It depends.
Do you want to determine that a user is a bot almost all of the time, assuming people are not trying to fool you?
Or do you want a secure method?
A secure method would be a bother. It would probably require us to put up dot-pictures that people have to recognize patterns in, ala yahoo's account creation page.
We can certainly use a heuristic to determine if a user is acting like a bot. Then, they can be challenged as above, to see if they are a person.
- ray
On Oct 26, 2003, at 6:01 PM, Tim Starling wrote:
ray@ganymede.org wrote:
I am curious why the note that I sent about this issue seemed to end the thread, with no follow-up. Has this kind of option been rejected in the past? This seems to be a fairly standard security/authentication issue and I believe that the technology I suggested is the kind of thing that would be fairly obvious. Am I wrong about something here? Just to add, with a authentication architecture, you could much more easily offer offline editing with subsequent re-integration of the content. Or am I swimming against the current here?
How can you tell the difference between a bot and a person without annoying people? I'm not aware of any non-annoying method which is even close to effective. Without an effective method, your scheme do nothing but annoy the legitimate bot-runners and slightly inconvenience the hackers. Not to mention the development time required.
-- Tim Starling.
Wikitech-l mailing list Wikitech-l@Wikipedia.org http://mail.wikipedia.org/mailman/listinfo/wikitech-l