Spammers being aided by under-sexed teenagers
Mikey 8 comments
The influence of porn knows no bounds. A new method designed by spammers to beat CAPTCHA (CompletelyAutomatedPublicTuring test to tell Computers and HumansApart) has surfaced with worrying results.
You know those drunken alpha numeric sequences a lot of web sites ask you to decipher before you can login, post a message or access your bank details? That's CAPTCHA, the necessary evil used to prevent spam bots from doing all sorts of nasty things.
Well, it looks like spammers have found a unique way of beating CAPTCHA, and like a lot of things on the Internet it shouldn't surprise anyone that it involves porn.
Spammers have created a virtual stripper (Melissa) who removes items of clothing one at a time for users who solve CAPTCHAs. These CAPTCHAs are of course being pulled from legitimate services, and being solved by real people. Melissa doesn't completely fulfil her promise though, and restarts before anyone can get to 2nd (3rd?) base, which means the users keep trying (solving more CAPTCHAs) in a misguided attempt to get her completely naked, and help the spammers at the same time.
As much as I hate spammers and everything they stand for, I nod in their general direction for what I say is a creative work of genius.
That said, death to all spammers.
Unfortunately, spammers will always find a way to spam...
Rodney
Monday 5th November 2007 | 09:41 PMCouldn't you work around this, with CAPTCH?
For example: set the CAPTCHA to only allow 15 seconds to solve - probably not enough time to provide to someone else and get a response.
Maybe inspect the IP of the listening responder and embed the IP of the client machine in the code of the image. That way, if the image is served up elsewhere, it will be different? Tricky to get the image to be based on IP rather than a random generated image code, though, I'll admit.
Captcha's bad enough without enforcing a time fame, which could easily be missed while you are distracted doing something else.
The only solution I can think of right now is a small identifier in the Captcha image itself. Something like:
...which looks completely out of context on any other site except MSN Passport, and should by all means raise suspicions when presented on any other site. It's not perfect but it's a good start.
andrew
Monday 5th November 2007 | 10:47 PMyep some clever people out there.........
Kline
Wednesday 7th November 2007 | 09:41 PMWhere there's pR0n, there's a way. I might add you idea Mikey isn't to far short of genius too.
Rodney
Wednesday 7th November 2007 | 10:51 PMThe problem with the CAPTCHA saying "this belongs to MSN" etc, is... the people wanting to see porn don't care. It could say "it's illegal to continue" but they're still going to if there's a chance of boobies...
Which is freakin' weird, when you think how easy it is to find them online without having to solve a CAPTCHA.
Franken
Monday 5th November 2007 | 08:06 PMI'll admit that's clever.