I am sure you are all aware of the CATCHPA (Completely Automated Public Turing test to tell Computers and Humans Apart) code which requires you to enter random characters in a text box to verify if you are a human or machine. More and more websites are now employing this technique to prevent automated programs from abusing the service.
Websense, a security firm based in San Diego reported that a software broke Hotmail’s CATCHPA by creating multiple accounts to send spam. The attacks were detected by the firm last month.
The attack followed similar ones this year against Microsoft’s Live Mail accounts and Google’s Gmail service. A little over a week ago, the security firm reported a similar attack on Google’s Blogger, a blog publishing system.
According to Stephan Chenette, manager of security labs at Websense:
What we’re noticing over the last year is that these tests meant to tell the difference between a human and a computer are being targeted by more and more malicious groups. And they are getting better at it.
The problem of telling computers and humans apart has a long tradition in artificial intelligence theory.
In a landmark paper in 1950, British mathematician Alan Turing proposed that a machine could be said to ”think” if it could carry on a conversation - via teletype - in a manner that was indistinguishable from a human.
But the practice of distinguishing humans from computers has taken on a far more practical role in the Internet age. Although this CATCHPA technique has also came under severe criticism recently for being too difficult sometimes.
The free e-mail accounts and blogs are like gold to the malicious attackers. Because spam filters are less likely to block items from these free services.
Chenette said.
0 responses so far
There are no comments yet...Kick things off by filling out the form below.
You must log in to post a comment.