Interesting People mailing list archives
Gone in 60 seconds: Spambot cracks Live Hotmail CAPTCHA
From: David Farber <dave () farber net>
Date: Mon, 5 May 2008 10:39:41 -0400
Begin forwarded message: From: Monty Solomon <monty () roscom com> Date: April 16, 2008 8:05:12 AM EDT To: undisclosed-recipient:; Subject: Gone in 60 seconds: Spambot cracks Live Hotmail CAPTCHA Gone in 60 seconds: Spambot cracks Live Hotmail CAPTCHA By Emil Protalinski | Published: April 15, 2008 - 09:13AM CT Internet users are quite familiar with the Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA), a quick method that verifies whether or not the user trying to sign up is a person or a bot. A picture with swirled, mangled, or otherwise distorted characters is displayed and the user then types in the correct letters or numbers. Thus far, the system has worked well to slow down malicious bots, but recently the groups behind such software have made significant strides. A security firm is now reporting that the CAPTCHA used for Windows Live Mail can now be cracked in as little as 60 seconds. Back in early February, a group cracked Windows Live Hotmail's CAPTCHA. A few weeks later, Gmail's version followed suit. In just over a month's time, some anti-spam vendors were forced to completely block the domain for the popular service as bots signed up for thousands of bogus accounts and began to flood the tubes with e-mail advertisements for lottery tickets and watches. The close proximity of the two cracks has done everything but sealed CAPTCHA's fate. To make matters worse, Websense Security Labs is now reporting that the method for getting around Windows Live Mail's CAPTCHA has been improved to the point that a bot can decipher the text and make a guess in less than six seconds, on average. Windows Live Hotmail's Anti-CAPTCHA automatic bot, which hooks itself into Internet Explorer on a victim's machine, has a success rate of about 10-15 percent. That means that it takes up to one minute for a single bot to create a new account. ... http://arstechnica.com/news.ars/post/20080415-gone-in-60-seconds-spambot-cracks-livehotmail-captcha.html ------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Gone in 60 seconds: Spambot cracks Live Hotmail CAPTCHA David Farber (May 05)