reCaptcha is a technology to stop auto bots from creating email and forum accounts in an attempt to post and send spam. There are tools that use OCR, or optical character recognition techniques and other methods to break reCAPTCHA, a widely used security measure acquired by Google in September.
There are a couple of free tools that are capable of breaking captcha, though, I will not mention them here. These tools are not 100% accurate, but are automated in such a way that they work hands free to create email and forum accounts for spammers to use at a later time.
Google has denied that the current version of its reCAPTCHA captcha service contains vulnerabilities which make it easier for spammers to guess displayed words using automated scripts.
Jonathan Wilkins, the author of the analysis report, has taken a closer look at the new captchas. The main difference is the lack of the horizontal separator line used in the old captchas. Users now find the words easier to read – but so do machines. “The new version of the puzzle is weaker”, Wilkins told The H’s associates at heise Security. In his tests, Wilkins managed to increase the success rate of conventional text recognition nearly tenfold over the previous version (from 5 out of 200 to 23 out of 100).
The only way for webmasters to stop auto bots from registering new accounts is by moderating every new registration. This is time consuming, and in most cases, webmasters don’t have the time.
To learn more about reCaptcha visit http://recaptcha.net/.
Recent posts in Security