal with spam which somehow manage to squeeze through porous software sieves.

This wouldn't be an issue, of course, if TOP were a "Read Only"(!) blog like LL.

Long rant over, please pardon me.

Now we know what the cost has been, pre-CAPTCHA, of keeping TOP open and a readers' haven. But I think TOP readers knew this all along.

Here's an early breakout of TOP readers' reactions to the new CAPTCHA policy as of Sunday, April 14, 10:33 p.m. (Central Time).

*'No Comment' comments were mostly suggestions on how to deal with spammers, or about alternative anti-spam apps.
**Multiple "and/or" answers were allowed. For example: a comment which has no objection to either CAPTCHA or registration was tallied under "Don't Mind at all" and "Would rather register". Hence, Total (26) > N (24).
Here's the source tally for the "Reaction to CAPTCHA" table.

The first 24 TOP readers whose opinions were tallied above weren't aware of one another's comments. They can almost be considered a random sample, except that the 24 are likely to be residents of a contiguous time zone (unless they are owls or larks). Although it's a smallish sample, I think the proportion of pro-CAPTCHA vis-a-vis pro-Registration comments will hold, while the share of 'No comment' will likely shrink.

How the hell are you going to know where to get the best price on Viagra now?

Mike, another vote for registration instead of Captcha. I have poor luck with Captchas, especially when reading and commenting from my phone (which is probably 90% of the time.)

But I will accept whatever you choose - TOP is worth it.


I'd be interested to know how well the CAPTCHA actually works. I've heard that one of the ways of defeating them is to use people trying to access high volume download sites to break the CAPTCHA.

It's an arms race.

I don't think either registration or captcha are such a great nuisance, but I would prefer registration, and captcha for the non registered if technically possible.

Of course you do realize you're taking ten precious seconds per comment out of our busy lives. That's my concept of 'inconvenience': ten whole seconds irreversibly lost because of that infamous CAPTCHA! Expect a massive drop in the number of commenters.
TOP is doomed.

I empathize with Mike. My day job is as a fraud analyst for an internet security company. Among my tasks is to monitor the inbox of several clients' fraud reporting email accounts (i.e. fraud@bobsbank.com). I see all kinds of weird. Mostly innocous, many times wuite funny (like the fine people who let us know they received a spam email, but don't send a copy or details. Just FYI, I guess).

As to what someone wrote above re: being angry at people who fall for spam, thus making it a viable business model, nowadays, the professional malicious email sends users to web sites for drive-by malware downloads, so no purchase of V1agra, or Cailis needed.

I describe my job thusly: I sit on the internet all day and click on things I know better than to.


Anything which means you can spend more time writing great articles is fine by me. Although your recent (excellent) NEX 6 review has just cost me £1250...

I agree with Greg. I`m sure that most of your readers are pretty much the same from post to post.
If you've been surfing this blog for a while, you start to recognize some of the names.
I think people will be more than willing to fill a registration form, I know I will.

I recently wrote a post about spam comments. I got a spam comment claiming to complain about the problem of too many spam comments.

Like rats, there are moments when you admire their ingenuity.

I see some websites that use a hybrid model. Captcha if your are not logged in to the site. No Captcha for registered folks that log in. I don't know if that's an option for you.

That said, someone earlier suggested enlisting some trusted human help on filtering real comments from spam. I'd be willing to devote some of my time to that. Not totally sure of the mechanics of how the e-mail would be forwarded to the volunteers, but say you sent me a block of 100 messages and said "send me back ASAP" all in that block that aren't spam. Might be a human error here or there, but just a thought on helping to keep TOP an exceptionally thoughtful and high quality site.

Rusty blunt machetes...

I've used a technique called "Reverse CAPTCHA" quite effectively. Basically instead of "prove to me you are a person", it instead works on the principle of "prove to me you are NOT a robot". It does this by using certain hidden "dummy" form fields with enticing names like "email". A bot would automatically fill in those fields, but if it's hidden, then a human would not have seen it and therefore would not have filled it out. On the back-end you have a script that automatically discards any entries that have the dummy fields filled in.

Plus 1
for registration preferred over catchap!

Mmmm, Leicas?

A friend gave me a bottle opener with a chip in it that says, "Mmmm, beer" in Homer's voice when it's applied to a bottle cap. Unfortunately, it can't tell beer from soda.

Same thing is happening on my forums - brisk increase in spam past couple of weeks. Hard to keep up!


I missed Manuel's satire alert. (sg)
And I singled out his comment as one of the outliers!
Just saying that he got me good.

Captcha's ok if only I could make the W-erk.

Right you are Mike. Did I tell you my sister is now making $7000 a month on the internet?

(Sorry I see this one all the time. I like to poke the nest with a stick for personal amusement.)

CAPTCHA works for me. Sometimes I have to ask for a second word set, but it's no much of a hassle ...

Dear Mike,

“We apologise for the inconvenience.”

You are, of course, aware (and so is every faithful Douglas Adams aficionado) that this is precisely God's Final Message To His Creation, "written in fire in letters thirty feet high on the far side of the Quentulus Quazgar Mountains in the land of Sevorbeupstry on the planet of Preliumtarn, which orbits the star Zarss, which is located in the Grey Binding Fiefdoms of Saxaquine. The long path to the message is lined with souvenir stands at spaced-out intervals." (So Long, and Thanks For All the Fish)

The Kaptcha may just be Kosmik Karma; a computer-generated string of characters may even encapsulate the riddle of Life, the Universe, and Everything. It is in keeping with the general style of the Universe that the most fundamental truth of all may just serve as a one-off spam filter for TypePad.

I'm 'agin' registering...I'm for keeping information about me that's floating around to a bare minimum, don't pay bills on-line, don't have investments constantly tracked on-line, etc. etc. I've even quit reading blogs that only allow you to comment if your on some sort of social media network, I'm never going to join Facebook. Perfectly happy filling out a Captcha, but have to agree with those on here that say they're getting harder to read, and sometimes take two tries or so to actually work. In addition, recently had to do one on a site to get a catalog mailed to me, and it wouldn't work with Mac Safari at all!

You might consider moving to Wordpress, either self-hosted or via wordpress.com. The Wordpress anti-spam plugin is excellent and I suspect would eliminate your spam problem for practical purposes. (Of course you would still have to moderate non-spam comments.)

Migrating your blog to a new platform need not be difficult. Set up a new WP blog, then import your content from here or simply link to here from the new blog, then redirect theonlinephotographer.com to the new blog. Keep the old blog running in any case.

Please do not have me comment via captha. I would be more than happy to register.

I have a self-hosted WordPress blog and I use Akismet to capture spam. It seems to work very well. On the other hand, I don't get many comments and most of what shows up is spam -- so Akismet could just be flagging everything ;-)


Dear Mike,

Add my vote for registration over (re)Captcha. Much more convenient!

pax / Ctein

Really hate Captcha, can hardly read the text. I'd rather register.

I own and moderator a forum with about 70,000 members. I have implemented various antispam traps over the years, which have greatly reduced the number of spammers we used to get. But the last couple of days, we got hit by at least two of them, which is really strange. Either their scripts get smarter or ....

The comments to this entry are closed.



Blog powered by Typepad
Member since 06/2007