Captcha systems, those psychedelic-font phrases designed to weed out bots from users, are a staple of website security. And, thanks to Stanford Researchers, they may be quickly becoming completely useless.
The researchers employed machine vision algorithms to successfully crack 66 per cent of Visa’s Captchas, 70 per cent of Blizzard’s, and 25 per cent of Wikipedia’s. For reference, a one per cent successful cracking rate is regarded as grounds for the Captcha’s immediate discontinuation. Only one company’s system, Google’s ReCaptcha, was able to confound the researchers’ robotic eyes–presumably because the vision algorithms still aren’t advanced enough to handle ReCaptcha’s blurring effects — but how long will that advantage last?
So, since it’s only a matter of time before A) researchers figure out how to break all of these systems, including Google’s, consistently and B) the technology hits the Internet and we’re inundated with bot advertising, does anybody have ideas for the next generation of bot filtration technology? Is the time for widespread biometric scanner use finally upon us? [Maximum PC]
Hate Captchas
Wednesday, November 2, 2011 at 9:30 AMThe bloody things are hard to read now, hopefully they won’t just get harder to read instead of just getting rid of em.
Lillee
Wednesday, November 2, 2011 at 9:37 AMWhy on earth would you actively go out to try to bust Captcha? What good will it bring other than make the internet harder to use?
Anti
Wednesday, November 2, 2011 at 9:59 AMBecause for every Stanford or MIT student trying to crack this software just to prove how it’s vulnerable, there are many others trying to crack the software so they can use it to their advantage. These companies need to know how their software is vulnerable so it can be fixed, or replaced.
It’s the same principal behind “white-hat” hackers trying to break encryption and hashing algorithms.
DarthDVD
Wednesday, November 2, 2011 at 9:50 AMThanks Standford. more spambots… thats how you help the world..
Please dont publish a paper on how to do this please?!?!?!?!
Mulet
Wednesday, November 2, 2011 at 10:03 AMAs long as these clowns follow it up with a new and improved replacement for captchas.
Glad to hear recaptures are fine.
The Gremlin
Wednesday, November 2, 2011 at 10:08 AM“crack 66 per cent of Visa’s Captchas, 70 per cent of Blizzard’s”
That’s probably about my personal success rate with Recaptcha.
Josh
Wednesday, November 2, 2011 at 12:55 PM+1
Matt L
Wednesday, November 2, 2011 at 10:28 AMWe could acheive a better system by using an optical illusion… Play a series of frames at a high speed, maybe 5-10 frames… Each frame on its own means nothing, but blended together you can see a code behind it. It could work? I decided to whip up a concept video, I posted it on youtube. It shows a series of 6 frames running for 0.3 seconds each, all part of the same image but modified, sections removed, stuff added… The results are a bit poor because I rushed it. But you can definetly make out the code, which is a good result. The video will be up soon: http://www.youtube.com/watch?v=dM_xgXKlcAg&feature=youtube_gdata
Hmmm
Wednesday, November 2, 2011 at 11:00 AMI found it hard to read still, but the concept is good, maybe some kind of encrypted pause system to make it similar to a regular Captcha, maybe not? What about a scrolling blind system maybe :)
Cameron
Wednesday, November 2, 2011 at 11:05 AMMan those ReCaptcha’s are horrible! No wonder computers can’t crack them, humans can barely read them! The sooner we get rid of these and come up with a better system the better.
Tim
Wednesday, November 2, 2011 at 2:01 PMI have a 98% success rate with recaptures, if you have a problem reading one, just hit the reload button on the widget and get another one.
jono
Wednesday, November 2, 2011 at 12:28 PMI still don’t understand why no-one’s using language to generate a mathematic equation..
For instance “Johnny had an apple, and then he gathered another two apples. If he also had two oranges from earlier in the day, how many fruit does Johnny have?”
Never heard of a system which can understand language well enough to be able to deal with stuff like that.
Also; http://www.dangerousminds.net/comments/captchas_to_keep_idiots_out_of_comment_threads/
JC
Wednesday, November 2, 2011 at 1:28 PMWell the team at Stanford stand to make a hell of alot of money when they polish off their program and sell it to the highest bidder.