The Tech Herald

CAPTCHAs are dead – new research from Dancho Danchev confirms it

by Steve Ragan - Aug 31 2008, 00:44

Booming business in India leads to death of CAPTCHA. (IMG:J.Anderson)

CAPTCHA has long been a standard used in the online account-creation process. However, a booming Indian economy has taken aim at the security measure, paying a mere $2 USD per 1000 broken to break as many as 700,000 per day from systems like Google, MySpace, Yahoo and others.

Completely Automated Public Turing test to tell Computers and Humans Apart (or CAPTCHA), is a challenge response to ensure a user is entering the information requested.

However, scripting advances and teams working to record the CAPTCHAs used on various sites have all-but ruined this security system. This leads to fake accounts, created to spread Spam and, in some cases, Malware from GMail, Yahoo, MySpace, Facebook and other popular sites.

CAPTCHA is a dead art, it worked well for a few years, but the criminal element has caught up to the technology, and there has been little change in the CAPTCHA standard to match it.

Dancho Danchev has posted an article on ZDnet with some insight and research into the CAPTCHA economy in India. The business of “data processing” is growing, paying obscenely low wages to freelancers with high WPM typing counts.

“Let’s analyze the shady data processing economy of India, discuss exclusive photos of Indian workers breaking MySpace and Google CAPTCHAs, and take a tour inside the web applications of several Bangladesh based franchises, whose team of almost 1,000 international workers is actively soliciting deals for breaking Craigslist, Gmail, Yahoo, MySpace, YouTube and Facebook’s CAPTCHA, promising to deliver 250k solved CAPTCHAs per day on a “$2 for a 1000 solved CAPTCHAs” rate,” Danchev wrote.

His research looks at the hundreds of franchises operated by India’s larger data processing firms. Moreover, Danchev managed to get several great shots of the tools used, and some of the marketing deployed online. The recruiting flips from “breaking” to “solving,” making the job offers and outsourcing look like a challenge for some speed typists instead of the harvesting and collection of CAPTCHA keys for later illegal use.

Some examples of marketing that Danchev discovered include:

“I have 40 PCs and 55 Persons working in my office for data entry work. As 1 person can do 800 captcha entry per hour. We can deliver you good quantity with quality”

“We having more then 10 teams,we are operating 24/7 data entry works and delivering 700k/day captchas daily”

“Dear Sir I am an expert in account creation, will provide you the accounts as per your requirements.I ensure the guaranteed satisfaction always. I charge only $40/1000”

So what do you think? Has CAPTCHA gone the way of the Dodo?

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

Shelby GT350 Mustang Pictures

We have added a bunch of pictures of the all-new Shelby GT350 Mustang from Ford. The ne...

All-new Shelby GT350 Mustang

Ford have revealed details of the new Shelby GT350 Mustang. First introduced in 1965 the new...

Best Cars To Buy In 2015

Leading vehicle research company Kelley Blue Book has released its list of the best cars to ...

A.C. Milan Take On Audi R8

Five A.C. Milan stars take on an Audi R8 in a game of street soccer in a new ad for Toyo Tir...

Jaguar 2016 F-TYPE R Coupe All-Wheel-Drive

Jaguar has unveiled the 2016 F-TYPE R Coupe, the first to feature all-wheel-drive. The 2016 ...