Next-Generation CAPTCHA Exploits the Semantic Gap 327
captcha_fun writes "Researchers at Penn State have developed a patent-pending image-based CAPTCHA technology for next-generation computer authentication. A user is asked to pass two tests: (1) click the geometric center of an image within a composite image, and (2) annotate an image using a word selected from a list. These images shown to the users have fake colors, textures, and edges, based on a sequence of randomly-generated parameters. Computer vision and recognition algorithms, such as alipr, rely on original colors, textures, and shapes in order to interpret the semantic content of an image. Because of the endowed power of imagination, even without the correct color, texture, and shape information, humans can still pass the tests with ease. Until computers can 'imagine' what is missing from an image, robotic programs will be unable to pass these tests. The system is called IMAGINATION and you can try it out." This sounds promising given how broken current CAPTCHA technology is.
Alternative... (Score:5, Informative)
Test site slashdotted... (Score:4, Informative)
Comment removed (Score:1, Informative)
The real solution to captcha is OpenID. (Score:2, Informative)
Illogical (Score:1, Informative)
Re:Too hard. (Score:2, Informative)
Re:Blind people? (Score:5, Informative)
Re:This is where it falls apart... (Score:2, Informative)
It's been threatened and talked about before, all it needs is something "unbreakable" like this to actually make it happen.
Re:Alternative... (Score:1, Informative)
Re:Blind people? (Score:3, Informative)
This is not true, I once worked for a genius of an architect at a very large organisation - he was blind and told me that the web had opened up whole new avenues of access to research material that was not available as braille from the library etc. he used to clatter away on a braille 'screen' accessing google and so on.
I've said it on slashdot a few times, but I had to change a large banking authentication system in the UK from using CAPTCHA because the RNIB basically said that any large UK company using CAPTCHA would be taken to court (or the front page of the Daily Express - not sure which is worse) if an accessible alternative to CAPTCHA was not provided on the same page at no cost or hassle to the user. The Disability Discrimination Act states that 'reasonable measures' have to be taken to provide for visually impaired users, however, the RNIB has a very strong powerbase in the UK and have will fight an applicationthat has only CAPTCHA - of course, if you provide an alternative, what will the crackers use?
visual impairedness is more common than you think. many people are not registered blind, like my dad with his 19" screen and nose marks against it, doesn't call himself blind.
its been slammed by slashdot (Score:2, Informative)
-----------
SERVER TOO BUSY
Because of the [snip]exposure on slashdot today, we experienced an unexpected number of users. The service can be temporarily down from time to time. We will be back online when the load is lower. For more information about the project, go to the project Website, read an earlier publication on this project, or contact Prof. James Wang by email at jwang at ist.psu.edu .
-- Thanks, the IMAGINATION team.
April 23, 2008
-------------
Re:Blind people? (Score:5, Informative)
1. Strip links from messages. The spammers are trying to game Google's (and other search engine's) page ranking, and they can't do this if you don't allow them to post links. The incentive to spam your site has now gone.
2. Insert some primitive captcha. In my case this was just a question asking the user to add 2 small numbers together. The reason this step was necessary was because despite implementing step 1, I was still getting a huge amount of automated spam from spam bots which didn't realise there was no point in spamming my site. Once a human spammer realises you've added captcha he'll come and have a look to see how easy it is to circumvent (very easy in my case). However after running a test personally he'll see there's no point and (hopefully) remove you from his list of sites to spam.
Hope that helps anyone reading this...