Uh oh, is CAPTCHA in trouble?
In the battle against the evils of spam, CAPTCHA has been the one shield that has been able to at least partially protect us. Its beauty lies within its simplicity: Rather than hunting down spam and filtering it, we can simply block it entirely with a simple quiz. Show an image with a bunch of letters and require the person to recite the letters back. This is an easy task for a human but impossible for a spam bot.
Or is it? Though there’s no definitive proof yet, there has been evidence that bots have somehow infiltrated CAPTCHA-protected accounts without human help.
“Last month, the human verification tests, which typically require users to identify deformed letters set against a cluttered backdrop, were broken by a computer,” reports The Washington Post. “The computer then repeatedly created free Hotmail e-mail accounts and sent spam from them, according to Websense, the security firm that detected the hacking.”
This is not a good sign, because it means CAPTCHA questions will have to be increasingly more complicated. Instead of asking us to recite back letters, for instance, the next step will likely be to start offering us math problems we have to solve.
Okay, apparantly I missed something here – why would a bot have problems solving a math problem?
To stop spam I have seen a solution here and there where the user has to fill out a simple question. Really simple, like “what colour is an orange?”. If you have enough easy questions to cycle through and pick a random one each time, bots should have a problem getting trough.
Thank goodness though, cause captcha’s were getting annoying: They usually worked fine I suppose, but there were always these few sites that featured unreadable captchas. They just took it too far.
I’m not surprised with this news to be honest. Captcha’s are created by a script – why wouldn’t it be possible to crack them with a different script?