Researchers develop new robot-proof CAPTCHA

Posted Apr 23rd 2008 4:00PM by Brad Linder
Filed under: Internet, Security, web 2.0

CAPTCHAs are becoming both ubiquitous and useless. When you visit many web sites, you have to decipher some tough-to-read text and enter it in a box before you can leave a comment or send an email. But hackers are getting better and better at developing automated systems to crack CAPTCHAs, which means that you have to squint at the screen for nothing.

But some researchers at Penn State University have developed a next generation CAPTCHA system that asks users to actually use their noggin a bit. There are two tests. The first requires you to click the center of a composite image, while the second presents you with a list of ten words and asks you to pick the right one to describe a randomly generated image.

The test is difficult for computers to solve because the images have a bunch of random colors, textures, and other features designed to confuse an automated program. But human being should have no problem deciphering the visual information in the images.

The test page is partially down today thanks to a Slashdot mention, but you can still see screenshots of the tests.

reCAPTCHA Mailhide: Make spammers work hard for your email address

Posted Apr 7th 2008 5:30PM by Brad Linder
Filed under: Internet, Security, Blogging, E-mail

Looking for a way to post your email address online, but don't relish the idea of spambots picking up your address and sending you email ads for Viagra and anatomical enhancement pills? ReCAPTCHA Mailhide provides a simple tool for obscuring your email address.

All you have to do is enter your email address (and hope that the folks behind Mailhide aren't doing anything nefarious with it), and reCAPTCHA Mailhide will spit out a URL and some HTML code. Both take you to a page where you have to solve a CAPTCHA test like the one shown above to reveal an email address.

You can either provide a hyperlink to the URL, or embed the HTML code in your page. If you go the HTML route, visitors to your website will see a partial email address that looks something like b...@downloadsquad.com. When they click on the "..." a window will pop up asking them to solve the CAPTCHA. In other words, people don't have to leave your web site to get your email address. They just have to be able to decipher hard-to-read text.

[Thanks rossruns!]

Download Squad Week in Review

Posted Mar 1st 2008 3:00PM by Brad Linder
Filed under: Weekend Review

Have you been so busy sending angry letters to Saturday Night Live about their choice of actors to portray Barack Obama that you've fallen behind on your Download Squad reading? Not to worry. Here's a roundup of some of the stories you might have missed this week:

Download Squad at Future of Web Apps

Download Squad's Grant Robertson hit up the Future of Web Apps 2008 conference in Miami this week. And he's been kind of busy. Here are just a few of the topics he's covered or live-blogged:

• Scaling Web Applications
• Google's Kevin Marks and the future of APIs
• Bringing a Web App to the masses
• Adding new features to existing applications
• Leah Culver of Pownce on the future of web services
• Launch an app in 40 minutes
• How to grow a community in the future

DivX shuts down Stage6 online video site

This week DivX shut down the online video sharing site Stage6. The web service never got as much attention as YouTube, DailyMotion. But it was a favorite among online video connaisseurs for its excellent video quality. DivX is now directing users to check out online video site Veoh.

TotalEdit 4.1: Text editor for programmers

TotalEdit is an advanced text editor with programs that could come in handy for coders, including syntax-coloring, code-folding, and line-numbering. There's also a portable version you can run from a USB drive. But one of the best things about this article is the fact that a bunch of readers weighed in with their favorite text editors in the comments.

Continue reading Download Squad Week in Review

Gmail CAPTCHA system cracked by spammers

Posted Feb 27th 2008 4:30PM by Simon Kerbel
Filed under: Business, Web services, Google

The end is nigh.

Days after the Windows Live Mail CAPTCHA system was cracked by spammers, reports state that the Gmail CAPTCHA system has fallen as well.

CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. Ever signed up for an email or forum account, and been required to enter in a group of characters? That's a CAPTCHA system.

Folks are calling this hack the most sophisticated they have seen to date. Whereas cracking Windows Live Mail CAPTCHA required one compromised host, cracking Gmail took the combined efforts of two hosts. And because of Gmail's more sophisticated CAPTCHA system, only one in five breaking requests succeed.

While one in five doesn't sound like much, keep in mind that Spambots are constantly working at registering hundreds of email addresses at a time, 24/7. These Spambots can't be bargained with. They can't be reasoned with. They don't feel pity, or remorse, or fear. And they absolutely will not stop, ever, until you are dead.

Oh, wait, that's another bot we're thinking of...

So for all the spammer's effort, what are they getting in return?

• They gain access to Google's wide portfolio of services
• They gain an address whose domain is highly unlikely to be blacklisted, helping them defeat one aspect of anti-spam defenses.
• Gmail also has the benefit of being free to use.
• Because Gmail has millions of users, it makes the spammers harder to track.

It might be time to invest in that underground bunker you've had your eye on.

[via ars technica]

CAPTCHA hacks could lead to a flood of junkmail

Posted Jan 30th 2008 2:00PM by Brad Linder
Filed under: Internet, Security, Yahoo!

