Are CAPTCHAs Doomed?
April 9th, 2009 by ComputerBob
Anyone who’s ever provided interactive services on their web site has had to deal with web site security on one or more levels.
Either through trying to prevent the world’s spammers, scammers and other cybercriminals and sociopaths from filling a web site’s forums and guestbook and blog and other interactive services with thousands of advertisements and viruses and other malware — or through trying to clean up and salvage what’s left of a web site after it has been ravaged by the aforementioned criminals.
For the past several years, CAPTCHAs have been the most popular method to secure interactive services on web sites — to try to “let in” the good guys while “keeping out” the bad guys.
If you’ve ever registered for any online services, you’ve probably used and been confounded by your share of CAPTCHAs.
Unfortunately, the bad guys keep figuring out how to get past CAPTCHAs to do their dirty work, so CAPTCHAs have had to constantly get more and more difficult to “crack.”
Unfortunately, the more difficult a CAPTCHA becomes, the greater the chance that it will frustrate and prevent legitimate users from using a web site’s interactive services.
I’m interested in the theory of how and why CAPTCHAs work, but I’m not at all interested in the technical processes and programming that goes into making them do their jobs.
That’s why I like a piece called Why the CAPTCHA Approach Is Doomed. It lays out the opinion that CAPTCHAs are not a good security solution, and then opens the discussion up to Slashdot’s readers, who add their own interesting and thought-provoking opinions to the mix.
Permalink:
http://www.computerbob.com/wp/are-captchas-doomed.php
Tags:
Cybercrime, Internet, Security, Web Development