Friday, May 27, 2011

IT experts develop 'Decaptcha' to crack Captcha

          Widely used online word test reverse engineered.

          IT experts have developed a new software 'Decaptcha' that cracks 'Captcha', the online word test tool that is used by websites to identify humans.

          A Captcha is a program that protects websites against bots by generating and grading tests, such as distorted tests, that humans can pass but current computer programs cannot. The term Captcha (Completely Automated Public Turing Test To Tell Computers and Humans Apart) was coined in 2000 by Luis von Ahn, Manuel Blum, Nicholas Hopper and John Langford of Carnegie Mellon University.

          The IT experts who developed Decaptcha claim that their software beat Captcha on eBay 82% of the time, Microsoft 48.9%, and Yahoo 45.5%, the Daily Mail reported. In tests, Decaptcha beats audio Captchas up to 89% of the time, said the experts. They added that cyber criminals could exploit this vulnerability to breach security walls in websites like Yahoo and eBay, unless the websites upgrade their security features.

          The vulnerability could prove disastrous to e-Commerce websites, such as the ones selling tickets and could lead to identity theft for users. "A computer algorithm that solves one Captcha out of every 100 attempts would allow an attacker to set up enough fraudulent accounts to manipulate user behaviour or achieve other ends on a target site," the researchers from Stanford University and Tulane University said.
Captchas usually come in the form of distorted words, but they also have a feature which reads out the words loud over the computer's speakers. The researchers found that this feature was vulnerable.

          In their study, the researchers found that the Decaptcha could crack around 200 complicated Captchas with just 20 minutes of 'listening' time.

1 comments:

wow!!!
the blog is superb,very infoamtive and useful.
keep blogging.

death by captcha

Post a Comment