Gmail CAPTCHA Cracked 317
I Don't Believe in Imaginary Property writes "Websense is reporting that Gmail's CAPTCHA has been broken, and that bots are beginning to sign up with a one in five success rate. More interestingly, they have a lot of technical details about how the botnet members coordinate with two different computers during the process. They believe that the second host is either trying to learn to crack the CAPTCHA or that it's a quality check of some sort. Curiously, the bots pretend to read the help information while breaking the CAPTCHA, probably to prevent Google from giving them a timeout message."
To be fair.. (Score:5, Informative)
Remember: CAPTCHA is an acronym (or backronym, depending on who you believe) for "Completely Automated Public Turing test to tell Computers and Humans Apart".
The CAPTCHA would be considered cracked if there was a computer algorithm somewhere decoding it autonomously.
Re:i work with OCR/ICR technology (Score:5, Informative)
Re:CAPTCHA is for weak minds (Score:5, Informative)
http://xkcd.com/233/ (Score:4, Informative)
Re:One step closer... (Score:5, Informative)
Re:CAPTCHA is for weak minds (Score:4, Informative)
Re:CAPTCHA is for weak minds (Score:5, Informative)
As anti-bot measure, reCAPTCHA starts showing pictures with BOTH known words if you (anyone with your IP) incorrectly guess two words in one hour, AFAIR.
Re:use those hit-the-monkey flash-based ads instea (Score:1, Informative)
So the user's punched the monkey 3 times. As the developer, how do you let the server know this fact? By setting a hidden form element of "punched_monkey" to 1? By POSTing to
Re:i work with OCR/ICR technology (Score:5, Informative)
It's also true that _average_ people only break CAPTCHAs successfully about 80% of the time. Here's a relevant experiment [jgc.org]
Then there's possible issues with firewalls etc. Some bots are hosted on a zombified PC which could have any kind of restrictions, and it might have trouble dialing one of the the servers, or maybe the server can't respond properly due to inbound filtering.
Re:i work with OCR/ICR technology (Score:2, Informative)
Also, don't expect the people who get paid very little to be accurate in what they type.
Re:One step closer... (Score:4, Informative)
Re:i work with OCR/ICR technology (Score:5, Informative)
It really depends on the captcha being used, but the real problem is that a good percentage of the time on the hard captcha's you just cannot make a definitive choice on a single letter.
That means you got a 50/50 shot of being right on it. If it was 2 letters, which is more rare, now you got a 1/4 chance of being right.
I have seen some captcha's that are so ridiculous in their attempts at obfuscating the letters, that it is just next to impossible. Maybe that is the whole point too. A strong captcha may be one that a human fails at half the time.
Re:i work with OCR/ICR technology (Score:4, Informative)