CAPTCHA is not working against all robots anymore but...
Also many reCAPTCHAs are being bypassed, it still work against many robots, although newer robots use Artificial Intelligence and they are quickly able to bypass most of the reCAPTCHAs.
At some point, the main reason for the bypass was the fact that some people were getting paid to resolve those reCAPTCHAs. In other words, some people were offered the job to do just that! They go to a computer, resolve many reCAPTCHAs and get paid something like 2 cents per successful resolutions. The result is that websites with reCAPTCHAs still receive a lot of spam!
In 2017, it looks like such businesses have pretty much all disappeared. It certainly wasn't a good idea and it is likely that Google has worked on preventing such businesses from doing their job (i.e. probably by detecting that the same computers would resolved too many reCAPTCHA in a row.)
Now, when a stupid robot (opposed to a person) accesses the site, the robot tries again and again from the same computer. This means we'll get many failures from the same IP address. We count these failed attempts and once too many failures are detected, we completely block the IP address with our firewall. The block is permanent, at least until we reboot the server (which happens once in a while as the kernel gets updated, for example.)
This has proven quite useful at blocking spam and saving resources on our servers. To give you an idea, on our main company website (https://www.m2osw.com/) we got something like 16 failures in about 2 hours from the time we installed the new capability. This means 8 failures/hour, or about 200 a day. You can imagine that if we get an attack, it could represent 1,000 or more hits (the largest I've seen against our server was over 6,800). With this mechanism, and since an attack is generally from the same computer, it gets blocked after just a few failures and all the following acceses are blocked by the firewall. This means they don't even reach the web server and that saves a lot of resources (processing time, disk I/O, bandwidth...)
Our next version of Snap! already includes an even more advanced version of this: it works for all the existing websites on all the existing servers (i.e. because we have a load balancing system which supports many servers so all need to have their firewall updated) and at some point it will be capable of just turning off the interactivity for the user. This means the user will still be able to access the site, but commenting and contact forms will all be turned off.
Comments
Brand new update of SEO/SMM software "XRumer 16.0 + XEvil"
Brand bew update of SEO/SMM package "XRumer 16.0 + XEvil 2.0": automated software to resolve CAPTCHAs from Google, Facebook, VKontakte, Yandex, Solve Media, and more than 8,400 other types of CAPTCHA, with highest precision (80..100%) and highest speed (100 img per second). You can connect XEvil 2.0 with all most popular SEO/SMM programs: XRumer, GSA SER, ZennoPoster, Srapebox, Senuke, and more than 100 other programs. Interested? Just Google for "XRumer 16 + XEvil 2.0", or you can find intro movie in YouTube: "XEvil: new OCR - captcha solver" See you later ;)
SMS From Me now uses "I'm not a Robot"
The old reCAPTCHA was not working well anymore. So we are switching to the new "I'm not a Robot" version, even on our old Drupal systems we will now offer the "I'm not a Robot".
If you have difficulties, let us know. We may have some server caches in the way that need to be reset.