Posted by: Dave Bateman
If you mention the word CAPTCHA in most circles, you will be met with blank stares. But, it is a good bet that most of those people know what it is even if they don’t know it by name. CAPTCHAs are those annoyingly hard to read phrase that you have to enter when creating or validating certain types of accounts. If you still don’t know what I am talking about, here’s an example:
So why do certain sites use CAPTCHAs? To see if you are really a human. These sites want to make sure that it is a real person signing up for the account and not just some program trying to create millions of accounts for purposes that may be less then desirable.
CAPTCHA stands for Completely Automated Public Turing Test To Tell Computers and Humans Apart and anyone that has ever been subjected to one can tell you that it sometimes works too well. More than once I have not been able to tell what the heck the word or phrase was suppose to be. Often CAPTCHAs will have a button near them. When clicked, an audio file will play what the CAPTCHA is. This is mainly there to help those that may have a problem with their vision. I must admit that I have use this feature to try to figure out what the phrase was suppose to be more than once.
As with many security measures, it was only a matter of time before someone came up with a way to crack CAPTCHAs. Researchers at Stanford University created a program called Decaptcha. Decaptcha can listen to the audio CAPTCHA and, in many cases, determine what the CAPTCHA is. It is 100 percent accurate and how well it works depends on which CAPTCHA method is used. For example, Decaptcha had an accuracy of 82 percent for Ebay CAPTCHAs but only a 1.5 percent when ran against reCAPTCHA which is a Google CAPTCHA method used on sites like Facbook and Youtube.
So, while Decaptcha is not perfect, it once again proves that for every new security measure that is created there will be people somewhere figuring out a way around it.