| Page 3 of 3 < |
Digital Deception
|
TOOLBOX
   Resize
COMMENT
 Discussion Policy
 CLOSE
Comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions. You are fully responsible for the content that you post.
Who's Blogging  |
The attack that most clearly signals that computers were solving a CAPTCHA came about a month ago, when Websense detected what appeared to be some malicious traffic from one of its "threat-seeker" honey pots.
Once it attracted the malicious code, the decoy sought repeatedly to create Hotmail accounts.
Over and over, when it was presented with the Hotmail CAPTCHA, it sent the letter puzzle to another computer. That computer would respond within about six seconds, a speed that leads computer analysts to think the CAPTCHA was being cracked by a computer, not a human.
The fact that as many as 9 of 10 sign-up attempts failed, moreover, further suggests that a computer, not a human, was at work.
"The incident . . . is most likely an example of a machine-based attack," a Microsoft spokesperson said in a statement.
Microsoft and other Web companies say they are interested in creating human verification tests that are harder for computers to crack. But there's an inherent difficulty.
Making the tests harder for the computer makes them harder for humans, too.
