Hacker News new | past | comments | ask | show | jobs | submit login

It's not an uncommon strategy (eg: fill up a comment form with hidden but obviously named form fields) and since people won't be filling in those hidden fields then bots will have revealed themselves.

This isn't by any means a complete solution however it does catch 90% of drive-by spam.




Careful! There are legitimate toolbars that will helpfully prefill forms, sometimes even hidden fields. I've been bitten by this in production.


Yup, this is also known as the Honeypot Captcha technique: http://haacked.com/archive/2007/09/11/honeypot-captcha.aspx


That's an interesting approach, but I guess as soon as it would become mainstream, the bots would adapt without many problems.


Depending on how the fields were hidden, they may need to render and reflow html, css and dom changes by javascript.

None of which is all that difficult for a full size browser, but it may be prohibitively resource intensive for a high-volume spam bot.


Lynx. :-(




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: