back to article Google boffins beat own Captchas

A group of Google scientists working on extracting numbers from StreetView images has discovered that their technology can also match humans at solving captchas. The aim, according to their research paper (at Arxiv, here), was to automatically extract accurate street number data from StreetView images so as to improve Google …

COMMENTS

This topic is closed for new posts.
  1. Sebby
    Happy

    Surprise!!!

    Anyone still of the opinion that all the more accessible, less annoying CAPTCHAs are "Security by obscurity"?

    Yes, I'm bitter. Being blind, CAPTCHAs just piss me off. I use skipinput.com for my CAPTCHA-solving needs (no affiliation, just a "Happy" customer) because all the alternative audio CAPTCHAs just plain don't work. So I'm glad we now have actual evidence of just how questionable the rigorous security of visual CAPTCHAs really is. Yes, you should adopt countermeasures to automated and human spammers proportional to the amount of effort an attacker will put into attacking your site, of course, and that may include very strong CAPTCHAs, but this really is a perfect illustration of why you gain nothing from shoring your defences up more than is really necessary, and in fact may hurt yourself. Your visitors come first, and there really are lots of ways (honey pots, script-based, text-based, rate limits, IP reputation, email verification with optional code, etc, etc). I know it's hard sometimes for the smaller sites to do more than just slap on ReCAPTCHA, but frankly having operated on a single email challenge-response type system for several years now on a little forum, I'm convinced that our best weapon against the spammers at this point is diversification. May the world rid itself of obnoxious CAPTCHA, the concern for all humankind be extended equally regardless of ability, and the reality that "Security by obscurity" sometimes is all it takes to make your website visitors happier and less inundated with spam be finally recognised. :)

    1. Anonymous Coward
      Anonymous Coward

      Re: Surprise!!!

      Been deliberately messing with the ReCAPTCHA's for years. By getting the clearer word/number correct and entering garbage for the other. Still lets me post/in, and I haven't done data entry for free.

      1. Anonymous Coward
        Trollface

        Re: Surprise!!!

        "Been deliberately messing with the ReCAPTCHA's for years."

        Let me get this straight - you waste your own time and expend extra effort to sabotage a service just so you can avoid helping people without personally profiting? You're a real hero.

        1. ratfox

          Re: Surprise!!!

          I would also add: without having the slightest effect. Unless you manage to have many people doing the same and enter the same wrong answer, your input is simply ignored…

        2. Anonymous Coward
          Anonymous Coward

          Re: Surprise!!!

          you waste your own time and expend extra effort to sabotage a service just so you can avoid helping people without personally profiting

          Only you're not helping *people*, you're helping *Google* by performing work for them without being paid. That said, I really never minded helping them OCR old books; that's at least adding to the sum-total of human knowledge by making dead-tree content searchable/indexable.

          But when they want me to ID a house number so they can sell mapping data to 3rd parties? Fuck those lazy asshats; they should do their own homework (no pun intended.)

          (Not the same AC BTW)

          1. Anonymous Coward
            Anonymous Coward

            Re: Surprise!!!

            "Fuck those lazy asshats; they should do their own homework"

            Given that this very article is about said lazy asshats using the data acquired from the CAPTCHA checks you hate to do just that, I think you might want to reconsider the basis for your initial complaint.

            Further, AFAIK the ReCAPTCHA service was provided at no charge to web sites which wanted to use it, which essentially means that the arduous number-reading you toiled over was in effect a way to make it worthwhile for Google to provide the code and horsepower to run the Captcha for the sites that you ended up using - which otherwise would presumably have had to buy such a service (or have less effective Captchas) and thereby incur effective costs in increased advertising required to offset the expense of a replacement or user experience negatives in the form of spam, hax0rs, etc. And those costs would have been passed on to you as a user.

            So, yeah, congratulations; you based your outrage on a false premise, which was itself built on the assumption that Google didn't care to solve the problem another way, when in fact they were specifically using the data to do exactly what you wanted them to do in the first place. And then when they succeeded at it, your first act was to come here and brag about how you tried to sabotage their efforts to do the thing you wanted them to do because they weren't doing it.

            Bravo, sir. Bra-vo.

    2. YetAnotherLocksmith
      FAIL

      Re: Surprise!!!

      No idea why the downvotes!? What Sebby says is true - CAPTCHAs are pretty poor.

      The real issue is the lack of a solution - any reasonable test can be farmed out to either Mechanical Turk-like systems or simply wrapped into a hacked (or even legit) page as a fake CAPTCHA for that site, which redirects it to the target.

  2. Acme Fixer

    Thanks..

    for that information. I didn't know I was helping Google as a carbon based OCR machine. I use WordPress and their anti spam add-on is effective, without any captchas. I just have to empty out the spam folder on occasion. I think only one spam has managed to slip by in the last year. Spammers have something to sell so they have to leave a link and that's what gives them away.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021