The reasons for Captcha’s and other irritations when using the interwebz

One of the unknowns of the internet for most people is how much of the traffic going around is automated. For every person browsing the internet there’s another computer doing it all on its own, following a simple, or possibly not so simple computer program.

Some of this traffic is benevolent; search engine spiders — cataloguing and indexing the massive amounts of information across the internet, doing what no human could do manually in making sense out of everything in what has become humanities largest ever collection of information. Security bots checking that a website isn’t (deliberately or inadvertently) injecting a virus into every computer that visits. Maintenance programs checking that servers are operating correctly.

More of that traffic is unwanted but largely benign. Scrapers taking information from sites to re-use on slightly suspicious directories. Grabbing every email address they encounter to flood the inboxes of anyone they can with offers of cheap crap and unwanted Viagra substitutes. Looking for email contact forms to send junk mail through.

Some of that traffic is positively malevolent. Malicious bots searching for vulnerabilities on websites that use out of date software in order to take over that website — either to infect visitors with malware or to steal information directly from the stored information on that site. Robotic visitors to sites that automatically sign up to social networks to spam everyone and everything with rubbish links to dodgy websites, to perform black-hat SEO practices, and to act a cold-caller to try to connect the unwitting into a conversation with a real person pretending to be someone or something they’re not.

So when you have to jump through hoops to sign up for a website, when you have to enter the almost unreadable code, when you have to verify an email address and give information about the name of your first dog… all of that is to try to make sure you are a genuine human being using the site for the purposes it was designed.

You only have to use the internet for a few days before you inevitably start to realise that it is not all filled with people who are what they claim to be, that not all information is reliable, that not all websites are created equally. I wouldn’t trade the freedom of the internet and the inherent suspicion on has to cultivate in order to survive the slightly lawless frontier of human interaction for a repressive regime governing every aspect of what was a great bastion of free speech — but I wouldn’t ever want to put limitations on companies or individuals protecting themselves either.

A Captcha — those collections of hand-written letters or a number taken from a blurry photo, or a collection of small pictures where you’ve got to select those that show cheese rather than flowers — those are a company making sure that it’s not a computer program trying to get into their site. You’d be surprised who uses these and for what.

Google use one if you do too many searches from the same connection within a certain time frame — but that’s the other side of what you don’t see. Some sites (I know this because I’ve done it myself) work really, really hard to make sure you don’t have to try to work out if that’s a lower-case “L” or a capital “I”; the use honeypots (hidden traps that the malicious robot can see but you won’t) to trick the bots into revealing themselves without putting the human users through too much hassle. There’s ways of looking at what information has been sent to that email form to see if it matches the sorts of things a spammer would send (unexpected links are an obvious one) and if those appear then the captcha is deployed.

The reason to then use a captcha rather than simply bin the message through the form is that sometimes a genuine person will send that information; no automated checker is going to be entirely fool-proof just as no automated attempt to get past it is going to work 100% of the time.

What you see, when you check your Gmail, when you sign up for a new online store, when you get your Groupon deals — that is best attempt at creating a great user experience — making it so you can use the website without giving free reign to those that want to profit unfairly from the hard work of others. It’s an ongoing battle, a cold war between the web builders and the web exploiters, as cold as anything done by the CIA and KGB back in the 60s and 70s.

So, as someone who makes websites — I would ask that if you find something that doesn’t make using a website as easy as you’d like; please bear with us, tell us what isn’t working for you, but don’t think we’ve just put that there to make your life harder.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.