Slashdot Mirror

← Back to Stories (view on slashdot.org)

Analyzing CAPTCHAs

Posted by CmdrTaco on from the i-fail-more-than-i-win dept.

Bruce Schneier's blog pointed me to a research paper on "Attacks and Design of Image Recognition CAPTCHAs" (PDF). The abstract says, "We systematically study the design of image recognition CAPTCHAs (IRCs) in this paper. We first review and examine all IRCs schemes known to us and evaluate each scheme against the practical requirements in CAPTCHA applications, particularly in large-scale real-life applications such as Gmail and Hotmail."

7 of 105 comments (clear)

  1. Re:hmm... by melikamp · · Score: 4, Funny

    It's happening already, I think, with turn-key solutions floating around featuring 20-35% accuracy. I don't have 100%, more like 80% or so, and I am a human.

    OT, but I found a way to make RECAPTCHA entertaining. With two words given, I always just type one of the words, and put "fuck" for the other. The accuracy falls below 50%, but the giggles make it all worthwhile.

  2. Re:Chinese CAPTCHA farms by buck-yar · · Score: 3, Informative

    I heard porn sites were require a captcha to view an image, but it was really a redirect from another captcha. So porn surfers were solving captchas for bots.

  3. Re:Too focused on being perfect by Cro+Magnon · · Score: 3, Insightful

    At some point, CAPTCHAs will reach the point where ONLY a bot can get past them.

    --
    Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
  4. Re:Too focused on being perfect by clone53421 · · Score: 3, Insightful

    Then they’re designed wrong.

    You should at least skim over the paper, that’s actually a significant portion of what it’s focused on... finding something that humans are good at and bots are not. As better bots have been written, that may have changed significantly... most present CAPTCHA systems are relatively broken.

    --
    Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
  5. Re:Why not... by Rik+Sweeney · · Score: 3, Funny

    There are only so many such images available for use

    Not if they use images of Lady Gaga

    --
    Summation 2
  6. Re:Chinese CAPTCHA farms by clone53421 · · Score: 4, Funny

    That works too, especially if you have a good topless site to redirect the captchas toward.

    FTFY.

    --
    Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
  7. Re:hmm... by tlhIngan · · Score: 4, Interesting

    I wonder how long until we have no way of distinguishing a bot from a person. existing CAPTCHAs don't work all that well, and I can't see future ones working much better for very long. The Cylons are among us! Any one of us could be one!

    Well, CAPTCHAs worked because they relied on vision tests - a skill that humans still do better than computers, but computer vision is already quite advanced. Then the countermeasures came where CAPTCHAs started getting so distorted that it was impossible to determine the code (I remember a forum I signed up for - too more than 15 tries and a cookie reset).

    However, there are still difficult-for-computer-but-easy-on-humans tasks that can be done. I'm surprised no one's yet hooked a way into the Amazon Mechanical Turk or the like. Perhaps a simple one can be where you show a panoramic view along a busy street. Then you ask the question "What is the name of the store at number 763?" Or "What is the street number of ZZZ Supermarkets along this street?". "There is a large group of friends gathered near XXX store. How many people are in the group?"

    Or simpler ones - if your forum or other thing is about a specific topic, ask a question about that topic. Or even self-referential ones. "What of the following will an art thief steal? A) Mona Lisa, B) Big screen HDTV, C) Cellphone, D) Money".

    Might as well advance the state of things like image recognition and natural language queries while we're at it.