Everyone has had a problem with standard security technologies - Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHAs) - at least once in life. The technologies are said to protect websites from bots and Optical Character Recognition (OCR) software, so that only humans are able to set up an e-mail account, download software, etc. Nevertheless, CAPTCHA technologies often stop the Internet users and do not stop bots and software.
CAPTCHAs hacking
Nowadays, easy CAPTCHAs are not difficult to hack in many different ways. Some examples include: using OCR software, statistic analysis (words and pictures from database with CATPCHAs), neural networks (better than classic algorithms used for discernment of shapes variety), and Turing Farm (employment of people from Third World who rewrite CAPTCHAs).
The basic way to prevent codes from being hacked is by a distortion, or an intentional disorder of code elements, so they become unrecognizable to OCR software. Most often, disorders used by CAPTCHAs are:
- dislocating elements up or down
- turning
- calibrating
- bending
Currently, there are no CAPTCHAs which are absolutely safe from an attack, but the technology is very popular when it is applied for users’ verification. The question is: Why do we still use them?
Twitter
del.icio.us
Digg
Facebook
LinkedIn
StumbleUpon
