Did the spammers really solve Captcha?
I was just searching about CAPTCHA (pictures of letters used for human verification) for an idea I had been thinking about and noticed news from last month (I was busy and didn’t do much reading lately) about how some spammers have cracked CAPTCHA…. I think thats un-imaginative thinking. Of course maybe they have a program to beat the Captcha, but why go to that effort?
Anyone with half a brain can figure out how to beat Captcha.
Think about this… Anyone with half a brain can use a captcha. So now all I need is someone with half a brain!!!! Simple.
Still not getting it?
Ok. Create a simple website that uses Captcha, say: “play our game and win money” (or even better, prOn). Make the game a captcha… Give away some money. Now write your software for creating yahoo email accounts. When Yahoo asks for a Captcha pass it through to your other site. Instead of serving up a captcha that some software created, serve up the image that Yahoo gave you. Tada. Someone with half a brain is solving your captcha.
I guess you could almost say its a different form of social engineering.
As a footnote: Captcha Killer claim (and probably can do, I see no reason why it can’t be done) to automatically solve captcha, (for “blind” people 
using ocr techniques)
Some of the news articles about the “cracking”:
It even got slashdotted
Tech Blorge
Update: After writing all that above I came across the term “Captcha farming”…. If you just know what to search for its amazing what results you can find. Anyway this concept has been around for a while, and its commonly used in the prOn industry (just as I thought).
 Digg this
|