Quoting Wikipedia, a CAPTCHA is a type of challenge-response test used in computing to ensure that the response is not generated by a computer.
CAPTCHA are often used when subscribing to a popular service that would otherwise be subject to be targeted by bots.
However, there are several ways to break captchas :
The first one is to use the human brain. Some spammers have been using p0rn websites : they get the captcha image from Yahoo or MSN, then ask some good-willing guy visiting their website to enter the captcha meaning to be able to watch available pictures....
Quite smart indeed.
One other possibility is to use latest advances in shape-recognition algorithms that enable a computer to automatically "read" the content of an image, even if it's been rotated or distorted.
With more research being done in that field and more powerful computers being used to break CAPTCHA, we will sadly soon reach a level where the amount of complexity required to "hide" the meaning of the CAPTCHA from automated computers will be too much for the human brain to make sense of it.
It's already possible to find some very annoying CAPTCHA that makes you feel bad about subscribing to a given service. Things will even get worse from here...
But with captcha being broken, how will you prevent bot-automated subscription in the future ?
One answer might come from more centralized way of handling the identify of users, such as OpenID. By adding some kind of social filtering of users, it might indeed be possible to ensure that bots will never reach enough trust to be able to subscribe. But that's also a problem since you don't want to loose "real" people in the process...
One other possibility might be to run NP problems on the client side, so subscription would require quite a lot of client CPU power (and very little server CPU for the correctness check). This would not stop spam bots but at least increase their hardware cost (we would still have trouble with botnets...).
Actually, this idea of having the client computer doing complex calculus can be applied to the human as well. Character recognition is still quite CPU expensive, so if you still want to use CAPTCHA on your website, why not help people to digitize books at the same time ?
reCAPTCHA does just that, and as they say "stop spam, read books"