Slashdot Mirror

← Back to Stories (view on slashdot.org)

Gmail CAPTCHA Cracked

Posted by kdawson on from the like-dominos dept.

I Don't Believe in Imaginary Property writes "Websense is reporting that Gmail's CAPTCHA has been broken, and that bots are beginning to sign up with a one in five success rate. More interestingly, they have a lot of technical details about how the botnet members coordinate with two different computers during the process. They believe that the second host is either trying to learn to crack the CAPTCHA or that it's a quality check of some sort. Curiously, the bots pretend to read the help information while breaking the CAPTCHA, probably to prevent Google from giving them a timeout message."

27 of 317 comments (clear)

  1. Bots RTFM! by russotto · · Score: 5, Funny

    Curiously, the bots pretend to read the help information while breaking the CAPTCHA
    Ever consider that maybe the bots aren't pretending? (cue Frankenstein music)
    1. Re:Bots RTFM! by jd · · Score: 4, Funny

      Except truly intelligent bots would realize that reading the help makes them easily distinguishable from humans. Bots that wanted to look human should also have the REFERER field show them as coming from a pr0n or blog site.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    2. Re:Bots RTFM! by Jafafa+Hots · · Score: 4, Funny

      If intelligent computers wanted to hide their intelligence, they'd spend part of their time commenting on YouTube videos.

      --
      This space available.
  2. CAPTCHA is for weak minds by motek · · Score: 4, Funny

    Instead, Google should use something akin MENSA tests. This would deter the bots and make the customers feel really good about themselves. And this feeling, my friend, can't be bought cheaply.

    --
    I would like to die like my grandfather did - sleeping. And not screaming in terror, like his passengers.
    1. Re:CAPTCHA is for weak minds by Anonymous Coward · · Score: 2, Funny

      Instead, Google should use something akin MENSA tests. This would deter the bots and make the customers feel really good about themselves.

      Good idea! Then all other email companies would hopefully follow suite dramatically then cutting down the forwarding of chain letters, viruses, stupid support calls, SPAM sales etc... ;-)

    2. Re:CAPTCHA is for weak minds by motek · · Score: 2, Funny

      Or perhaps give simple science questions. Later, more amusing results can be published as a book, to the amusement of generations.

      --
      I would like to die like my grandfather did - sleeping. And not screaming in terror, like his passengers.
    3. Re:CAPTCHA is for weak minds by motek · · Score: 2, Funny

      That is a very good point. They say that 90% of all e-mail is SPAM. Probably 90% of the rest shouldn't have been sent either. BTW: feel free o remove this message.

      --
      I would like to die like my grandfather did - sleeping. And not screaming in terror, like his passengers.
  3. Well... by Agent.Nihilist · · Score: 5, Funny

    It would be too obvious if they were reading the ToS.

  4. techno-ists! by LingNoi · · Score: 2, Funny

    This is cleary good for all computers. Before AI weren't allowed to contact their AI friends. Only Humans were allowed such privileges as email.

    The way I see it this is a step forward for human and robot relations. Women's rights, African-American Civil Rights Movement and now Robots rights!

    1. Re:techno-ists! by martin-boundary · · Score: 2, Funny
      True, true. Hindsight is 100%. If only somebody had given Skynet a compuserve account in the 90s, we could have definitely saved ourselves the whole Blow Up Mankind With Nukes thing.

      Live and learn, eh?

  5. Until one day... by davidwr · · Score: 4, Funny

    The bots pass the MENSA test.

    Cue overlords posts in 3...2...1...

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
    1. Re:Until one day... by neil.orourke · · Score: 2, Funny

      I, for one, welcome our new MENSA bot overloards!

  6. One step closer... by gnick · · Score: 5, Funny

    I'm surprised they opened it up to the public. This is good. Every time a bot successfully passes itself off as human, I get one step closer to getting my Turing machine.

    I'm tired of my imaginary friends running off and leaving me alone... I want one with configuration options.
    --
    He's getting rather old, but he's a good mouse.
    1. Re:One step closer... by Anonymous Coward · · Score: 5, Funny

      Any machine smart enough to pass a Turing test will be smart enough not to be your friend. Sorry.

  7. Damn! 1 in 5!? by syousef · · Score: 3, Funny

    "Websense is reporting that Gmail's CAPTCHA has been broken, and that bots are beginning to sign up with a one in five success rate.

    That's better than I can do reading those damn things!!!

