Bypassing CAPTCHA

Published 02-07-2005 6:34 PM | jokiz

CAPTCHA(Completely Automated Public Turing test to tell Computers and Humans Apart) is a type of challenge-response test used in computing to determine whether or not the user is human.  You can see them when signing up a free web-based email and it is used as protection from spammers.


It is interesting to note its use in a number of fields enumerated on www.captcha.net and the use of it to protect online polls made me laugh:

In November 1999, http://www.slashdot.com released an online poll asking which was the best graduate school in computer science (a dangerous question to ask over the web!). As is the case with most online polls, IP addresses of voters were recorded in order to prevent single users from voting more than once. However, students at Carnegie Mellon found a way to stuff the ballots using programs that voted for CMU thousands of times. CMU's score started growing rapidly. The next day, students at MIT wrote their own program and the poll became a contest between voting "bots". MIT finished with 21,156 votes, Carnegie Mellon with 21,032 and every other school with less than 1,000. Can the result of any online poll be trusted? Not unless the poll requires that only humans can vote.

An MS MVP even tried to prove its flaw, find it out in his
blog.

Filed under: , ,