ReCAPTCHA.net Now Vulnerable to Algorithmic Attack

← Back to Stories (view on slashdot.org)

ReCAPTCHA.net Now Vulnerable to Algorithmic Attack

Posted by timothy on Thursday August 5, 2010 @08:59AM from the bless-you! dept.

n3ond4x writes "reCAPTCHA.net algorithms have been developed to solve the current CAPTCHA at an efficacy of 30%. The algorithms were disclosed at DEFCON 18 over the weekend and have since been made available online. Also available is a video demonstration of random reCAPTCHA.net CAPTCHAs being subjected to the algorithms." There's probably an excellent Firefox plugin to render this page's color scheme more bearable. Note: the PowerPoint presentation linked opens fine in OpenOffice, and the video speaks for itself.

6 of 251 comments (clear)

Min score:

Reason:

Sort:

Human Success? by Anonymous Coward · 2010-08-05 09:03 · Score: 5, Insightful

So what is the average human success rate? I think mine is only about 50%
Bad Hacking by pz · 2010-08-05 09:16 · Score: 4, Insightful

Why would anyone want to do this? It's like attacking the UN peace keeping troops or the Red Cross. reCAPTCHA is doing good work, digitizing scanned printed books so that the the text can be made available for online searching. Breaking reCAPTCHA is like defecating in the village well, ensuring that everyone suffers. No one benefits from reCAPTCHA being broken. No one.

--

Put my fist through my alarm clock with its ding-dong death inside my ear. - The Blackjacks.
1. Re:Bad Hacking by Dhalka226 · 2010-08-05 09:31 · Score: 5, Insightful
  
  No one benefits from reCAPTCHA being broken. No one.
  Spammers.
2. Re:Bad Hacking by maxume · 2010-08-05 09:32 · Score: 5, Insightful
  
  Actually, it could be of use to reCAPTCHA, they can just pass their test words through this system before they make them public and then use the output to help prevent similar attacks.
  
  --
  Nerd rage is the funniest rage.
3. Re:Bad Hacking by Flyne · 2010-08-05 09:42 · Score: 4, Insightful
  
  The problem of breaking reCAPTHCA is precisely the same problem as increasing computer OCR abilities, since reCAPTCHA by design uses words which current OCR abilities are inadequate for. This is a good thing for AI and computer vision and text digitization.
4. Re:Bad Hacking by sbayless · 2010-08-05 09:58 · Score: 5, Insightful
  
  No one benefits from reCAPTCHA being broken. No one
  You couldn't be more wrong. Sure, breaking reCAPTCHA would create a headache for website admins (including me, for example), but in order to break reCAPTCHA someone has to devise a better text recognition program. And that's great news! This is an example of a general side effect of the cat and mouse game that are captchas. Captcha's are a simple form of Turing Test, where website admins are trying to determine who is a computer and who is a real human being. Every time a captcha gets broken, we get a sophisticated new algorithm for doing something that previously only humans could do (or only humans could do well, at least).