HDTV/3D TV News
CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart), Yahoo’s system for preventing automated access to its systems, has up until now been branded as next to impossible to decode, according to several websites (link) selling CAPTCHA cracks for sites like eBay.
However this week, a programmer going by the name ‘John Wane’, claiming to be a Russian security researcher, posted code (link) for a decoder system that he claims can attain an accuracy rate of roughly 35%.Yahoo, who have been notified of this development, have not yet responded.
‘John Wane’ said that the decoder could be implemented by spammers to register Yahoo accounts for spamming purposes, or to break through current anti-spam features. He went on to say that it’s unnecessary to achieve high accuracy when designing automated recognition software, and that ‘an accuracy of 15% is enough when an attacker is able to run 1000,000 tries per day’.
Yahoo claim they are already working on improvements to their system, in recognition that there are attempts being made to create automated solutions for CAPTCHA images. Last year CAPTCHA codes were cracked by criminals who lured people with the use of a virtual stripper named ‘Melissa’ (no relation to the 1999 worm by the same name). ‘Melissa’ was designed, in a series of photographs (link), to remove more clothing every time the user correctly entered characters in accompanying CAPTCHA codes.
Forrester analysts say that the explosion of image spamming is just the beginning, and that spammers are becoming increasingly aware of the effectiveness of using artificial intelligence to circulate their junk mail to email accounts.
Currently Forrester suspects that the only way to begin to battle the surge of spam using these new A.I methods is for technology venders and their customers to abandon their fight using their arsenal of filter heavy technology, and begin to tackle the problem at its roots.
Comments (0)
