[bcab] Re: FlyBe

Hi Wendy.

It seems that people do click on the spam messages they get.  Remember that 
spammers send out so many messages that if only a tiny percentage respond 
positively it is financially worth it.

I think the purpose of the random spam messages with nonsense in them is to 
see which addresses in the database are live and which bounce messages.

For some figures on how many people read spam and info from an american 
perspective, read this New York Times article:
http://www.nytimes.com/2006/07/03/technology/03drill.html?_r=1&oref=slogin

Regards

Graham
Graham Page
Home Phone: 0207 265 9493
Mobile: 07753 607980
Fax:  0870 706 2773
Email: gpage@xxxxxxxxxxxxxx
MSN: gabriel_mcbird@xxxxxxxxxxx
Skype: gabriel_mcbird
----- Original Message ----- 
From: "Wendy Sharpe" <w.sharpe@xxxxxxxxxxxxx>
To: <bcab@xxxxxxxxxxxxx>
Sent: Friday, October 26, 2007 10:45 AM
Subject: [bcab] Re: FlyBe


Léonie

Thank you for this comprehensive explanation.  I am obviously a very boring,
simple-minded and honest person, because I am very puzzled by spammers and
bots.  Why would anyone (and there have to be people behind these things)
want to create multiple accounts?  What fun do they get out of it?

I can understand the banking scams where they want to get personal details
to use for their own financial gain, but creating multiple accounts on
something like google or yahoo seems pointless.

I have recently had quite a few messages with no subject line, nothing in
the body (or nothing JAWS can read) and just a name in the from box.  Again,
what is the point?

Wendy

-----Original Message-----
From: bcab-bounce@xxxxxxxxxxxxx [mailto:bcab-bounce@xxxxxxxxxxxxx] On Behalf
Of Léonie Watson
Sent: 25 October 2007 21:47
To: bcab@xxxxxxxxxxxxx
Subject: [bcab] Re: FlyBe

Evening,

I thought some background information on some of the aspects of this
thread might help. Grab a cup of tea, there's quite a bit coming up.

What is CAPTCHA? CAPTCHA is  a system used on websites to prevent
spammers from creating multiple accounts for suspect purposes. It is a
series of characters, such as "0 A H 22 Z", shown in a graphic.

Spammers create small programmes that can go through the motions of
signing up to a service, like Google mail for instance. These programmes,
sometimes called bots, are even capable of responding to the confirmation
emails sent out by most systems when a new account is created. The idea is
that a computer programme can't access the information in the graphic, where
as a human can. This aims to prevent the bots from doing their dirty work.

It's essentially the same problem a screen reader has. Like a bot, a
screen reader is a piece of software. When it encounters a graphic, it
doesn't understand what the graphic contains.

When CAPTCHA was first used, the characters in the graphic were
visually very clear. Then the spammers realised they could use OCR software
to get around the obstacle. The characters in CAPTCHA graphics are now
distorted, cramped close together or blurred slightly. This stops the OCR
from working and creates a successful barrier to keep the bots at bay.

That of course presents a substantial problem in terms of
accessibility. Screen magnifier users are unable to access the characters
because the clarity is so poor and screen reader users are blocked as
effectively as the spammer's bots.

Some sites provide an audio alternative to the CAPTCHA graphic.
However, bots are capable of listening to the audio version and can access
the information they need. Consequently, the audio versions are themselves
distorted. Often you'll hear noise, like the static on a radio for example,
in the background whilst the characters are being spoken.

The audio version can help for some people with a visual impairment,
but they are of no help at all to someone with both visual and hearing
difficulties. This naturally leads to the question of discrimination.

The DDA simply requires that organisations make a reasonable effort
to ensure their services are accessible to people with disabilities. The DDA
itself doesn't specifically mention websites at all. That came later with a
statutory code of practice from the DRC, which confirmed that a website was
a service under the terms of the DDA.

Here's where it all starts to get a bit tricky. The DDA doesn't
define a clear cut standard for accessibility. In fact, it doesn't even make
any suggestions about following appropriate guidelines. It just says that a
"reasonable effort" has to be made. It doesn't even define what a
"reasonable effort" might entail.

There are guidelines for web accessibility of course. The Web
Content Accessibility Guidelines (WCAG) form the global benchmark for
building and evaluating accessible websites. The guidelines consist of 65
checkpoints, each one covering a key point of web accessibility.

Checkpoint 1.1 of the WCAG deals with the provision of information
in alternative formats. For example transcripts for audio content or
alternative texts for graphical content. In other words, it requires that
all images have an appropriate and helpful alternative text.

So, that's simple, websites should just provide an alternative text
for the CAPTCHA graphic, right? Unfortunately not. In the same way that the
alternative text gives a screen reader all the information it needs, it also
gives the spammer's bots the same access. The barrier to prevent spammers
from creating thousands of multiple accounts very quickly is gone.

What it comes down to is this. On the one hand you've got a clear
contravention of an established accessibility guideline. On the other,
you've got a good argument why removing the CAPTCHA graphic would be an
unreasonable effort.

The WCAG have been used in several court cases in the USA and
Australia. In the UK though, we haven't had a single court case against a
website, under the DDA. In practical terms, no precedent has been set. There
is no case law which can act as a guide to what may, or may not, constitute
an accessible website.

If you made it this far, I hope this all made some sense. It's quite
a bit to get your head around. If anything isn't clear, let me know. I'll
grab another cup of tea and try to help.


Regards,
Léonie.

-- 
http://www.tink.co.uk/



***  BCAB List administration ***

If you wish to unsubscribe, set vacation,, request a digest or carry out
routine maintenance on your subscription to the list then go to:
http://www.bcab.org.uk/mailing-list.html

Alternatively, send an email to bcab-request@xxxxxxxxxxxxx with the word
faqin the subject line. You'll receive an email with advice on managing your
subscription to the list.

If you wish to discuss the administration of the list then contact:
bcab-moderators@xxxxxxxxxxxxx

***  BCAB List administration ***

If you wish to unsubscribe, set vacation,, request a digest or carry out 
routine maintenance on your subscription to the list then go to:
http://www.bcab.org.uk/mailing-list.html

Alternatively, send an email to bcab-request@xxxxxxxxxxxxx with the word 
faqin the subject line. You'll receive an email with advice on managing your 
subscription to the list.

If you wish to discuss the administration of the list then contact:
bcab-moderators@xxxxxxxxxxxxx


__________ NOD32 2619 (20071026) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com


***  BCAB List administration ***

If you wish to unsubscribe, set vacation,, request a digest or carry out 
routine maintenance on your subscription to the list then go to:
http://www.bcab.org.uk/mailing-list.html

Alternatively, send an email to bcab-request@xxxxxxxxxxxxx with the word faqin 
the subject line. You'll receive an email with advice on managing your 
subscription to the list.
 
If you wish to discuss the administration of the list then contact:
bcab-moderators@xxxxxxxxxxxxx

Other related posts: