Update (April 19^th 2009) - A recent article in the Vancouver Sun further discuss the issue. While there are no new technical details, the discussion that follows the article is illuminating

Insufficient anti-automation is fast becoming a major, if not the major threat to web application. The reason is that it can be very profitable for the hacker, and on the other hand it is far from a simple vulnerability just requiring a quick fix.

TicketMaster on going combat with hackers line bypassing to buy event tickets to resell them for a high price is a very good example of the issue. In this specific example the hackers demonstrate that Captcha, a method of blocking automated programs by presenting a challenge supposedly difficult for a computer software, is not sufficient.