Welcome to WebmasterWorld Guest from 126.96.36.199
...Iím already starting to see evidence of consolidation between Indiaís major CAPTCHA solving companies. The consolidation logically leading to increased bargaining power, is resulting in an international franchising model recruiting data processing workers empowered with do-it-yourself CAPTCHA syndication web based kits, API keys, and thousands of proxies to make their work easier, and the process more efficient.
This is either a horrifying development or a handy and cost-effective service, depending on which side of the CAPTCHA barrier you sit on.
This sounds like a more efficient use of two-cent per hour click labour, rather than an advance in fraud techniques.
The fact that they need to consolidate is probably good news, and suggests that maybe the CAPTCHA advances are getting a little ahead of the cheats :)
It would be nice to see a little cooperation between the captcha creators ;)
Interesting to think that what will save captcha in the long term is not technology - but the labour market being unable to supply clickers cheaply enough!
[edited by: Quadrille at 11:30 am (utc) on Sep. 4, 2008]
Having layers of defense - not just the captcha - will help, but nothing beats human moderation, care and common sense.
I often wonder how these low-level spammers make a profit; 99% of the captcha-beaters I've seen or heard of seem to gain no cash reward whatsoever. And even the 1% are marginal at best, relying on total newbies or plain old fashioned idiots (who probably have little cash and no credit card).
Who pays for this stuff, and wouldn't they do better with Adwords?
I don't even use CAPTCHA on any sites. The methods I use work and work well for trapping bots, and are easy to implement.
Hope they burn through a ton of money only to find what I am saying to be true.
People buying into this are wasting their money.
[edited by: Demaestro at 6:02 pm (utc) on Sep. 8, 2008]
If you find something you can exploit, like the previously exploitable Twitter Bio Link - [mattcutts.com...] then you can easily write a "bot" that will create 10,000 twitter accounts in no time.
The only problem is that the captcha needs to be solved on each account creation. So you pay $20 to have the 10,000 captchas solved by one of the above services.
Your bot would try to register an account, take a screenshot of the captcha, pass it to the captcha breaking team via their API, wait for and get the result, and then pass it in with the other form values. Now you have 10,000 twitter accounts ready to give backlinks to whatever sites you want.
And obviously there are hundreds or thousands of sites out there where a system like this can be used.
Diabolical. Why pay low wages when you can get free labor from desperate geeks?
But here in the real world, sites using CAPTCHA intelligently with other defences, still blocks 99% of spam attacks.
Live with it.
Theoretical support of spammers is all good fun, but any site determined to block the b***stards can do it.
Sorry, guys, but that's the truth.
The captcha project itself is along the same lines, they are using the images to improve the software that can read the images.. kinda a good idea that is scheduled to ruin itself.
Are you referring to the REcaptcha project?
I always thought it was weird that they were setting up captcha images to improve computer reading.
When I first found the site way back when, I thought it was some type of scam until I saw it was by Carnegie Mellon.
Seems counter productive?
"If you have a lock on your house a thief will become a lock pick, the better the lock, the better a lock pick the thief becomes - until such time as another house becomes easier."
It's exactly like putting on running shoes when two of you are pursued by a bear - you don't need to outrun the bear.
Security needn't be about the 'safest', for most purposes, just 'safer than most'.
CAPTCHA can never defeat human slaves alone (it was designed specifically to let humans pass!); but as one line of defense, it can delay the break; language based tests can defeat the cheapest clickers - they don't speak English.
And as the lock pickers advance, so must the locksmiths. And they do. ;)