Second Generation Microsoft, Google, And Pick The Cat Captchas Broken

[tansqrx 0]

A CAPTCHA cracking company called Xrumer (botmaster.net) is claiming to have broken the latest Microsoft CATPCHA and the Google CAPTCHA (https://it.slashdot.org/story/08/10/02/1415205/now-googles-captcha-is-broken) (https://it.slashdot.org/story/08/10/01/2243241/spammers-targeting-microsofts-revised-captcha).

[turbopowerdmaxsteel 0]

By Pick the Cat, do you mean the one used by Rapidshare? Although, they don't seem to be using Captcha anymore. Also, Google's captcha has been quite difficult to recognize, even for a human. If they have managed to crack these, then I guess, Yahoo's Chat Room captcha would have been done with, long ago; considering how simple it looked.

[tansqrx 0]

Yes, pick the cat is what Rapidshare used to use (https://www.geeksaresexy.net/2008/04/24/rapidshare-captcha-will-drive-you-crazy/). I have to say that being able to pick the cat is beyond most humans so having a computer doing it is quite impressive. Yahoo’s CAPTCHA has been “broken” since January of this year where broken is about a 35% success rate. The 35% may seem low but when you are sending spam or using a computer, 35% is more than enough to accomplish your goal.Apparently using Xrumer is not free because you have to buy a service agreement for $450 or so dollars. The upside is that you get free online customer support. The downside is that the people using the service will try to recoup their investment.

[Arbitrary 0]

Yes, pick the cat is what Rapidshare used to use (https://www.geeksaresexy.net/2008/04/24/rapidshare-captcha-will-drive-you-crazy/). I have to say that being able to pick the cat is beyond most humans so having a computer doing it is quite impressive. Yahooâs CAPTCHA has been âbrokenâ since January of this year where broken is about a 35% success rate. The 35% may seem low but when you are sending spam or using a computer, 35% is more than enough to accomplish your goal.

Actually, I think this fact proves the failure of captchas. If a captcha is beyond most humans but breakable by a computer, then it hasn't really done anything to filter in the humans and out the bots. Instead, ironically, it's filtering in the bots and out the humans. That really defeats the purpose of having a captcha. You won't prevent spam; you'll attract it and prevent legitimate users from accessing the site.
Now, I can't really think of any better solution to this, but certainly the captcha solution isn't working nearly as well as advertised. Yahoo's captcha has indeed been broken for a while.

[wutske 0]

Breaking captcha's is just a matter of tweaking an OCR engine, if you check out the list of recognizeable captcha's you cleary recognize the most common types. Recognize the type, load a tweaked OCR engine and off you go .
Don't know how they cracked the cutest cat captcha, they must have spend quite some time in an object recognitioning algorithm, but it's probably worthless if you use other images/subjects

[tansqrx 0]

I have to say that they shouldn’t get rid of the CAPTHCA just yet. Yes it may be broken but it at least it keeps out the script kiddies. As it stands now, a programmer still has to go through some considerable effort to implement a fully operational and automated CAPTCHA cracker. If you don’t have the programming skills then you will have to pay the non-trivial amount to a third party to do the programming for you. While this does not stop even a moderately motivated spammer or hacker, it will stop almost all of the 13 year olds trying to “hack” Yahoo! If anything this removes some of the low hanging fruit from the people not willing to reach up and pick it.