October 09, 2003

Solving a CAPCTHA.

A CAPTCHA is a program that can generate and grade tests that most humans can pass, but a computer program cannot. One example is the distorted picture of a word that a new user is asked to identify as the final step in registering for a new Yahoo email account to prevent automated registrations.

Although some of the easier CAPTCHAs have been solved with recent advances in computer vision, the more difficult ones have not. Now under the category of I wish I had thought of that, this news story in the Pittsburgh Post-Gazette mentions how one person cracked a CAPTCHA test:

Someone designed a software robot that would fill out a registration form and, when confronted with a CAPTCHA test, would post it on a free porn site. Visitors to the porn site would be asked to complete the test before they could view more pornography, and the software robot would use their answer to complete the e-mail registration.
I bet it did not take more than a few seconds to complete the registration. As with most security measures, it is not the algorithm or the mathematics, but the human factors back door that will get you every time.

Posted by mjm at October 9, 2003 11:44 PM

Post a comment

Remember personal info?