by
kbenson » Wed Feb 22, 2012 11:57 pm
jnurthen wrote:
The difference between a geographic IP block and a CAPTCHA is that one is (potentially) discriminating against a protected class and the other is not.
Should I feel worse about blocking access to a class of citizens of the most wealthy nation in the world because they have hardships beyond the comprehension of most normal citizens, or by blocking access to poor third world residents that may finally be getting access to the Internet, and thus access to global markets and information. I'm woefully under qualified to make a judgement call in either direction, and it only seems to complicate the issue more that there are whole industries dedicated to alleviating or removing obstacles for disabled individuals in America.
In any case, it's not cut and dry for me.
jnurthen wrote:
kbenson wrote:
jnurthen wrote:
I'm not arguing that some type of CAPTCHA is never necessary - but 99% of the time they are used in inappropriate situations where some other simple techniques would prove equally effective in preventing abuse such as on blogs / chat forums etc.
By all means challenge a user with a CAPTCHA if they are suspicious (for example if they try to submit a form too quickly after landing on the page, or if they don't have scripting enabled in their useragent) but I don't think we should encourage lazy behaviour on the part of web-admins if this lazy behaviour excludes people due to various disabilities.
So we aren't really in disagreement at all.
Not quite sure if you're serious or not... the smiley is a little confusing here.
I'm serious in that I think we're arguing the same point from different angles, but you seem to think we aren't, and this argument has gone on for this long before finally coming to this point. I find this comical in a slightly sad manner.
I am certainly in disagreement with you. You originally suggested adding a CAPTCHA to a feedback form on a web page. I suggest that this is a really bad thing to do as you are making it really difficult for a certain class of people to provide you feedback. Added to this is the fact that the CAPTCHA could easily be replaced by many other less onerous techniques.
No, you're confusing me with another poster. I posted originally asking he use SOME method to secure his form mailer, such as cleaning posted variables, and being careful what is sent out to the user in email, if anything. Someone else mentioned using a CAPTCHA, I simple responded to what I saw as a kneejerk negative reaction to a simple tool, when all that's needed is to understand the consequences of whatever security mechanism is put in place.
To clarify again, as I attempted to do initially
here, I'm only stating that I think CAPTCHAs
may have use in
some instances when used
appropriately.