The Cost of Comments
I was originally going to post this in the comments on Scott's post on the Worth(lessness) of CAPTCHAs, but my comments turned into a post.
I think CAPTCHAs need to be looked at from a cost perspective versus a technical perspective to see why they are effective.
For the blogger, the CAPTCHA has relatively no cost.
For the average user, the CAPTCHA has a very small cost: a few nanoseconds extra to download the page and a brain cycle or two to read the image (if they post a comment).
For the comment spammer, the cost is relatively high. Either they have to write a complicated program that takes quite a bit of CPU power to crack each CAPTCHA or they have to "pay" someone to read it for them.
Once you raise the price of posting comment spam, even a little, it takes away the cost/benefit gain of the comment spammer. They lose when it costs them to post a comment. Even if they still post comments, it now costs them more and so they will make less.
I like Scott's authentication/moderation idea, but if you read the inverview with the comment spammer on the Register it is not enough since registration can be automated. I think authentication/moderation pushes the cost to the wrong people: the blogger has to moderate (high cost), the user has to register (medium cost), while the spammer just automates registration (low cost).