Saturday28 January 2023

CAPTCHA Allegedly Broken By New AI

Reading time is around minutes.

In the war against spammers and other malicious individuals there have been many protections invented. One of these is the CAPTCHA system. This is a system that presents an image that a user must type in to prove they are human. This image is generally not readable by bots as anything other than an image file so it can stop many attempts at spamming. The system is not fool proof and some of the simpler systems have already been hacked through prediction of the codes used to generate the images. Now, it seems like that someone has found a way to actually read the image and input the information.

The CAPTCHA system as we know it today was designed in 2000 as a method for identifying computers trying to register for services. CAPTCHA actually stands for Completely Automated Public Turing test to tell Computers and Humans Apart. The reference to Turing is a nod to the British Cryptographer Alan Turing. Turing helped to develop some of the first computer logic which help usher in the computer age. Many credit him with establishing the performance standard for AI (artificial intelligence). To Turing a machine was only “intelligent” if it could perform the same task as a human and at the same level.

The CAPTCHA system puts forward a test that is supposed to do that and other than a few very simple systems it has stood up to the test for many years. Now there is a company called Vicarious that claims they have come up with an AI system that can actually read the CAPTCHA images and properly interpret them. Co-Founder D. Scott Phoenix has said: “We wanted to show we could take the first step toward a machine that works like a human brain, and that we are the best place in the world to do artificial intelligence research”. Vicarious claims that they can break the CAPTCHAs from PayPal, Google, eBay and more with a success rate of more than 90%.

Now, this is not the best of news as it could be put to use by spammers to make things much worse than they can already get. However, there is some hope that this might not be as bad as it seems. On the one hand Vicarious has not shown any real evidence that it can do this so there claims are suspect at the moment. There is also the fact that CAPTCHAs can be adjusted to make them harder to read or they will simply move away from text based CAPTCHAs to something more complex. One item might be to have a complex image that requires the ability to reason to identify the needed output. Of course there are drawbacks to making CAPTCHAs more complex. Eventually many real humans might not be able to figure them out.

There is also the small fact that it is probably cheaper to pay people to get around CAPTCHAs than it would be to buy a hardware and software system to break them. This means that the software being developed by Vicarious could end up being beneficial in areas outside the cracking arena. For now it is an unproven, but very interesting subject. We will certainly be keeping our eye on it.

Tell us what you think in our Forum

Last modified on Monday, 28 October 2013 21:10

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.