Stanford Researchers Teach Machines to Beat Captchas

More like this
17

Comments

Comments are closed on this article

avatar

Silencer

November 01, 2011 at 1:31am

Maybe one of the spammers' links, will take us to the new 'plug-in'.  I'd like to be able to post here, as easily as they can!  :O)

 

URGjM was this captcha!

avatar

SeverianSilk

October 31, 2011 at 9:32pm

Age old problem in security. If something can create it, something can figure it out. I say we adapt the xkcd method and have captcha ask questions like "Did you cry when Littlefoot's mother died?" To determine if you're human.

avatar

thetechchild

October 31, 2011 at 10:03pm

But how would you determine the questions/answers? Pre-create a list? That would fail as a deterrent for obvious reasons.

All that needs to be added is more blurring and warping of each individual character in multiple font/color renderings, with a *random* element applied (pseudo-random, technically). If you have a character with 15 colors, and all the characters are of different size, warping, blurring, and orientation relative to the one before/after it, then you have a confusing word. Add in a distorted grid of easily distinguishable but still varied colors in the background, and you now have what looks like a rainbow mess to a computer, but a distinct word to a human.

avatar

SleepyCatChris

October 31, 2011 at 6:12pm

Serious question: has their funding been looked at to see if spammers might somehow be involved?

avatar

thetechchild

October 31, 2011 at 10:15pm

Wrong question to ask. That's like asking "are security researchers affiliated with hackers?" Taking the side of the paranoid corporations, suing and condemning those who advocate better security, is an idiotic stance. Regardless of whether or not this work could be accessed by or supported by spammers, the work itself is applicable. It proves beyond doubt that it can be done, and therefore even if spammers couldn't steal it directly, we now know they would get there soon.

A better question would be :

How and why can captchas be improved in order to thwart such methods? (or, how is ReCaptcha avoiding these flaws?)

avatar

I Jedi

October 31, 2011 at 4:01pm

This is great news, as we can finally get rid of our captcha here at MxPC.

avatar

Holly Golightly

October 31, 2011 at 7:55pm

Yes, they should have ditched captchas long ago. As a tech site, they really should have posted this info themselves long ago. Sadly, I see see those annoying captchas, and I just want MaximumPC to just get rid of them already. 

avatar

thetechchild

October 31, 2011 at 10:22pm

Funnily enough, there's quite a lot of spam on MPC... (or there was, recently) Perhaps they should've implemented peer review system (spam flagging) and autobanning of major spammers.

Also, instead of blocking or alerting if it's "wrong", simply have the user complete new ones until he/she/it thinks that one was correct, and also have autobans in place for high failure rates or extremely high overachieving (in captcha submission count). [Note that this does require you to remove any "choose different image" options]

Since you don't know how many you got right until it's over and done with, bots will have to statistically guess how many they need to complete based on their average success rate, while humans should be relatively sure after 2 or 3 tries that one was good, and have at least a 50% pass rate.

avatar

Captain_Steve

October 31, 2011 at 3:15pm

This is good news for Maximum PC; they no longer have to feel bad about not being able to keep the bots out of the comments section.

avatar

kixofmyg0t

October 31, 2011 at 4:01pm

Very good web.

 

visit www.maximumpc.com PC review! very nice for you!

 

you wil love!

 

 

(actually tried to look for a actual spam post to infringe...err...copy and couldnt find one. +1 to max pc staff for cleanin up! Also the fact that I got hit up with a capcha in posting this is just bitter irony lol)

avatar

ABouman

October 31, 2011 at 4:24pm

Not entirely sure what's working but we HAVE seen a lovely absence of spam latley...

avatar

Silencer

November 01, 2011 at 11:22pm

Wow!  Really?!?  Dear?!?  Where?  'Cause, NOT ME!  I see it everywhere, even some *HERE*!

While trying to post this at 6:36pm EST 11/1/2011, I did see this though (and all the time too):

Your submission has triggered the spam filter and will not be accepted.

Lovin' it.  I suspect a stupid IP ban, 'cause I posted a few times, or too fast or something.

I'll be sure to post this, *when I can*.  Idea:  Lose all of this B.S.  It ain't working, and, it's f'ing me up.

avatar

ABouman

November 02, 2011 at 10:32am

I check the comments every morning when I get in, and every evening before I leave, in order to manually delete any spam that gets through manually. Lately, I haven't been seeing as much spam, however, yesterday I was out of the office, so the spam wasn't removed.

That being said, I understand that the current captcha system is not working and I'll be discussing alternative solutions with our web dev team soon.

avatar

Silencer

November 04, 2011 at 7:09am

Good Morning Hotness!

 

Just saw 7 fresh spams.  The most recent 7, here, as of now:

http://www.maximumpc.com/article/windows/microsoft_announces_first_real_details_about_windows_8

 

Cya!  ;O)

avatar

Silencer

November 02, 2011 at 11:35am

Thank-you!  :O)  (U R so, u no!)

 

... To complete this form, please complete the word verification below. ...

avatar

Neel Chauhan

November 01, 2011 at 8:22am

Why doesn't Maximum PC use Google's ReCaptcha instead of whatever is used now.\

By the way, my captcha was MZikQ

avatar

kixofmyg0t

October 31, 2011 at 5:29pm

Until now. Funny, I had to do a capcha on every post in here but a bot managed to post spam....

Log in to MaximumPC directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.
Don't have an account? Join Now.