[Gnolfo]

"Spammers are lazy" does kinda work for the multitudes of small-traffic sites out there. Put together some unique or custom validation to keep out spambots and odds are that's all you'll ever need.

The thing is, for big sites like Google or Yahoo that won't work. If Google implemented the slider I'd bet a month's salary that it would be flooded with spammers overnight. The CAPTCHA's they use have been put through the ringer and are proven to work against spammers who are focused and resourceful. By lining the two up like that, the post tries to equivocate big site CAPTCHAs with user-friendly client-side-only validation, but the latter is not even in the same league, much less an alternative. It works for the same reasons "Enter the sum of 3 and 5: ____" would work.

[wooster]

  The CAPTCHA's they use have been put through the ringer 
  and are proven to work against spammers who are focused 
  and resourceful.

Not really:

- http://securitylabs.websense.com/content/Blogs/2919.aspx

- http://www.cs.sfu.ca/~mori/research/gimpy/

- http://www.zdnet.co.uk/news/security-management/2004/05/06/s...

- http://caca.zoy.org/wiki/PWNtcha

etc. Most of those articles are from several years ago. The state of the art has improved since then.

[Gnolfo]

Sorry, I should have been clearer on what I meant. Google/etc CAPTCHAs don't work 100% against anti-CAPTCHA. As those articles suggest it's a fluctuating 80% or so, and obviously an ongoing arms race.

My point was more to the fact that the slider solution wouldn't retain anywhere near the same stats if it were put up against the same level of effort and sophistication spent towards breaking it. It would get solved and then bypassed completely.