<< Predatory Blogging - Blogging ... | Home | New York New York Big City Of ... >>

Beating CAPTCHA With A Neural Network

CAPTCHAAs if to punctuate my post entitled Image Based CAPTCHA is Fast Losing it’s Appeal, Casey outlines his .NET code used to beat the CAPTCHA employed by many blogs using a Neural Network approach.

Neuron This is a beautiful attack on CAPTCHA (as it is currently often implemented) and only shows that there is no "ONE" solution to rule them all. The attacks against rel="nofollow" as ineffective against spam now apply to CAPTCHA. Blocking automated spam in all its forms will be a continuous iterated process encapsulating multiple combined defenses (such as rel="nofollow").

And to the haters that are pissed that Casey published this, get over yourself. You need to realize that his post shows that CAPTCHA (as it is currently implemented) is a wall of sand. If it was this easy for him to beat CAPTCHA, a black hat out there probably already has a similar solution. Ignorance is no substitute for security. Now you know it can be beat quite easily, go fix it and quit whining.

Thanks to Scott Reynolds for pointing out Casey's approach.

What others have said

Requesting Gravatar... idunno.org Feb 01, 2005 1:30 PM
# Whilst we're considering honesty, comment spam started.
I was hoping that rolling my own blog code would mean I'd escape the comment spammers, but apparently not.
Requesting Gravatar... protected virtual void jayBlog { Feb 04, 2005 12:19 PM
# Blog Spam is Killing Me, It's CAPCHA Time
Requesting Gravatar... protected virtual void jayBlog { Feb 04, 2005 12:20 PM
# Blog Spam is Killing Me, It's CAPCHA Time
Requesting Gravatar... Sharp as s Marble Feb 21, 2005 1:10 PM
# re: Beating CAPTCHA With A Neural Network
I was thinking about that earlier and how absolutely irritating my CAPTCHA was to my authors. I've been thinking about creating a multifaceted approach to comment checking,

One example I was thinking of were pictures with questions asked about them. For example, a small image of 4 puppies. Different questions could be asked of the same image such as "How many ducks are in this image?" "What is the color of the collar of the 3rd puppy from the right" & even things unrelated to the picture such as "Yellow and blue make what?".

Of course this approach makes posting even harder which might defeat the whole thing anyway.

My other solution would be to order something from a spammer, trace the money, find the bastards and kill them. I have an odd feeling even the most pacifistic of us would go for that idea.
Requesting Gravatar... Paul Whitaker's E-Commerce Blog Apr 23, 2005 5:50 PM
# Beating CAPTCHA With A Neural Network
Let's hope the blog comment spammers don't get a hold of this one. I've recently had problems with Trackback spam, so hopefully at least my captchas are still viable to stop comment spam for a while.As if to punctuate my post entitled &quot;Image Based CA
Requesting Gravatar... asdf Jun 26, 2010 3:33 PM
# re: Beating CAPTCHA With A Neural Network
Hmmm. it's 2010 now and we still seem to have captchas.

Anyway, I just wanted to say that Neural Networks can also be used to detect spam.
Requesting Gravatar... Incognito Jul 22, 2010 9:28 AM
# re: Beating CAPTCHA With A Neural Network
Could someone direct me to an easy program (or Firefox add-on) that just bypasses Captcha altogether. On some sites, it doesn't even show the image and/or form, and I can't register at all... :'(

It's bad enough when I have to make out what it says when it works (even with audio backup, I have trouble, as I'm hearing impaired as well as have incredible trouble making out what it wants me to type!) :(

It's much worse when Captcha doesn't even appear on sites I really need to access! :'(

I really hate Captcha, and the company behind it (BOO!)! On top of that, they're making money off of their stupid, broken, and annoying products! >:(

Smarter/easier/free/privacy guaranteed spam catchers are the correct way of handling human recognition. :D

I'm not sure what Neural Networks are, but if it's just an automated human detection/spam bot blocker for web designers, I'm much more for that. :)

(Great, when I submitted this form, it called it spam and is being moderated, hopefully my message will get through this too...) :(

(You may delete any extra duplicate posts that show up, if you want moderators - But I really need help, and would appreciate if my message could get through...)

What do you have to say?

(will show your gravatar)
Please add 6 and 6 and type the answer here: