From owner-freebsd-questions@FreeBSD.ORG Sat Feb 25 11:32:27 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ED1551065673 for ; Sat, 25 Feb 2012 11:32:27 +0000 (UTC) (envelope-from feenberg@nber.org) Received: from mail2.nber.org (mail2.nber.org [66.251.72.79]) by mx1.freebsd.org (Postfix) with ESMTP id 87EA78FC0A for ; Sat, 25 Feb 2012 11:32:27 +0000 (UTC) Received: from nber6.nber.org (nber6.nber.org [66.251.72.76]) by mail2.nber.org (8.14.4/8.14.4) with ESMTP id q1PBWOpr020441; Sat, 25 Feb 2012 06:32:25 -0500 (EST) (envelope-from feenberg@nber.org) Received: from localhost (feenberg@localhost) by nber6.nber.org (8.14.4/8.14.4/Submit) with ESMTP id q1PBSLo7026260; Sat, 25 Feb 2012 06:28:21 -0500 (EST) X-Authentication-Warning: nber6.nber.org: feenberg owned process doing -bs Date: Sat, 25 Feb 2012 06:28:21 -0500 (EST) From: Daniel Feenberg X-X-Sender: feenberg@nber6 To: freebsd-questions@freebsd.org In-Reply-To: <4F486340.7040907@herveybayaustralia.com.au> Message-ID: References: <4F47620D.24859.53F9A2B@dave.g8kbv.demon.co.uk> <868vjs8nto.fsf@ds4.des.no> <4F478D8B.31307.5E97C34@dave.g8kbv.demon.co.uk> <4F486340.7040907@herveybayaustralia.com.au> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.39/RELEASE, bases: 20120225 #7086908, check: 20120225 clean Subject: Re: Security? [Re: Why is this Symbol in the front of your website. A humble request.] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Feb 2012 11:32:28 -0000 On Sat, 25 Feb 2012, Da Rock wrote: > On 02/25/12 12:03, David Brodbeck wrote: >> On Fri, Feb 24, 2012 at 5:15 AM, Dave wrote: >>> Those address links need changing to graphic's, so that most address >>> harvesting bots won't get anything usable. >>> >>> Mk1 eyeball can still see what's what, but if you have to use the info, >>> you have to re-type it manually. >> I really don't recommend that. Keep in mind not everyone can use the >> "Mk1 eyeball." Websites need to be accessible to blind people using >> screen reader software, too. > And therein lies the problem. How do you maintain accessibility while > preventing bots from harvesting? You can't have your cake and eat it too... > :) > > Only solution lies in a security gate of good filters and blocklists. But > occasionally one or two will still pass. An email address can be hidden from bots without violating section 508, for instance: feenberg is at nber dot org or some variant won't be picked up by a robot. But is it really practical to treat an email address as a secret, when it will be shared with hundreds of correspondents? I have mostly thought that was hopeless. We do it on our website because we don't want to bother arguing with people. daniel feenberg feenberg@nber.org