Subscribe to Windows IT Pro

 

Get Newsletters

  • Get the Latest News
  • Product Updates
  • Helpful Tricks
  • Productivity Tips

Subscribe Now!

July 15, 2008 12:00 AM

Gotcha CAPTCHA!

How the good guys got trumped
Glenn Kramer, Tony Howlett
Windows IT Pro
InstantDoc ID #99773
Rating: (1)

In the category of “What will they think of next?” is this next item. In case you weren’t convinced that the best and brightest minds in our field often wear the other side's uniform (the black hats), this should convince you.

The latest hack out there is a new crack of the CAPTCHA technology. This little-known technology is the hard-to-read graphics that websites use to keep the spammer bots from signing up for their sites en-masse. You’ve probably used a CAPTCHA at some point, but in case you haven’t, it works like this. In addition to entering a logon ID and password, you have to enter the letters that appear in a little graphic, usually blurred or highly distorted.

For years, this technology has been working pretty well, with the CAPTCHA folks steadily increasing the amount of distortion to get around better and better OCR algorithms. However, some enterprising individual figured, "Why keep this machine-to-machine race up? Let’s let dumb humans help us trump the good guys!" What they do is when the graphic is presented, it is cross linked to another site--a site appearing to be a free porn site. All you have to do is type in the characters, doing the recognition job with the human mind, which is infinitely better than machines. So the dumb user gets his (or her) porn and the hacker gets to create multiple accounts for whatever illicit use they want (spam, buying front row tickets, whatever). The screwed ones are the original website and us users who pay the price in the form of more spam or more expensive tickets.

All I have to say is, brilliant move! It seems they’ve checked our mate, at least in terms of this particular technology. But the real sinister part of this is when hackers start using this trick (dumb humans) to crack other things. What I want to know is, where is the quantum-leap thinking like this one on the good guys' side? Let's see some real ingenuity to come up with ideas to fight these guys, rather than churning out more "me too" products and cash cow tech. How about making the background of the graphics a note saying “Don’t click on this unless you are at www.yahoo.com”? Or a picture of Uncle Sam saying “I’ve got my eyes on you”? That might discourage a few free porn seekers. Then again, never put it past the desperation of credit-cardless teenagers. Oh well, back to the drawing board

Related Content:

ARTICLE TOOLS


Want to use this article? Click here for options!

Comments
Add A Comment
  • MaraJenda
    2 years ago
    Mar 04, 2010

    its really wonderful information give me and valuable and i like your site because this site has good information all of user
    <a href="http://www.articlesbase.com/health-articles/the-weider-xfactor-reviews-where-to-buy-the-weider-xfactor-1934253.html">The Weider X-Factor</a>

  • alima
    2 years ago
    Feb 02, 2010

    Only One word to characterize such a great post “WOW” that was a very interesting read
    such a wonderful information for me..i am really impress it.
    [url=http://www.articlesbase.com/health-articles/acai-optimum-review-get-free-trial-now-1704552.html]Acai Optimum[/url]
    Acai Optimum
    http://www.articlesbase.com/health-articles/acai-optimum-review-get-free-trial-now-1704552.html

You must log on before posting a comment.

Are you a new visitor? Register Here

advertisement

advertisement

White Papers

Get your Windows 7 deployment off to the right start by implementing PC lockdown. A locked-down environment is easier and cheaper to support since users are less likely to make unnecessary changes to the core system configuration - read more here!

Essential Guides

Is your iSCSI "lossy"? The reality is that most off-the-shelf Ethernet hardware deployed for iSCSI can lose packets, resulting in slow performance or application downtime. Learn how to assess your current iSCSI infrastructure and engineer an advanced iSCSI SAN infrastructure.

Web Seminars

What's the best way to keep your network safe from malware? In this web seminar, security expert Greg Shields suggests an alternative method to the traditional blacklisting approach that is common with anti-virus and anti-malware solutions.

eLearning Series

We bring the experts direct to you to share their real-world perspective and expertise. During each event, three sessions stream in real time, so you can learn, ask questions, and get solutions.
Upcoming event: Getting the Most with Exchange 2010 with Paul Robichaux

Subscribe to Windows IT Pro!

Cloud IT Pro DevProConnections Left-Brain Mobile Dev Pro SharePoint Pro SQL Server Pro SuperSite for Windows Windows IT Pro

© 2012 Penton Media, Inc.

Home About Us Advertise Customer Service Privacy Statement Subscribe/Renew Terms Of Use

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.