| Page 2 of 3 < > |
Digital Deception
|
TOOLBOX
   Resize
COMMENT
 Discussion Policy
 CLOSE
Comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions. You are fully responsible for the content that you post.
Who's Blogging  |
"The free e-mail accounts and blogs are like gold to the malicious attackers," Chenette said. The reason is that spam filters are less likely to block items from these free services.
One of the first such tests was developed by Yahoo, which was having trouble with malicious computers signing up for the company's free Webmail service. They dubbed the tests CAPTCHAs, an acronym with a nod to Turing: "Completely Automated Public Turing Test to Tell Computers and Humans Apart."
Yahoo's initial system, however, was quickly hacked by computer scientists who programmed their computers with optical character recognition systems to solve the visual riddles.
To improve their system, Yahoo changed their puzzles from words to random letter strings and set the letters against more background clutter.
"I'd like to think we could break the current version, we just haven't tried," said Greg Mori, one of the scientists who broke the initial Yahoo CAPTCHA.
Now a computer science professor at Simon Fraser University in Vancouver, Mori says he still gets inquiries from spammers once a week asking whether he could help program a computer to solve CAPTCHAs. He declines.
The latest reported CAPTCHA attacks were not carried out by academics, but by spammers, however.
They were reported by Websense, which deploys thousands of decoy computers around the world -- which they call "honey pots" -- to attract such attacks.
The attacks on Google's Gmail service and on Microsoft's Live Mail were reported in February. At the time however it was difficult to tell from the evidence whether the CAPTCHAs were being solved by computers or low-wage Russian workers -- or both.
A Web page found on the computer appeared to offer, in Russian, small amounts of money for workers willing to crack the puzzles.
But the speed and repetition of the attack as well as the high error rate in solving the tests, suggested to some at Websense that computers not humans were at work.
Asked whether the Google CAPTCHA had been cracked by computers, the company issued a statement: "We still believe there is human involvement."
