Lunch at the Labs
Stuff I used to talk about during lunch at AT&T and Bell Labs. You are visitor
Although some of the easier CAPTCHAs have been solved with recent advances in computer vision, the more difficult ones have not. Now under the category of I wish I had thought of that, this news story in the Pittsburgh Post-Gazette mentions how one person cracked a CAPTCHA test:
Someone designed a software robot that would fill out a registration form and, when confronted with a CAPTCHA test, would post it on a free porn site. Visitors to the porn site would be asked to complete the test before they could view more pornography, and the software robot would use their answer to complete the e-mail registration.I bet it did not take more than a few seconds to complete the registration. As with most security measures, it is not the algorithm or the mathematics, but the human factors back door that will get you every time.
I think this will turn out to be another example of a big business not knowing what is in its own best interest and reflexively resisting anything new because they are afraid of change. (The prime example of such behavior is how the movie business fought the introduction of the VCR and how it turned out to be a boon to their business.) What are the odds that someone who takes the effort to put themselves on a do not call list would ever buy something from a telemarketer? I would guess it's just about zero for all practical purposes. So I suspect that by weeding out bad prospects, the telemarketers will have a much higher acceptance rate and now get nearly as many customers for much less the cost. This will result in a loss of jobs for the poor people who actually make the calls, but who can believe the DMA when they say they are concerned about that.