We're all getting far too used to having to type in a word that's shown in an image, to answer a multiple choice question, to do a sum and type in the answer when we want to post to / comment on an article on a web site. And sometimes those images are quite hard to make out - indeed they seem designed to be the reverse of accessible!

Question ... "Why are the words at the bottom of the page so hard to decipher? Why are they needed at all? We are not on some Nationally sensitive site."

Everyone who runs a site that welcomes public comment needs to have some sort of protection and strategy against contributions by people who are known as "forum spammers". People who will contribute to a site, but off topic, with material at best dilutes the site and at worst causes real offence ... and they'll do it to advertise their own products. This web site you're reading at the moment has a peak traffic of over 250 visitors per hour in the middle of a weekday, and if an advertiser can sneak in his product (or, often, scam) onto a reputable site it will give it "street cred" and also help - by association - in search engine results - Search engines work along the lines of "it this is approved of by lots of reputable sites, then we should approve it more".

Does this effect even small new sites like our Melksham SCOB [Campus] site, where the question was asked? Yes - I don't think I'm giving anything away here - the very first comments were along the lines "What a fascinating site. Have you seen this probuct [link]". The obvious follow-up question is "Why not simply delete these contributions" ... but the answer is that they come too thick and fast; we have to have a mechanism that's prevention rather than cure.

There are two strategies to overcome forum spam. The first is to require all users to sign up, agree to terms and condtions, make some checks to be pretty sure that they're genuine, and then let them loose. This is what we use on a site that I look after as part of my campaign for an improved rail service for Melksham - see [here] for the registration page. It's excellent for a site where the operator anticipates regular contributions from the same people, where a continuity of submissions is useful, and where newcomers won't be too put off by the hurdles and intial wait to write their first contribution. The second is to check every post / contribution as it's made - yes, that involves repeated security checks that may be a bit irritating for the contributor - but it does get over that major hurdle of loosing a high proportion of potential contributiors because of sign up delays before they can even write anything.

That's given you an overview of why we need to protect against forum spam. The figures are huge; if you look at the Project Honeypot site you'll find figures in the millions, and if you look at the Stop Forum Spam site, you'll find that the whole front page is a list of spammers reported within the last minute!

Answering, now, the first part of the question. The words have to be hard to decipher to make it difficult for automated programs to do it - and character recognition is a very well developed science these days. If you can read it easily, then it's probable that a program can. And once you get programs generating spam, based on a pattern and sending it out to large lists of possible target sites, you're in a very interesting "game" indeed.
(written 2012-03-19, updated 2012-03-24)

 G909 - Well House Consultants - Spam, Spamming and Spammers
  [259] Responding to spam - (2005-03-27)
  [268] Information request forms, cleaning up spam - (2005-04-05)
  [276] An apology to Mr Boneparte - (2005-04-11)
  [338] OO techniques are hard to teach - (2005-06-06)
  [347] Frightening and from-friend viruses and spams - (2005-06-14)
  [417] Telephone Preference Service - we're registered - (2005-08-17)
  [495] More spam - a success story - (2005-11-13)
  [872] Email metrics - (2006-09-20)
  [1037] Impact Engineering and Backscatter - (2007-01-16)
  [1115] Unexpected visitors to our site - (2007-03-22)
  [1523] Ive just received an email from myself. Should I be worried? - (2008-01-29)
  [1532] Comment spam blocked. Please comment via Forums - (2008-02-05)
  [1763] Co-operating to save, yet we dont - (2008-08-21)
  [1817] Marc Schneider is still having email trouble - (2008-09-30)
  [1978] From spam to mod_alias - finding resources - (2009-01-05)
  [2019] Baby Caleb and Fortune City in your web logs? - (2009-01-31)
  [2177] Preventing forum spam - checks at sign up - (2009-05-12)
  [2179] Offers that I can refuse - (2009-05-12)
  [2276] Who is Marc Schneider of Multilingual Search Engine Optimization Inc - (2009-07-10)
  [2398] Websitemediasolution and a goldfish called Carl Johnson - (2009-09-06)
  [2697] Email metrics and filtering - (2010-03-28)
  [2884] Hotlinked images onto adult material sites - (2010-07-23)
  [3016] The legal considerations of your web presence - revisited - (2010-10-26)
  [3166] Well house is strong - confirmed? - (2011-02-11)
  [3190] What do the following web sites have in common? - (2011-03-03)
  [3316] Twitter Phishing Trips ... and a great new alert service - (2011-06-04)
  [3352] World Trade Register - Certainly NOT worth 2985 Euros. - (2011-07-09)
  [3506] Cold call contacts - preference services and turning off spam sales approaches - (2011-11-03)
  [3910] Identifying your real customers and keeping them well informed fast - (2012-11-02)
  [3912] Sand to Arabia, Coals to Newcastle or Woodburners to Russia - (2012-11-04)
  [3946] Moving from a warning system to a control system - PHP, forum spammers - (2012-12-07)
  [4135] Introducing your product to Well House Consultants - single, personally tuned email please - (2013-07-08)
  [4315] Welcoming genuine forum posters quickly - but turning away off topic advertisers - (2014-11-16)
  [4520] No cold sales calls please - but delighted to hear from others! - (2015-09-29)

Back to A Pivotal Incident - learning how to welcome your guests

Previous and next or Horse's mouth home

Forward to Finding all the unique lines in a file, using Python or Perl

Will will smile?
Error checking in a Python program - making your program robust via exceptions
Changing shops and organisations - Melksham, the last and next five years
Finding all the unique lines in a file, using Python or Perl
Keeping forum and blog comments clean
A Pivotal Incident - learning how to welcome your guests
Welcome to Melksham - our new communities
Using Make for a distribution
Basham Festival, Melksham, early August 2012 - a welcome
TrainWest 2012 - 14th and 15th April, Melksham, Wiltshire