Good News For Splogs! Word Verification (aka CAPTCHA’s) May Become Useless In The Future

In an age where spammers choose to promote themselves by harassing others, many bloggers, social networks, etc. have resorted to using CAPTHA’s as an inexpensive way to keep fake machine comments/user names/purchases from flooding their world.

Unfortunately it seems that the days of funny letters (and numbers) may be coming to an end, as it seems that a company has created software capable of “reading” those funky image phrases.

But before we begin to explain how much of an impact this will make upon the blogosphere, we need to address the background story–starting with Hannah Montana.

For those of you who either do not have little girls, do not watch kid shows or have better things to do in life, Hannah Montana is a TV show from Disney which is about a rock star girl trying to live both a normal life as well as a superstar.

The show seems to be really popular among little girls (at least in the US) who usually want to go see her live in concert (for the music that is). Hannah Montana’s concerts were becoming so popular that tickets to were selling out within minutes, which is not that unusual in the digital age that we live in.

Unfortunately it was discovered earlier this month that people were not buying up the tickets, but rather robots instead. But what makes this case really interesting is the fact that despite the ticket sites having CAPTCHA’s (or word verification), the bots were able to bypass the security measure to the horror of Montana fans everywhere.

(Wall Street Journal) The Internet era has brought speed and convenience to all sorts of consumer transactions. For concertgoers, [sic] however, it has also led to ever-faster sellouts for hot events. Ticketmaster deploys technology that is supposed to stop brokers from gaining access to large numbers of seats via online sales. But it says brokers’ software circumvents the company’s protections. […]

For instance, companies like Ticketmaster require customers searching for tickets online to replicate a set of the squiggly letters and numbers, known as a “Captcha.” Theoretically, only human customers can correctly identify the characters despite the odd fonts, screening out automated purchasing programs. But RMG’s software, according to Mr. Kovach, can also “figure out the randomly generated characters and retype them automatically.” Mr. Kovach said RMG employees also gave him advice on fooling Ticketmaster’s computers into thinking his requests were coming from different Internet addresses. Neither Mr. Kovach nor his lawyer could be reached for comment.

About a week ago a judge ruled against RMG Technologies, ordering them not to distribute the software. Although this is a victory for all those who hate comment spam, this is temporarily at best.

It’s only a matter of time before another company creates something similar, and bloggers will once again find their posts filled with comments from businesses promoting “love” between animals and people.

Hopefully WordPress, Blogger and SixApart will find ways to thwart these losers early on, as the last thing many bloggers would enjoy doing is having to once again actively monitor the comment section.

Comments

  1. says

    Even though I dislike CAPTCHA’s as they sometimes refrain me from commenting (especially after two failed attempts) I recently discovered that there is a nice concept behind them.
    Von Ahn, who helped develop CAPTCHA, developped a new variant called reCAPTCHA:

    reCAPTCHA is the process of utilizing CAPTCHA to improve the process of digitizing books. It takes scanned words that optical character recognition software reported undetectable and presents them for humans to decipher as CAPTCHA words alongside words recognized by the computer. (Wikipedia)

    CAPTCHAs are being used in a distributed system where human intelligence is helping “book-scanning project of the Internet Archive, a nonprofit project in San Francisco that aims to digitize millions of public-domain books and put them online for free.” (Wired Magazine)

    It made me reconsider CAPTCHAs that are still a barrier to commenting but have a good side nonetheless.

  2. says

    The technology to get past CAPTCHAs has been around for a long time. The fact that one company got caught is great. That leaves a lot of others hiding under the radar getting paid by spammers to easily slip through CAPTCHAs and torture test questions (what’s 7+2), not to mention the growing trend in human spammers.

    So one company is out. I’d love to see the rest gone.

    CAPTCHAs and torture tests do not work and haven’t worked, so if you are using them on your blog, you are getting in the way of your reader’s ability to comment, as many won’t comment because of them.

    Akismet and other blog comment spam tools like Spam Karma and Bad Behavior are doing great at stopping comment spam, or at least slowing it down to a dull roar, and the more who use them, the better their ability to stop spam.

    The only time I’ve found justified for using CAPTCHAs would be in this example case of the tickets, but combined with a backup like Akismet. Some are doing that with their contact forms and business inquiries.

    There is a future for developing spam fighting tools that work behind the scenes, and I’m looking forward to those who want to be smarter than the bad guys getting the attention and respect they deserve.

    Thanks for bringing this to our attention!

  3. says

    In a CAPTCHA test (an acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart,” also sometimes spelled in lowercase), an image of letters is dynamically generated. The letters, because they’re part of an image and not text (e.g. text that you could cut and paste), are difficult for a spambot or other computer program to read. Yet, a person has little trouble reading the letters in a captcha image.

Trackbacks

Leave a Reply

Your email address will not be published. Required fields are marked *