In 1950, computer scientist Alan Turing wrote that within 50 years it would become difficult to distinguish between humans and computers. In 2004, Bill Gates claimed that it would take two years to solve the problem of spam e-mail.
Turing proved to be correct, if a few years away on its projections. Gates seems to be simply wrong.
While the free web services, only 6% of Internet-pill-hawking and scam e-mail pitching generated a year ago, automated spam programs use Web e-mail services now produce more than 12% of digital junk mail, with Microsoft's webmail services alone accounting for around 4%.
In pictures: Protect yourself from identity theft
Since webmail spam comes from a reputable company servers, it is more likely to defeat filters, and at the end in users' inboxes. (And the volume of Web-based spam, according to MessageLabs, was affected far less than other spam the shutdown of the notorious McColo hosting companies on the Internet earlier in November, an event that wiped out over two-thirds of all spam .)
The weak link that allows robots to webmail in turn has a spam-tube? The CAPTCHA - the distorted image hateful words and numbers on some websites, the user to create or find an account or a message. A CAPTCHA - or "completely automated public Turing test to computers and people to distinguish from each other" - help websites keep robot spammers (see "Meta Data: An Invisible CAPTCHA").
The problem, according to many security experts, is that computers today are capable of much too many human abilities. In February, Web security firm Websense announced that CAPTCHAs for Google, Microsoft and Yahoo's Web e-mail services, all was broken. Company founder Jeremiah Grossman posted screenshots of a PC software has been successfully hijacked by criminals read the CAPTCHA to jointly documented a Gmail account after another for spamming purposes.
Some security experts even believe that the CAPTCHA-breaking software with Tesseract - an open-source image detection software from Google itself promoted and used in its book-scanning projects - to recognize the distorted characters.
Google, Microsoft and Yahoo have all the harder to break since the release of their CAPTCHAs. But in July dipped reports have already been beaten that services upgraded "CAPTCHAs too. After another round of patches, claimed the makers of XRumer, a $ 450-spam program, in October that it circumvented the Gmail and Microsoft's CAPTCHAs again.
"It's a cat and mouse that has no end," says David Dagon, a professor of Internet security at Georgia Tech. "The cyber security challenge of the next decade, the distinction between man and computer will be."
Some computer scientists are trying creative approaches. Microsoft last year introduced a CAPTCHA that the user asked to look into a grid of nine images of dogs and cats and asked them to identify the cats. Another experiment showed users pictures of women or men from the field assessment "Hotornot.com" drawn and asked to select the user which three were "hot."
The problem with this clever test of humanity, according to analysis of CAPTCHA hackers sla.ckers.org on the message board, is that both images are accessible sources. It is too easy to use hacker wrote Robert Hansen, also known as RSnake to indicate the source of the images, they use the same tools the CAPTCHA builder and use this index to find breaking the puzzle.
More generally, CAPTCHAs have a bigger problem: Teams of people in India and China together to solve the puzzle for a few cents. Some sites even import CAPTCHAs and entice users to break them in exchange for a pornographic image and then export the results back to a spambot.
But apart from that the human basis of fraud aside, the challenge of building a CAPTCHA, which can not be understood by automated software, much more complex. In August, won the National Federation of A $ 6,000,000 settlement against retail giant Target for using a CAPTCHA Blind on its website that are not visually impaired could be passed through. Then use the blind surfer automatic reading software to interpret pages that represent insurmountable walls CAPTCHAs on Target's website.
Now, with the target sentence must CAPTCHAs also offer an audio option - read a distorted recording of letters and numbers that is often much easier to interpret for a computer as a distorted image.
In a presentation at DefCon hacker conference showed August's security expert, Michael Brooks, how can the audio CAPTCHAs of computers are dismantled. Brooks was a program that he had written that guesses the audio file of the content, these assumptions are superimposed on the playing field level diagram of the noisy audio file. By analyzing the distance between points on the distorted grid CAPTCHA chart and the pitch chart of possible answers to the mystery, his program was able to remove the noise and "listen" to the file only as accurate as a man.
Luis von Ahn, one of the original inventors of the CAPTCHA and professor at Carnegie Mellon University, says that it's still sort out the fight for hope spambots. Last year he founded reCaptcha, a new take on the CAPTCHA, that he says is not yet broken, and is already in use on thousands of sites like Facebook, Twitter and Craigslist.
ReCaptcha takes a new approach: The project will scan and digitize thousands of pages of real-world text, including old books and archives of the New York Times. When interpreting the image-recognition software may not be a passage in the age or faded text, distort it, the picture and it serves as a CAPTCHA. This means that the project is not only a tremendous achievement of digitized documents produced for the purpose of preservation - it filters text and much more difficult for computers to recognize words to find.
"People are still testing our right about 96% of the time," says von Ahn. "Amazingly, they are still much better than computers on some things."
But dealing with reCaptcha still the same problem as any other test of human abilities: access for blind people. And von Ahn admits his audio CAPTCHA, is much harder for humans than its visual counterpart to solve: While computers can not crack, people make mistakes 30% of the time.
In a test of their own superiority, robot, I decided to test me on audio reCaptcha present. The first time I played the file, the stream of sound came out as an indecipherable garble of voices, therefore, played in reverse, and static. I suspect the answer to the test - and failed.
But listening to the audio CAPTCHA again only a few seconds later the numbers started from noisy confusion arising spoken by a mixture of high and low voices. Through to the fourth time, I was able to test more rigorously. In a few minutes I had marked man, had audio test reCaptcha predicted seven out of 10 cases as of Ahn. ? Had adapted to it - my brain was something done that solid software algorithms don t.
No comments:
Post a Comment