The Tech Herald

CAPTCHAs are dead – new research from Dancho Danchev confirms it

by Steve Ragan - Aug 31 2008, 00:44

Booming business in India leads to death of CAPTCHA. (IMG:J.Anderson)

CAPTCHA has long been a standard used in the online account-creation process. However, a booming Indian economy has taken aim at the security measure, paying a mere $2 USD per 1000 broken to break as many as 700,000 per day from systems like Google, MySpace, Yahoo and others.

Completely Automated Public Turing test to tell Computers and Humans Apart (or CAPTCHA), is a challenge response to ensure a user is entering the information requested.

However, scripting advances and teams working to record the CAPTCHAs used on various sites have all-but ruined this security system. This leads to fake accounts, created to spread Spam and, in some cases, Malware from GMail, Yahoo, MySpace, Facebook and other popular sites.

CAPTCHA is a dead art, it worked well for a few years, but the criminal element has caught up to the technology, and there has been little change in the CAPTCHA standard to match it.

Dancho Danchev has posted an article on ZDnet with some insight and research into the CAPTCHA economy in India. The business of “data processing” is growing, paying obscenely low wages to freelancers with high WPM typing counts.

“Let’s analyze the shady data processing economy of India, discuss exclusive photos of Indian workers breaking MySpace and Google CAPTCHAs, and take a tour inside the web applications of several Bangladesh based franchises, whose team of almost 1,000 international workers is actively soliciting deals for breaking Craigslist, Gmail, Yahoo, MySpace, YouTube and Facebook’s CAPTCHA, promising to deliver 250k solved CAPTCHAs per day on a “$2 for a 1000 solved CAPTCHAs” rate,” Danchev wrote.

His research looks at the hundreds of franchises operated by India’s larger data processing firms. Moreover, Danchev managed to get several great shots of the tools used, and some of the marketing deployed online. The recruiting flips from “breaking” to “solving,” making the job offers and outsourcing look like a challenge for some speed typists instead of the harvesting and collection of CAPTCHA keys for later illegal use.

Some examples of marketing that Danchev discovered include:

“I have 40 PCs and 55 Persons working in my office for data entry work. As 1 person can do 800 captcha entry per hour. We can deliver you good quantity with quality”

“We having more then 10 teams,we are operating 24/7 data entry works and delivering 700k/day captchas daily”

“Dear Sir I am an expert in account creation, will provide you the accounts as per your requirements.I ensure the guaranteed satisfaction always. I charge only $40/1000”

So what do you think? Has CAPTCHA gone the way of the Dodo?

Comment on this Story

comments powered by Disqus

From Autosaur.com

Mercedes-AMG GT S Pricing

Mercedes-AMG has announced pricing for the new Mercedes-AMG GT S.The GT S will go on sale in...

Nissan is #withdad for Super Bowl

Nissan is the latest company to announce details of their advertising during the forthcoming...

Special-Edition Porsche GTS Club Coupe Unveiled

The new Porsche GTS Club Coupe has been revealed celebrating the 60th anniversary of the big...

Volvo Detroit Auto Show Pictures

Swedish car maker Volvo has been showing off their latest models at the North...

Ford GT Detroit Auto Show Pictures

We have added some great pictures of Ford’s new supercar the Ford GT. The company was s...