Monday, August 4, 2008

CAPTCHA

CAPTCHA stands for "Completely Automated Public Turing test to Tell Computers and Humans Apart".

Official CAPTCHA site is http://www.captcha.net/







In simple words, CAPTCHA is a program that can generate and grade tests that:

  • Most humans can pass, BUT

  • Current computer programs can't pass

Quite sometime back, I had read a general article on how people broke of Yahoo Security by creating automated bots to read these captachas and create innumerable mail ids. Today found some very good site with analysis, where Gmail has got hit. All the articles and links below.



Gmail CAPTCHA busted: Very informative article, completely describes the CAPTCHA hacking process, their discovery of the host machine, use of two bots than one since Gmail CAPTCHAs are tougher than others, etc. etc. (implies spam coming from Google's IP addresses!) Spammers are able to create still only with 20% success rate (I realize its quite huge, but compared to Hotmail at about 60%, this is better)

An article on Breaking Gmails' Audio CAPTCHA



Yahoo CAPTCHA security broken. Another article on Yahoo security broken. One more here.



Hotmail CAPTCHA cracked. Another good article: Hotmail CAPTCHA broken in 60 secs



Accidentally, found this site: WebSense which has its SecurityLabs. In its own words:



"Websense Security Labs discovers, investigates, and reports on advanced Internet threats that traditional security research methods miss."


This seems to be a site which needs frequent revisits from now on. Especially after observing their analysis on Breaking GMail Captcha.

CAPTCHASocialTwist Tell-a-Friend
Bookmark and Share
Posted by rampy at Monday, August 04, 2008 0 comments
Labels: ,
Subscribe to: Posts (Atom)
Blog Widget by LinkWithin
 
Clicky Web Analytics