You know those annoying "please enter the code" requests you see when signing up for online services, leaving blog posts, or otherwise trying to prove that you're human and not a machine? Yeah, it turns out that the machines are getting pretty good at reading them too.

The basic idea behind the CAPTCHA (which stands for Completely Automated Turing Test To Tell Computers and Humans Apart is that computers can't read text if its hidden in an image file. But a Russian researcher claims that he received word that there was an automated CAPTCHA detection system floating around in the wild. So he decided to build his own and managed to create a system which he claims has a 35% accuracy rate.

The claim has some credence, since a Yahoo! spokesperson tells TMCnet that the company is aware of attempts to hack the CAPTCHA system and is working on improvements. In the meantime, if this thing catches on there's a chance you'll see a lot more junk mail letting you know about an opportunity to make $1,000,000 or enlarge certain body parts coming from Yahoo! Mail accounts and other free email services. While the CAPTCHA system was originally developed for Yahoo!, it is now widely used by other services and we're going to go out on a limb and say that if Yahoo!'s implementation of CAPTCHA can be hacked, we'll probably be seeing other sites hacked soon as well.

We suppose Yahoo! can always just make their CAPTCHAs harder to read. Or you know, impossible to read.

[via Slashdot]

WordPress spam filter plugin adds captcha to Akismet

Posted Jan 25th 2008 1:00PM by Jason Clarke
Filed under: Utilities, Blogging, Web services, Freeware, Social Software, web 2.0

If you've had a blog for any length of time, you've probably been assaulted with blog comment spam. Users of WordPress have the fantastic Akismet spam filtering tool freely available to them by Automattic, the makers of WordPress. But while Akismet is good (really good), it's not perfect.

If you have been using Akismet, but are still seeing too many spam messages slipping through, consider installing Simple Spam Filter by TanTanNoodles. Simple Spam Filter has existed for a little while now as a basic spam filter, but was recently updated to make use of captcha security via reCAPTCHA. The implementation is beautiful.

Let's be honest, nobody likes having to fill out captcha forms. And you wouldn't want all of your site visitors to be facing a captcha form every time they submit a comment. Luckily, they won't. Simple Spam Filter will only offer up a captcha field to commenters whose comments are flagged as spam by the plugin itself, or by Akismet.

While it's never going to be possible to have 100% protection from comment spam, the combination of Akismet and Simple Spam Filter sure comes close, at least for now. If you've got this problem, maybe the solution is as simple as installing and enabling this WordPress plugin.

Just type the letters you see in the box

Posted Jul 30th 2007 2:00PM by Brad Linder
Filed under: Fun, Internet

CAPTCHAs. You've probably seen them. They're those little boxes that show you a picture with some letters and numbers. You're supposed to type those characters in a box to prove that you're a human leaving a comment on a blog post or news website, and not a spambot.

CAPTCHA stands for "Completely Automatied Public Turing test to tell Computers and Humans Apart." And since most websites don't have spam filters analogous to the ones that keep your email box (relatively) clean, they seem like a good idea.

Until you see some really poorly produced CAPTCHAs. You know, the kind that are completely impossible to read. Like the one to the right. Or like the 20 or so found on the Headware Blog. Granted, some of these CAPTCHAs aren't so much difficult to read as incredibly inappropriate. But they do show why sometimes automation is not the answer.

[via GHacks]

View Posts By

Categories

Audio (830)

Beta (325)

Blogging (686)

Browsers (19)

Business (1361)

Design (803)

Developer (926)

E-mail (511)

Finance (127)

Fun (1734)

Games (545)

Internet (4754)

Kids (129)

Office (491)

OS Updates (574)

P2P (175)

Photo (458)

Podcasting (167)

Productivity (1298)

Search (246)

Security (533)

Social Software (1085)

Text (436)

Troubleshooting (51)

Utilities (1901)

Video (1010)

VoIP (138)

web 2.0 (729)

Web services (3311)

Companies

Adobe (183)

AOL (48)

Apache Foundation (1)

Apple (466)

Canonical (35)

Google (1296)

IBM (28)

Microsoft (1304)

Mozilla (455)

Novell (19)

OpenOffice.org (43)

PalmSource (11)

Red Hat (17)

Symantec (14)

Yahoo! (350)

License

Commercial (667)

Shareware (194)

Freeware (1946)

Open Source (897)

Misc

Podcasts (13)

Features (380)

Hardware (167)

News (1107)

Holiday Gift Guide (15)

Platforms

Windows (3577)

Windows Mobile (421)

BlackBerry (44)

Macintosh (2050)

iPhone (82)

Linux (1571)

Unix (78)

Palm (177)

Symbian (121)

Columns

Ask DLS (10)

Analysis (24)

Browser Tips (293)

DLS Podcast (5)

Googleholic (195)

How-Tos (97)

DLS Interviews (19)

Design Tips (14)

Mobile Minute (125)

Mods (68)

Time-Wasters (374)

Weekend Review (38)

Imaging Tips (32)

RESOURCES

• Send us news tips
• Contact Us
• Advertise
• Corrections?
• Problems?

