[nycphp-talk] easily defeating captchas using automated imageanalysis
George Schlossnagle
george at omniti.com
Tue Nov 2 21:25:12 EST 2004
On Nov 2, 2004, at 8:59 PM, Chris Shiflett wrote:
> --- inforequest <1j0lkq002 at sneakemail.com> wrote:
>> There's a way to defeat the to-be-monikered-adult hack. Remind
>> the world that it is illegal to participate in a security hack,
>> and that participation via adultsite captcha completion is at
>> the very minimum "grounds for investigation".
>
> I don't see how this idea will work, because people have no idea that
> they're participating in any such thing. I can think of plenty of ways
> to
> word this:
>
> "In order to keep our competitors from harvesting our images, we ask
> that
> you please type in the word you see in the box below. Once you do this,
> we'll show you some pictures you don't want to miss!"
>
> In fact, I would hope that it would be impossible to prosecute someone
> who
> was tricked into providing this answer, because they literally have no
> way
> to know that the answer they're provided is going to be misused in any
> way.
Also, I suspect that people just won't care about the threat, even if
you watermark the image 'this is property of foo.com, if you aren't
seeing this from foo.com, please report this'. I mean millions in
advertising and warnings on music/movies doesn't achieve a deterent
effect.
George
More information about the talk
mailing list