Google’s CAPTCHA – caught by spammers!

by Alex Zaharov-Reutt

Friday, 29 February 2008

Page 1 of 2 ! Uh-oh – it looks like Gmail addresses could soon be the originators of spam - instead of being known for having a great spam filter, with the news that Google’s CAPTCHA system to prevent automated sign-ups has been busted. Spam is still one of the Internet’s biggest unsolved problems, and despite Bill Gates promising a few years ago that Microsoft could solve the relentless spew of spam, junk email has only gotten worse! One way that webmail sites offering free online email accounts have stopped spammers from using automated methods to set up free email accounts to send spam has been to use the CAPTCHA system often involving a few letters against a background with wavy lines or dots to make OCR (optical character recognition) difficult for non-humans. The system is also widely used by websites offering forums or comment systems that users or readers can contribute to. CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart, and for the most part, it has worked well. Even spammers have used the technique to send us all ‘pictures’ with text ads in them for all the usual spam products to defeat anti-spam algorithms. But just as all locks are eventually defeated, so has the CAPTCHA system seen defeat – and this isn’t the first time. As an example, Websense Security Labs noted that on Feb 6, 2008, the spammers defeated the Windows Live Mail CAPTCHA system, and now the spammers have broken through Google’s CAPTCHA defences. So, how did they do it, and beyond simply the kudos of breaking through Google’s defences and the ability to send spam through Gmail, why did they do it? Please read onto page 2. << First page <   1 2 Next page > Last page - Post your comment >>

 

< Next story in category		Previous story in the category >

Visitors last 30 days Suscribers

904,266 13,751