Jump to content
xisto Community
tansqrx

Captchas + Yahoo! Chat = No Bots (for Now)

Recommended Posts

Just in case you haven’t been keeping up with Yahoo! Chat, it looks like a new sheriff is in town (http://forums.xisto.com/no_longer_exists/). Just before the Labor Day weekend Yahoo! started making users enter a captcha before they could enter a chat room. This could possibly mean that the chat rooms will be bot free for the time being.My first impression of the system was not that bad. I logged in with Yahelite and was quickly prompted to enter the captcha in a separate dialogue box. I do have to admit that the process did get very tedious as you have to enter the captcha every single time you change rooms. This is very hard on me because I tend to change rooms almost every minute. I have also noted that the captchas are getting longer. This is most likely to make it harder for captcha guessing program to work.My impressions of the new system quickly went down hill once I tried to chat from the official Messenger client. Instead of a dialogue box, a hyperlink appears. The link opens your default web browser where you are then presented with the image and a space to enter the text. The soon became way too bothersome and I reverted back to Yahelite.The last comment on this new scheme is one of bot evolution. The captcha for chat is brand new and thus the bot writers have not had time to catch up. As I have discussed before, there are already programs that can correctly guess the captcha more than 95% of the time. It is only a matter of time before these technologies are adapted to chat bots once again. Even if the majority of bots do adapt, the less programming adept writers will be left out and thus few bots will be in the rooms, even in the long run.

Share this post


Link to post
Share on other sites

Guess it was only a matter of time before they pushed the image verification for this. Most online forums have this feature already and it does help decrease the amount of spammers.I'm sure there are ways for spambots to read those letters in the image verification, but if Yahoo can obscure the image even more it will probably be more effective. I have seen some where the letters are heavily distorted with tiny thread-like images in the background (like the watermark in checks).

Share this post


Link to post
Share on other sites

This was long overdue as Yahoo! seemed to have abandoned the chat completely. Changing the captcha frequently (like Rapidshare does) will ensure bot programs have a hard time spamming the rooms. One interesting captcha I saw was where the user had to type in the result of a simple arithmetic calulation depicted by the Captcha. However, this will only help prevent room cycler bots. The spammers can still have their dirty bots inside a room. I don't know how many bot programs have been adapted to the changes, but I am certainly not going to update mine.Even if, its just for now, this move by Yahoo! is for the better.

Share this post


Link to post
Share on other sites

The future development of Yahoo Responder Bot, one of the best Yahoo! chat bots has also been terminated. The developer cited that he would not be able to outrace Yahoo's captcha protection mechanism, especially if it changes frequently. From what I saw back at his forum, the spammers are ready to pay him any amount of money, even on a daily basis, if only he would continue the development. I wonder why they are so desperate to spam around. The way Yahoo! chat has been for the last couple of months, the bots are only going to spam each other. Surely, there are better ways to cash in!

Share this post


Link to post
Share on other sites

Yea---the botting still continues---1 guy in room politics 7 known as 1313---has over 42 names in the room---even after all the yahoo updating and captchas updating---1 name per ip is still the only way to stop spammers----yahoo still does not get it-----I wish they would listen to us on how to fix the bot problem once and for all ----but its yahoo and its free----Tony

Share this post


Link to post
Share on other sites

They cannot apply the one IP per username restriction, because quite a few people share the same IP address. Even adsense acknowledges this fact and is therefore (to some extent) lenient on self clicks.Regarding the captchas, well they can always be entered by a human. Some are even resorting to hiring cheap labour to periodically key in the captchas from a remote location.The thing is, its very hard to absolutely curb the activity of the bots, if not impossible. Yahoo might change the chat login code, but the other clients can also adapt to this by logging yahoo's network activity.

Share this post


Link to post
Share on other sites

Well just to let everyone know, if you do get that CAPTCHA cracking code don’t forget to tell me about it. It’s only a matter of time before a developer releases it. I understand that it’s good to keep it away from spammers but I can think of several less sleazy ways to use it.

Share this post


Link to post
Share on other sites

It's a good thing they make it harder for bots, but they shouldn't make it harder for people. I sometimes get annoyed by these captchas because even I can't enter them correctly :rolleyes: . A more efficient way of using captchas is to let people recognise objects or to select the right image. This technique has been used already, people have to select the photo with a cat out of 9 different images.A lot more easy and almost impossible to crack.

Share this post


Link to post
Share on other sites

they also have it even for the yahoo email! its annoying really, every time i send an email i have to type in the code.at least their image works! i cant signup to vbulletin forums for some reason cos the verification images dont load, its annoying.yahoo did have a nice idea though, it stops spammers and spam bots from going round annoying people.

Share this post


Link to post
Share on other sites

The problem with image based systems is there are only a finite number of images to choose from. Let’s say I created the above example with nine images and I had to pick the cat. In order to break the code I would download every single image on the system, I will assume 1000 images in this case. I then make a MD5 hash of the images so I can accurately determine the image displayed. I take a long afternoon and enter what the image is into a lookup table. To create an automatic system I then go to the CAPTCHA page and see what it wants, a cow for example. I then download the nine images presented to me and use the lookup table to find the cow. I submit the answer with the cow and the system is broken. Even if the system has a million images, the foundation for this hack is the same and can eventually be broken.To me the most annoying part of requiring a CAPTCHA to get into chat is the implementation. When using the official Messenger client you have to click a hyperlink and an external web browser is opened with the link. This adds at least 5-10 seconds to get into a room. YahElite on the other hand has an image browser built in so it displays the code in a new window without having to open your web browser. I was extremely surprised to find that the latest beta of Messenger 9 still has to have a web browser. It looks like this would have been one of the first things they fixed.

Share this post


Link to post
Share on other sites

Yahoo chat rooms are, always have been, and always will be a complete waste of time with their lack of moderation capabilities. There will always be spammers and otherwise generally obnoxious people because there's no simple way to get rid of them. The best you can hope for is to change rooms, in which event you'll encounter new spammers.The system is completely broken, so I avoid it like the plague. Never did have an intelligent conversation with anyone in one of those damn rooms.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.