CAPTCHA pwned?
CAPTCHA? WTF is CAPTCHA? Basically, ever see these suckers b4?
Basically these 3 images are CAPTCHA images from Hotmail, Yahoo and phpBB. CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. The idea is that only a human is be able to decipher the image and type the text inside the image to 'prove' that he is human and not a bot.
Well, interestingly enuff, this guy at http://sam.zoy.org/pwntcha/ managed to write a program that can decode these images and break thru CAPTCHA. I dunno, it seems like yeah it's possible to break it IF someone is really serious. Some even talk about other ways like using logic test, credit card, etc, but I think u really need to think about whether it's worth all that trouble. I think it's still good enough to defeat 99% of spam. 1%, I filter myself. I don't think ppl will be so interested in my blog to fill it with spam. At most I delete lor simple.
Recently blogspot added captcha. Thumbs up! CAPTCHA is surprisingly easy to setup. PHP has built in captcha libraries and comes in 2 versions, TTF (imagettftext which requires TTF) and non-TTF (imagestring which works straight away). If u run a blog-style website or web forum, make sure u get one that supports captcha, unless u like all sorts of nonsense on ur website.
Basically these 3 images are CAPTCHA images from Hotmail, Yahoo and phpBB. CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. The idea is that only a human is be able to decipher the image and type the text inside the image to 'prove' that he is human and not a bot.
Well, interestingly enuff, this guy at http://sam.zoy.org/pwntcha/ managed to write a program that can decode these images and break thru CAPTCHA. I dunno, it seems like yeah it's possible to break it IF someone is really serious. Some even talk about other ways like using logic test, credit card, etc, but I think u really need to think about whether it's worth all that trouble. I think it's still good enough to defeat 99% of spam. 1%, I filter myself. I don't think ppl will be so interested in my blog to fill it with spam. At most I delete lor simple.
Recently blogspot added captcha. Thumbs up! CAPTCHA is surprisingly easy to setup. PHP has built in captcha libraries and comes in 2 versions, TTF (imagettftext which requires TTF) and non-TTF (imagestring which works straight away). If u run a blog-style website or web forum, make sure u get one that supports captcha, unless u like all sorts of nonsense on ur website.
posted by Beng Hacks at 7:18 PM
2 comments
