From: PA
> Anyone has a suggestion for a simple (simplistic?) CAPTCHA mechanism?
> By simple, I mean not necessarily requiring heavy duty image
> generation
> or such...
A math-based CAPTCHA is exactly what I designed for a (Ruby) quiz a
couple years ago. I cannot vouch for its effectiveness versus bots, but
it seemed like it would be a sufficiently annoying amount of custom
programming for spammers to fight.
Something to avoid with the match captchas is trivially parsable text. You could build up a formula tree in Lua, then serialize it, and then expect humans with their knowledge about parsing mathematical expressions to solve it. A (good or bad, depending on your perspective) side-effect of increasingly-difficult math will result in filtering of *real* people, too.
The biggest problem with major captchas is that there's always a team of near-slave labor working somewhere to enumerate them all, so it becomes essentially a cryptographic arms-race. You want an algorithm to produce so many possible outputs (that are all humanly solvable) that it can't be brute-forced by enumeration.