Forgot your password?
typodupeerror
Security Software IT

Next-Generation CAPTCHA Exploits the Semantic Gap 327

Posted by kdawson
from the stand-and-identify dept.
captcha_fun writes "Researchers at Penn State have developed a patent-pending image-based CAPTCHA technology for next-generation computer authentication. A user is asked to pass two tests: (1) click the geometric center of an image within a composite image, and (2) annotate an image using a word selected from a list. These images shown to the users have fake colors, textures, and edges, based on a sequence of randomly-generated parameters. Computer vision and recognition algorithms, such as alipr, rely on original colors, textures, and shapes in order to interpret the semantic content of an image. Because of the endowed power of imagination, even without the correct color, texture, and shape information, humans can still pass the tests with ease. Until computers can 'imagine' what is missing from an image, robotic programs will be unable to pass these tests. The system is called IMAGINATION and you can try it out." This sounds promising given how broken current CAPTCHA technology is.
This discussion has been archived. No new comments can be posted.

Next-Generation CAPTCHA Exploits the Semantic Gap

Comments Filter:
  • Alternative... (Score:5, Informative)

    by martin_henry (1032656) on Wednesday April 23, 2008 @07:20AM (#23170006)
  • by thrill12 (711899) on Wednesday April 23, 2008 @07:26AM (#23170084) Journal
    ...but some more info here [psu.edu] as well as a (ugh) [a href="http://wang.ist.psu.edu/imagination/imagination.ppt">powerpoint and a user study [psu.edu] with some samples.
  • Re:Too hard. (Score:1, Informative)

    by lorenzo.boccaccia (1263310) on Wednesday April 23, 2008 @07:31AM (#23170130)
    I'm having problem just passing the current generation captchas. some are case sensitive, some not, none states it, some are so twisted that b and 8 confuses, l and 1 confuses and so on. It's somewhat better with the ones using real words, but not everybody is a native English speaker.
  • by Anonymous Coward on Wednesday April 23, 2008 @07:33AM (#23170142)
    The real solution to captcha is OpenID.
  • Illogical (Score:1, Informative)

    by SpinyNorman (33776) on Wednesday April 23, 2008 @07:34AM (#23170150)
    If a computer could recognize the difference between human and computer generated speech, then it would know how to generate human sounding speech.
  • Re:Too hard. (Score:2, Informative)

    by endersshadow7 (972296) on Wednesday April 23, 2008 @07:57AM (#23170342)
    I've used the Asirra Project [microsoft.com] for about a year now on my site with fantastic results. I've had absolutely 0 bot registrations, when I was getting 10-20 a week with the old CAPTCHA. Given all the press CAPTCHA's have been getting lately, it makes me wonder why more people aren't implementing something of this nature.
  • Re:Blind people? (Score:5, Informative)

    by Kam Solusar (974711) on Wednesday April 23, 2008 @08:27AM (#23170598)
    According to Wikipedia [wikipedia.org]: In November 2004 article Magnitude and causes of visual impairment, the WHO estimated that in 2002 there were 161 million (about 2.6% of the world population) visually impaired people in the world, of whom 124 million (about 2%) had low vision and 37 million (about 0.6%) were blind.
  • by xaxa (988988) on Wednesday April 23, 2008 @08:48AM (#23170852)

    Pretty soon they'll just set up a "free porn" site - free access so long as you solve a captcha to get in.

    It's been threatened and talked about before, all it needs is something "unbreakable" like this to actually make it happen.
    It's already happening: http://news.bbc.co.uk/1/hi/technology/7067962.stm [bbc.co.uk]
  • Re:Alternative... (Score:1, Informative)

    by Anonymous Coward on Wednesday April 23, 2008 @10:16AM (#23172016)
    That alternative page just links to the original page. Not much help, but thanks for trying.
  • Re:Blind people? (Score:3, Informative)

    by rapiddescent (572442) on Wednesday April 23, 2008 @10:45AM (#23172418)

    The blind and hard-of-sight have always been poorly served by what is a very visual medium.

    This is not true, I once worked for a genius of an architect at a very large organisation - he was blind and told me that the web had opened up whole new avenues of access to research material that was not available as braille from the library etc. he used to clatter away on a braille 'screen' accessing google and so on.

    I've said it on slashdot a few times, but I had to change a large banking authentication system in the UK from using CAPTCHA because the RNIB basically said that any large UK company using CAPTCHA would be taken to court (or the front page of the Daily Express - not sure which is worse) if an accessible alternative to CAPTCHA was not provided on the same page at no cost or hassle to the user. The Disability Discrimination Act states that 'reasonable measures' have to be taken to provide for visually impaired users, however, the RNIB has a very strong powerbase in the UK and have will fight an applicationthat has only CAPTCHA - of course, if you provide an alternative, what will the crackers use?

    visual impairedness is more common than you think. many people are not registered blind, like my dad with his 19" screen and nose marks against it, doesn't call himself blind.

  • by misterjava66 (1265146) on Wednesday April 23, 2008 @11:25AM (#23172968)
    Take the link down please. It claims that slashdot slammed it.

    -----------
    SERVER TOO BUSY

    Because of the [snip]exposure on slashdot today, we experienced an unexpected number of users. The service can be temporarily down from time to time. We will be back online when the load is lower. For more information about the project, go to the project Website, read an earlier publication on this project, or contact Prof. James Wang by email at jwang at ist.psu.edu .

    -- Thanks, the IMAGINATION team.
    April 23, 2008
    -------------
  • Re:Blind people? (Score:5, Informative)

    by nickos (91443) on Wednesday April 23, 2008 @11:52AM (#23173342)
    I had the same problem, and I was able to solve it in 2 steps.

    1. Strip links from messages. The spammers are trying to game Google's (and other search engine's) page ranking, and they can't do this if you don't allow them to post links. The incentive to spam your site has now gone.

    2. Insert some primitive captcha. In my case this was just a question asking the user to add 2 small numbers together. The reason this step was necessary was because despite implementing step 1, I was still getting a huge amount of automated spam from spam bots which didn't realise there was no point in spamming my site. Once a human spammer realises you've added captcha he'll come and have a look to see how easy it is to circumvent (very easy in my case). However after running a test personally he'll see there's no point and (hopefully) remove you from his list of sites to spam.

    Hope that helps anyone reading this...

Recent investments will yield a slight profit.

Working...