By: Steven Baker
What is a CAPTCHA?
History of CAPTCHA
Applications of CAPTCHAs
Accessibility
Examples of CAPTCHAs
reCAPTCHA
Vulnerabilities
Conclusion
Completely Automated Public Turing test to tell Computers and Humans Apart
The goal: To create an automated test that is easy for a human to pass but
difficult for a computer
Optical character recognition (OCR) is a difficult problem for computers to solve Take advantage of the fact that humans are good at recognizing
patterns that computers have trouble with
The most common form of CAPTCHAs are images of text that are distorted:
Verification of a human in the loop, or identification via the Turing Test Journal from 1996 by Moni Naor, an Israeli Computer Scientist First work published detailing ideas behind modern day CAPTCHA
Mark D. Lillibridge, Martin Abadi, Krishna Bharat, and Andrei Z. Broder Used CAPTCHAs for AltaVista in 1997 to prevent bots from adding to
their search engine Patented their process in 1998 although they didn’t use the term CAPTCHA
Luis von Ahn, Manuel Blum, Nicholas J. Hopper, and John Langford First to coin the term CAPTCHA in 2000 at CMU when they developed
the first CAPTCHA used by Yahoo
Protect website registration
Online Polls
Prevent comment spam on blogs
Prevent worms and spam
Search engine bots
Prevent dictionary attacks
While you want to stop unwanted bots, you don’t want to keep legitimate users out
Section 508 in the US requires federal agencies to make information technology accessible to those with disabilities
Problem: Visually impaired users will not be able to solve image based
CAPTCHAs
Like OCR, speech recognition is also a difficult problem for computers to solve
Solution: Provide an audio alternative for human verification
Distorted text with audio option
Picture identification
Simple Math CAPTCHA
3D CAPTCHA
Developed by Luis von Ahn, Ben Maurer, Colin McMillen, David Abraham, and Manuel Blum at CMU Acquired by Google in September 2009
Assists in digitizing the text of books Requires user to enter two words ▪ One is the test word that is known by the system ▪ The other is a word from the scan of a digitized text that a computer was unable to recognize
Used to digitize the archives of the New York Times and books from Google Books
Images that use undistorted text or a consistent font are vulnerable Image processing techniques are able to read the
text if it is not distorted enough
Some companies sell CAPTCHA breaking services Employ actual humans to solve CAPTCHAs as a
job
What is a CAPTCHA?
History of CAPTCHA
Applications of CAPTCHAs
Accessibility
Examples of CAPTCHAs
reCAPTCHA
Vulnerabilities
Any questions?
http://www.google.com/recaptcha/captcha
http://en.wikipedia.org/wiki/CAPTCHA
http://www.captcha.net/captcha_crypt.pdf
http://www.findexamples.com/5-examples-ofdifferent-types-of-captchas/
http://www.captcha.net/Breaking_Audio_CAPT CHAs.pdf