Re: CAPTCHAs can FOAD.
Tests designed to weed the Humans from the computers are often difficult if not impossible for the Humans to solve, yet obscenely easy for the Computers to thwart.
They're also solving the wrong problem, since even a perfect human-detection test would still stuff from human-based attacks, such as Mechanical-Turk-style paid attackers, and other incentives. I've seen reports of spammers reflecting CAPTCHAs to porn sites, so consumers of the latter solve the CAPTCHA in exchange for product. That sort of thing is trivial to engineer and costs the attackers almost nothing.
What's needed is a test to see whether the user is both sincere and aware of what resource the test is unlocking. Good luck with that.