Slashdot Mirror

← Back to Stories (view on slashdot.org)

CAPTCHA Busted? Company Claims To Have Broken Protection System

Posted by samzenpus on from the spell-this dept.

sciencehabit writes "A software company called Vicarious claims to have created a computer algorithm that can solve CAPTCHA with greater than 90% accuracy. If true, the advance would represent a major breakthrough in artificial intelligence. It would also mean that the internet will have to start looking for a new security system. The problem, however, is that Vicarious has provided little evidence for its claims, though some well-known scientists are behind the work."

9 of 141 comments (clear)

  1. 90% by WillgasM · · Score: 5, Insightful

    That's better than my success rate

    1. Re:90% by hobarrera · · Score: 5, Funny

      And that's their undoing.
      Show the user 10 captchas:
      If none match -> It's an old bot
      If some match -> It's human
      It over 90% match -> It's this new algorithm.

      There, solved!

    2. Re:90% by nospam007 · · Score: 5, Insightful

      "That's better than my success rate"

      Same here, but some overdo it with the use. My phone company uses it on the payment page where you have to enter the invoice number and credit card.

      Are they afraid some bot would pay my bills?

    3. Re:90% by heypete · · Score: 5, Interesting

      They probably are worried about bad guys using the payment system in an attempt to verify stolen credit cards by making seemingly-routine purchases that would not seem out of the ordinary and thus would not trip anti-fraud measures.

      A small company I used to work for was abused by credit card thieves in this way, and dealing with the fraudulent charges and the resulting chargeback fees was the top non-salary cost for a few months (exceeding even the colocation costs). The problem existed because they allowed users to create either a free or paid account for the service and, if they selected the paid account, they could enter the card information on the sign-up page. Later, they changed it so users would need to create a free account (which required a captcha) and then upgrade it to a paid account in the account settings. Fraudulent charges dropped to essentially nil after that.

      If the phone company requires only the invoice number and credit card data to pay a bill (rather than having you create an account, log in, and then pay the bill) then it's likely they're dealing with a similar problem.

    4. Re:90% by jythie · · Score: 5, Funny

      And thus began the arms race where eventually the only way to use the internet requires buying an up to date bot plugin for your browser... ^_^

  2. In other news... by Cyfun · · Score: 5, Funny

    I cured cancer, stopped global warming, and found the last missing episodes of Doctor Who.

    Just take my word for it.

    --
    In Soviet Russia, dot slashes YOU!
  3. Better than humans by Manfre · · Score: 5, Funny

    I wish I could get CAPTCHAs right 90% of the time.

    1. Re:Better than humans by meerling · · Score: 5, Insightful

      Agreed. Heck, even those spammers that for years have been collecting databases of solved captchas for their bots do much better at those damn things than I do.
      And what really pisses me off is when you get a captcha wrong, either through incorrect entry or because it's decided you took to long, and the damn thing wipes out all the fields forcing you to redo the entire page! Those sites I truly despise I hope their programmers/scripters get a horrible infestation of something nasty.

  4. New security system ? by Lennie · · Score: 5, Insightful

    I'm sorry, but I don't consider CAPTCHA a security system.

    I would say it's an anti-spam system.

    --
    New things are always on the horizon