<< Predatory Blogging - Blogging ... | Home | New York New York Big City Of ... >>

Beating CAPTCHA With A Neural Network

CAPTCHAAs if to punctuate my post entitled Image Based CAPTCHA is Fast Losing it’s Appeal, Casey outlines his .NET code used to beat the CAPTCHA employed by many blogs using a Neural Network approach.

Neuron This is a beautiful attack on CAPTCHA (as it is currently often implemented) and only shows that there is no "ONE" solution to rule them all. The attacks against rel="nofollow" as ineffective against spam now apply to CAPTCHA. Blocking automated spam in all its forms will be a continuous iterated process encapsulating multiple combined defenses (such as rel="nofollow").

And to the haters that are pissed that Casey published this, get over yourself. You need to realize that his post shows that CAPTCHA (as it is currently implemented) is a wall of sand. If it was this easy for him to beat CAPTCHA, a black hat out there probably already has a similar solution. Ignorance is no substitute for security. Now you know it can be beat quite easily, go fix it and quit whining.

Thanks to Scott Reynolds for pointing out Casey's approach.

What others have said

Requesting Gravatar... idunno.org Feb 01, 2005 1:30 PM
# Whilst we're considering honesty, comment spam started.
I was hoping that rolling my own blog code would mean I'd escape the comment spammers, but apparently not.
Requesting Gravatar... protected virtual void jayBlog { Feb 04, 2005 12:19 PM
# Blog Spam is Killing Me, It's CAPCHA Time
Requesting Gravatar... protected virtual void jayBlog { Feb 04, 2005 12:20 PM
# Blog Spam is Killing Me, It's CAPCHA Time
Requesting Gravatar... Sharp as s Marble Feb 21, 2005 1:10 PM
# re: Beating CAPTCHA With A Neural Network
I was thinking about that earlier and how absolutely irritating my CAPTCHA was to my authors. I've been thinking about creating a multifaceted approach to comment checking,

One example I was thinking of were pictures with questions asked about them. For example, a small image of 4 puppies. Different questions could be asked of the same image such as "How many ducks are in this image?" "What is the color of the collar of the 3rd puppy from the right" & even things unrelated to the picture such as "Yellow and blue make what?".

Of course this approach makes posting even harder which might defeat the whole thing anyway.

My other solution would be to order something from a spammer, trace the money, find the bastards and kill them. I have an odd feeling even the most pacifistic of us would go for that idea.
Requesting Gravatar... Paul Whitaker's E-Commerce Blog Apr 23, 2005 5:50 PM
# Beating CAPTCHA With A Neural Network
Let's hope the blog comment spammers don't get a hold of this one. I've recently had problems with Trackback spam, so hopefully at least my captchas are still viable to stop comment spam for a while.As if to punctuate my post entitled &quot;Image Based CA

What do you have to say?

(will show your gravatar)
Please add 2 and 8 and type the answer here: