Skip navigation
Menu
End-User Platforms>Windows 7/8

Gotcha CAPTCHA!

How the good guys got trumped

In the category of “What will they think of next?” is this next item. In case you weren’t convinced that the best and brightest minds in our field often wear the other side's uniform (the black hats), this should convince you.

The latest hack out there is a new crack of the CAPTCHA technology. This little-known technology is the hard-to-read graphics that websites use to keep the spammer bots from signing up for their sites en-masse. You’ve probably used a CAPTCHA at some point, but in case you haven’t, it works like this. In addition to entering a logon ID and password, you have to enter the letters that appear in a little graphic, usually blurred or highly distorted.

For years, this technology has been working pretty well, with the CAPTCHA folks steadily increasing the amount of distortion to get around better and better OCR algorithms. However, some enterprising individual figured, "Why keep this machine-to-machine race up? Let’s let dumb humans help us trump the good guys!" What they do is when the graphic is presented, it is cross linked to another site--a site appearing to be a free porn site. All you have to do is type in the characters, doing the recognition job with the human mind, which is infinitely better than machines. So the dumb user gets his (or her) porn and the hacker gets to create multiple accounts for whatever illicit use they want (spam, buying front row tickets, whatever). The screwed ones are the original website and us users who pay the price in the form of more spam or more expensive tickets.

All I have to say is, brilliant move! It seems they’ve checked our mate, at least in terms of this particular technology. But the real sinister part of this is when hackers start using this trick (dumb humans) to crack other things. What I want to know is, where is the quantum-leap thinking like this one on the good guys' side? Let's see some real ingenuity to come up with ideas to fight these guys, rather than churning out more "me too" products and cash cow tech. How about making the background of the graphics a note saying “Don’t click on this unless you are at www.yahoo.com”? Or a picture of Uncle Sam saying “I’ve got my eyes on you”? That might discourage a few free porn seekers. Then again, never put it past the desperation of credit-cardless teenagers. Oh well, back to the drawing board

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
PowerShell screenshot shows Where-Object cmdlet
How to Use the PowerShell Where-Object Cmdlet
Aug 04, 2022
shield_icon_laptop.jpg
What To Do When Windows Defender Is Not Working
Mar 15, 2022
Computer Screen Showing Password Dialog Box
Microsoft Edge Downloads Updated for Azure AD Sign-In & Sync
Aug 22, 2019
mktg-wp-nolabel5
How to Approach the Windows 7 to 10 Migration
Aug 01, 2019