Posted by Rik on 03/05/07 08:07

patrick j <usemywebsite@googlemail.com> wrote:
> On Mar 4, 2007 dorayme wrote:
>
>> We had a thread a while back in which Spider Monkey gave some
>> impressive results of personal trials using encoding etc and no
>> one really challenged the fact that various masking techniques
>> were quite effective in practice.
>
> Yes, I recall that thread. Was it Spider Monkey however who did the
> tests?
>
>> I believe now in encoding email addresses and my view is that
>> spam bots will go for the low lying fruit and that it is worth it
>> to put email addresses onto higher branches.
>
> I've gone through the various suggestions and now I think I'll use the
> suggested javascript.
>
> Although it's true it doesn't work if javascript is off, I think for this
> web-page 99% of users will have javascript on.
>
> The web form I think is the most secure way to prevent the email address
> being harvested however the neatness of just the email address on the
> web-page is nice in this application.
>
> For some reason I think the javascript might be more secure than using
> ASCII number alternative to the actual letters but I don't know why I
> think
> that.

Well, reverting ascii values and/or htmlentities back to their characters
is very easy to do in almost every language I know.
--
Rik Wasmus

[Back to original message]