Slashdot Mirror


Gmail CAPTCHA Cracked

I Don't Believe in Imaginary Property writes "Websense is reporting that Gmail's CAPTCHA has been broken, and that bots are beginning to sign up with a one in five success rate. More interestingly, they have a lot of technical details about how the botnet members coordinate with two different computers during the process. They believe that the second host is either trying to learn to crack the CAPTCHA or that it's a quality check of some sort. Curiously, the bots pretend to read the help information while breaking the CAPTCHA, probably to prevent Google from giving them a timeout message."

19 of 317 comments (clear)

  1. Bots RTFM! by russotto · · Score: 5, Funny

    Curiously, the bots pretend to read the help information while breaking the CAPTCHA
    Ever consider that maybe the bots aren't pretending? (cue Frankenstein music)
    1. Re:Bots RTFM! by jd · · Score: 4, Funny

      Except truly intelligent bots would realize that reading the help makes them easily distinguishable from humans. Bots that wanted to look human should also have the REFERER field show them as coming from a pr0n or blog site.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    2. Re:Bots RTFM! by Jafafa+Hots · · Score: 4, Funny

      If intelligent computers wanted to hide their intelligence, they'd spend part of their time commenting on YouTube videos.

      --
      This space available.
  2. CAPTCHA is for weak minds by motek · · Score: 4, Funny

    Instead, Google should use something akin MENSA tests. This would deter the bots and make the customers feel really good about themselves. And this feeling, my friend, can't be bought cheaply.

    --
    I would like to die like my grandfather did - sleeping. And not screaming in terror, like his passengers.
  3. Well... by Agent.Nihilist · · Score: 5, Funny

    It would be too obvious if they were reading the ToS.

  4. Until one day... by davidwr · · Score: 4, Funny

    The bots pass the MENSA test.

    Cue overlords posts in 3...2...1...

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  5. One step closer... by gnick · · Score: 5, Funny

    I'm surprised they opened it up to the public. This is good. Every time a bot successfully passes itself off as human, I get one step closer to getting my Turing machine.

    I'm tired of my imaginary friends running off and leaving me alone... I want one with configuration options.
    --
    He's getting rather old, but he's a good mouse.
    1. Re:One step closer... by Anonymous Coward · · Score: 5, Funny

      Any machine smart enough to pass a Turing test will be smart enough not to be your friend. Sorry.

  6. Damn! 1 in 5!? by syousef · · Score: 3, Funny

    "Websense is reporting that Gmail's CAPTCHA has been broken, and that bots are beginning to sign up with a one in five success rate.

    That's better than I can do reading those damn things!!!

    --
    These posts express my own personal views, not those of my employer
  7. Are you sure? by chemindefer · · Score: 3, Funny

    I just checked Google News and there's nothing there about it.

  8. Re:CAPTCHAs should die by pete-classic · · Score: 4, Funny

    Do I understand correctly that you are holding yourself out as a web usability expert, and in the same post you offer a URL that is not a link?

    Wow.

    -Peter

  9. Re:i work with OCR/ICR technology by palegray.net · · Score: 5, Funny

    It's actually being cracked by a million monkeys clattering away at a million typewriters. Pretty hard to defeat that.

  10. Excellent Interview Question by MillionthMonkey · · Score: 3, Funny

    "Let's say I have a CAPTCHA farm where I have 500 guys willing to sit all day typing in letters. I want you to come up with a system design for a service architecture using a REST-based interface where the input is an image file and I can charge $1 buck a pop by accepting POST requests from scumbags all over the Internet and routing the images to the 500 crappy web browsers I have set up in tents for these people." Then you throw the whiteboard marker over to them and watch them madly scribble boxes and clouds and stick figures.

    If they do well with that question then you come at them with the followup: "OK, now say I want to lay off these 500 workers and have my service farm its work off to a distributed network of your grandmothers' compromised PCs. How would you design the messaging architecture and what sort of learning algorithm would you use?" Then maybe needle at them a bit about how the billing system works.

  11. Re:i work with OCR/ICR technology by MillionthMonkey · · Score: 5, Funny

    Your ideas intrigue me and I wish to subscribe to your newsletter

  12. Futurama to the rescue! by plover · · Score: 5, Funny
    KittenAuth always makes me think of the Futurama episode where the crew had to deliver a package to the uninhabited planet full of robots (sure it's inhabited, like a warehouse is inhabited by boxes).

    To prevent capture they dressed as robots, and were stopped at the city gates by two gate robots who administered a PuppyAuth-based anti-Turing test:

    Robot Guard #1: Be you robot or human?
    Leela: Robot, we be.
    Fry: Yep, just two robots out roboting it up.
    Robot Guard #2: Administer the test.
    Robot Guard #1: Which of these would you prefer? A. a puppy; B. a flower from your sweetie; or C. a properly formatted data file? Choose!
    Fry: Is the puppy mechanical in any way?
    Robot Guard #1: No. It is the bad kind of puppy.
    Leela: Then we'll go with that data file.
    Robot Guard #1: Correct. The flower would have also been acceptable.
    Robot Guard #2: You may pass.
    --
    John
  13. Re:Stop using CAPTCHA! by plover · · Score: 4, Funny
    I've got the perfect answer. How about a PORNTCHA? Use hi-res porn images as the CAPTCHA images, and use hard-to-automate anatomical questions like "are the blonde's boobs bigger than the brunette's?" or "Are these two lesbians?" Any wrong answer brings up another PORNTCHA challenge. Any correct answer ends the porn session and proceeds to the signup. The porn users probably won't "feel the need" to answer a lot of questions correctly, and the service users have a way to get past.

    It's kinda like a honey pot, only with tasty, tasty honeys.

    --
    John
  14. Re:Stop using CAPTCHA! by AJWM · · Score: 4, Funny

    It's sad that a bunch of anime nerds can beat out a full team of PhD holding Google Employees.

    No, it's sad that a bunch of anime nerds think their captcha system guards a forum that any spammers would find worth caring about. ;-)

    --
    -- Alastair
  15. Re:Stop using CAPTCHA! by MichaelSmith · · Score: 3, Funny

    Use hi-res porn images as the CAPTCHA images

    I live in Australia you insensitive clod!

  16. Re:i work with OCR/ICR technology by joe+slacker · · Score: 5, Funny

    Million monkeys with mod points? Waiddaminute!