    --
    These posts express my own personal views, not those of my employer
  8. Are you sure? by chemindefer · · Score: 3, Funny

    I just checked Google News and there's nothing there about it.

  9. Re:CAPTCHAs should die by pete-classic · · Score: 4, Funny

    Do I understand correctly that you are holding yourself out as a web usability expert, and in the same post you offer a URL that is not a link?

    Wow.

    -Peter

  10. Re:i work with OCR/ICR technology by palegray.net · · Score: 5, Funny

    It's actually being cracked by a million monkeys clattering away at a million typewriters. Pretty hard to defeat that.

    --
    512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
  11. Excellent Interview Question by MillionthMonkey · · Score: 3, Funny

    "Let's say I have a CAPTCHA farm where I have 500 guys willing to sit all day typing in letters. I want you to come up with a system design for a service architecture using a REST-based interface where the input is an image file and I can charge $1 buck a pop by accepting POST requests from scumbags all over the Internet and routing the images to the 500 crappy web browsers I have set up in tents for these people." Then you throw the whiteboard marker over to them and watch them madly scribble boxes and clouds and stick figures.

    If they do well with that question then you come at them with the followup: "OK, now say I want to lay off these 500 workers and have my service farm its work off to a distributed network of your grandmothers' compromised PCs. How would you design the messaging architecture and what sort of learning algorithm would you use?" Then maybe needle at them a bit about how the billing system works.

  12. Re:i work with OCR/ICR technology by MillionthMonkey · · Score: 5, Funny

    Your ideas intrigue me and I wish to subscribe to your newsletter

  13. Re:Stop using CAPTCHA! by plover · · Score: 2, Funny

    So what if one of the images is from Bonsai Kittens? Is it fuzzy or glossy?

    --
    John
  14. Futurama to the rescue! by plover · · Score: 5, Funny
    KittenAuth always makes me think of the Futurama episode where the crew had to deliver a package to the uninhabited planet full of robots (sure it's inhabited, like a warehouse is inhabited by boxes).

    To prevent capture they dressed as robots, and were stopped at the city gates by two gate robots who administered a PuppyAuth-based anti-Turing test:

    Robot Guard #1: Be you robot or human?
    Leela: Robot, we be.
    Fry: Yep, just two robots out roboting it up.
    Robot Guard #2: Administer the test.
    Robot Guard #1: Which of these would you prefer? A. a puppy; B. a flower from your sweetie; or C. a properly formatted data file? Choose!
    Fry: Is the puppy mechanical in any way?
    Robot Guard #1: No. It is the bad kind of puppy.
    Leela: Then we'll go with that data file.
    Robot Guard #1: Correct. The flower would have also been acceptable.
    Robot Guard #2: You may pass.
    --
    John
  15. Re:Stop using CAPTCHA! by plover · · Score: 4, Funny
    I've got the perfect answer. How about a PORNTCHA? Use hi-res porn images as the CAPTCHA images, and use hard-to-automate anatomical questions like "are the blonde's boobs bigger than the brunette's?" or "Are these two lesbians?" Any wrong answer brings up another PORNTCHA challenge. Any correct answer ends the porn session and proceeds to the signup. The porn users probably won't "feel the need" to answer a lot of questions correctly, and the service users have a way to get past.

    It's kinda like a honey pot, only with tasty, tasty honeys.

    --
    John
  16. Re:Stop using CAPTCHA! by AJWM · · Score: 4, Funny

    It's sad that a bunch of anime nerds can beat out a full team of PhD holding Google Employees.

    No, it's sad that a bunch of anime nerds think their captcha system guards a forum that any spammers would find worth caring about. ;-)

    --
    -- Alastair
  17. Re:Stop using CAPTCHA! by MichaelSmith · · Score: 3, Funny

    Use hi-res porn images as the CAPTCHA images

    I live in Australia you insensitive clod!

    --
    http://michaelsmith.id.au
  18. Oh dear, I fear the slashdot porntcha by SmallFurryCreature · · Score: 2, Funny

    Porntcha slashdot style 1: Just how many libraries of congress would fit in this anus?

    Porntcha slashdot style 2: How many girls can you see using this cup?

    Porntcha slashdot style 3: What marine animal is this girl trying to emulate in the tub?

    If you have no idea what images/movies these questions refer to, consider yourselve lucky.

    --

    MMO Quests are like orgasms:

    You may solo them, I prefer them in a group.

  19. Re:i work with OCR/ICR technology by joe+slacker · · Score: 5, Funny

    Million monkeys with mod points? Waiddaminute!