Slashdot Mirror
Google ReCAPTCHA Cracked
stormdesign writes "Despite denials from Google, a security researcher continues to assert that the Search King's reCAPTCHA system for protecting Web sites from spammers can be successfully exploited by Internet junk mail panderers."
Come on Google, we all know that in the Capcha war, we only have one weapon left, capcha porn. There isn't a spambot alive who could answer "In the above movie, how many cocks were inside Jenna Jameson?" or "what sex position is this?"
Monstar L
All captchas are practically useless. There is no need to crack them - for example decaptcher solves 1000 captchas for $2. Any captcha type works since they're solved by humans. They also have API's for several different languages which lets the programmer easily to put the process to their programs.
As long as there's really cheap workforce and economic differences in the world, things like this won't be solved.
My wife moderates a couple of local Freecycle [tm] lists, and she requires new subscribers to mention some nearby landmark in their neighborhood to show they really are local. The result: NO spam, ever. Once or twice in ten years she's actually had someone try to make up a plausible sounding name that they must have picked up from a yellow pages search because it referred to the name you can see on maps and not what everybody actually calls the place.
I remember a message board from a few years ago where some guy had talked about taking a screen shot of a captcha and displaying it on his free porn site making it look like it was really from his site. The person looking at the porn site would type in the captcha answer and his script would in turn use this user provided solution to solve the real captcha on the original site letting his script get past the captchas and spam the message board. So if it really did work he got 1000's of captchas solved by humans for free.