RSS NEWSFEEDS

• 
• Feeds by category

Sponsored Links

Advertise with Download Squad

Most Commented On (60 days)

• Mozilla Firefox breaks non-existent world record - nobody cares (50)
• FormatFactory Kicks Media Conversion Ass and Takes Names (26)
• Windows XP goes bye bye (23)
• Trillian turns 8, no Astra beta birthday gift quite yet (15)
• Change your Windows open/save dialogs with PlacesBar Editor (14)
• We heart movies and so do you, let's heart them together (13)
• Ubuntu 8.10 alpha 1 packs a new theme (finally) (12)
• Expect more and better Last.FM apps, thanks to a new API (10)
• Windows Steady State Bulletproofs Your System (9)
• Noise of the white variety, right on the webernets (8)

Recent Comments

• edward on Truecrypt Updates to v6, Hides Your Subversive Plots Even Better!
• edward on FormatFactory Kicks Media Conversion Ass and Takes Names
• Mark on Undelete Plus Offers Free, Fast File Recovery
• Riley on FormatFactory Kicks Media Conversion Ass and Takes Names
• Ian on Backup your flash drives with USB Image Tool
• Lee Mathews on FormatFactory Kicks Media Conversion Ass and Takes Names
• I LOVE THE CAPS LOCK KEY on FormatFactory Kicks Media Conversion Ass and Takes Names
• thomas on FormatFactory Kicks Media Conversion Ass and Takes Names
• Jhongerkong on FormatFactory Kicks Media Conversion Ass and Takes Names
• fincan on Noise of the white variety, right on the webernets

Urlesque Headlines

• Wide Wurld of Urlesque: Blow Things Up!
• God Bless the Cyber-USA
• Beat the Heat, Watch Free Patriotic Movies Online
• Did You Mean Digg?
• Celebrity Websites 1.0

BloggingStocks Tech Coverage

• AAPL Apple Inc
• ADBE Adobe Systems
• AKAM Akamai Technologies
• AMZN Amazon
• CSCO Cisco Systems
• DELL Dell
• EBAY eBay
• GOOG Google
• INTC Intel
• INTU Intuit Inc
• JAVA Sun Microsystems
• MOT Motorola
• MSFT Microsoft
• NOK Nokia Corp
• ORCL Oracle Corp
• PALM Palm Inc
• RHT Red Hat Inc
• RIMM Research in Motion
• SYMC Symantec Corp
• TWX AOL Time Warner
• YHOO Yahoo!

More from AOL Money and Finance

• Auto Loans
• Banking
• Checking Account
• Credit Cards
• Credit Reports
• Debt Management
• Identity Theft
• Insurance
• Loans
• Money
• Mortgages
• Online Tax Filing
• Personal Loans
• Refinancing
• Retirement
• Savings Account
• Small Business
• Stock Charts
• Stock Quotes
• Stock Screener

More Tech Coverage

• Control Shift It's all about the experience
• Somewhat Frank Perspectives on tech as it fuses in everyday life
• Switched Gadgets, web news and commentary
• Urlesque Exposing bits of the web

Weblogs, Inc. Network

• Autos
  • Autoblog
  • AutoblogGreen
  • Autoblog Spanish
  • Autoblog Chinese
  • Autoblog Simplified Chinese
• Technology
  • Download Squad
  • Engadget
  • Engadget HD
  • Engadget Mobile
  • Engadget Chinese
  • Engadget Simplified Chinese
  • Engadget Japanese
  • Engadget Spanish
  • Engadget Polska
  • Switched
  • TUAW (Apple)
• Lifestyle
  • AisleDash
  • DIY Life
  • Gadling
  • Green Daily
  • Luxist
  • ParentDish
  • Slashfood
  • Styledash
  • That's Fit
• Gaming
  • Joystiq
  • DS Fanboy
  • Massively
  • Nintendo Wii Fanboy
  • PS3 Fanboy
  • PSP Fanboy
  • WoW Insider
  • Xbox 360 Fanboy
  • Big Download
• Entertainment
  • Cinematical
  • TV Squad
• Finance
  • BloggingBuyouts
  • BloggingStocks
  • WalletPop
• Sports
  • FanHouse Main
  • NFL
  • NBA
  • MLB
  • NCAA Football
  • NCAA Basketball
  • NASCAR
  • NHL
  • Golf
  • Fantasy Football
• Also on AOL
  • African-American Culture
  • Cars
  • Games
  • Maps
  • Money
  • Movies
  • Music
  • News
  • Radio
  • Sports
  • Television
  Travel

All contents copyright © 2003-2008, Weblogs, Inc. All rights reserved

Download Squad is a member of the Weblogs, Inc. Network. Privacy Policy, Terms of Service, Notify AOL