Captcha's gone wild!



  • I hate captchas.

    http://www.tonsai.de/blog-english/2007/craziest-captchas-on-the-web/

     

     



  • Those are absolutely awesome. I can't read Russian (or any other language written in Cyrillic) so I am not sure what you're meant to do with that horrible equation. I would be intrigued by the intellect and maturity levels of any site that expects you to solve it to get in!



  • @Daniel Beardsmore said:

    Those are absolutely awesome. I can't read Russian (or any other language written in Cyrillic) so I am not sure what you're meant to do with that horrible equation. I would be intrigued by the intellect and maturity levels of any site that expects you to solve it to get in!

    Some service for mathematicians / other not useful for general public? Like Quantum Random Bit Generator - http://random.irb.hr/signup.php ?

    But greatest thing about Russian captcha is that there's dot noise under the equation to make it harder to read :D



  • [edit timeout = double post... :( ] 

    Strange thing is that everyone wants to have their own captcha system - especially those who have no idea what's the difficulty in reading them... Braille system - obvious. Lighter letters in the background and darker in foreground - joke. Red / white captcha - joke - noise just needs a blur pass and splitting by brightness. Images converted to letters - if someone wants to spam this server - it would be easy to write dedicated captcha breaker - they provide patterns for free. Circles / triangles - very easy to find / invert colours where needed. Mixed grey / dotted grey letters - joke.

    Seriously leave writing captcha systems to guys who know something about pattern recognition :/


  • The Braille one is spectacularly useless. After all, for whom was Braille designed, again ...?

    The mathematical one comes to ln 2, I am told, but even the person who figured it out had to think for a while, and she's a maths genius.

    I remember a captcha once that was a white text, above red and yellow flames, on a black background. Also spectacularly useless for a different reason.

    So far, I don't recall experiencing any howlers myself, just irritatingly hard to read ones that I've got wrong. I even lost a whole blog comment once, because I couldn't read the captcha so I hit Back to try again, only to find that the site's bad caching practice blew away the whole form contents and everything I'd written.



  • Actually, the Braille one was quite brilliant (and deliberately ironic). It was on a (now-defunct) blog discussing accessibility for the disabled on the Macintosh platform.

    Naturally, the ALT text for the Braille image on the original site contained a plaintext version of what the Braille said (for the record, it's "Kynn was here").

    In other words, that particular CAPTCHA was not primarily designed to keep spam out; rather, it was designed precisely to demonstrate to sighted users how frustrating CAPTCHAs are for the blind!



  • Hang on … the alt property gave away the captcha text? That's SMRT :P

    Edit … bah you added an extra paragraph since the version of your message that arrived in my inbox ;)



  • Yeah, I'm stealthy with edits like a ninja. ^_^



  • @Daniel Beardsmore said:

    The mathematical one comes to ln 2, I am told, but even the person who figured it out had to think for a while, and she's a maths genius.

     As x goes to zero, arctg of x goes to zero as well, and sin (1/x) just goes back and forth between -1 and 1 faster and faster, so it approaches zero, so the limit is indeed ln (2+0) = ln 2.
     



  • @Veinor said:

     As x goes to zero, arctg of x goes to zero as well, and sin (1/x) just goes back and forth between -1 and 1 faster and faster, so it approaches zero, so the limit is indeed ln (2+0) = ln 2.

    Mmmm... what? lim_{x->0} sin(1/x) doesn't exist - it's not 0. But it's true - lim_{x->0} (arctg x sin(1/x)) is 0.



  • @viraptor said:

    @Veinor said:

     As x goes to zero, arctg of x goes to zero as well, and sin (1/x) just goes back and forth between -1 and 1 faster and faster, so it approaches zero, so the limit is indeed ln (2+0) = ln 2.

    Mmmm... what? lim_{x->0} sin(1/x) doesn't exist - it's not 0. But it's true - lim_{x->0} (arctg x sin(1/x)) is 0.

     

    Exactly. And since the sinus one doesn't exist, it' obvious that arctg must approach 0 to make the expression useful. So it wasn't really hard at all. 



  • @viraptor said:

    Images converted to letters - if someone wants to spam this server - it would be easy to write dedicated captcha breaker - they provide patterns for free.

    Maybe the hope was that no-one wanted to spam that server specifically - that the spammers were just going trying to post to as many sites as possible.  If that's true, it could be that no human spammer ever even noticed that his bot couldn't handle that captcha, and if he did notice, he might not think it worth the effort to write something special for that one site.

    If someone [i]did[/i] want to target that particular site, though, you'd be right, of course.

    @viraptor said:

    @Veinor said:

     As x goes to zero, arctg of x goes to zero as well, and sin (1/x) just goes back and forth between -1 and 1 faster and faster, so it approaches zero, so the limit is indeed ln (2+0) = ln 2.

    Mmmm... what? lim_{x->0} sin(1/x) doesn't exist - it's not 0. But it's true - lim_{x->0} (arctg x sin(1/x)) is 0.

    I assume "it" was supposed to refer to the product.



  • @iwpg said:

    @viraptor said:

    Images
    converted to letters - if someone wants to spam this server - it would
    be easy to write dedicated captcha breaker - they provide patterns for
    free.

    Maybe the hope was that no-one wanted to spam that server specifically - that the spammers were just going trying to post to as many sites as possible.  If that's true, it could be that no human spammer ever even noticed that his bot couldn't handle that captcha, and if he did notice, he might not think it worth the effort to write something special for that one site.

    If someone [i]did[/i] want to target that particular site, though, you'd be right, of course.

    I believe that's the strategy most captchas use. The individual images are mostly relatively easy to crack from what I've heard. But the diversity of algorithms makes it difficult to write a solver that can target a profitable amount of sites at once. And no spammer got rich by spamming only one site.



  • Pfft, you call yourself a programmer, but don't know how to solve the formula one?

    Everybody knows programmers don't have to give the *right* answer, they just have to give something good enough to satisfy the needs of the clients. Someone who wants you to find that number probably needs the value for a particular practical purpose, not "just for kicks"

    So, the following Java snippet:

     Double x = 1.0;
     Double a = 0.0;
     while (x > 0.0000000000000000000000000000001)
     {
     a = Math.log(2 + Math.sqrt((Math.atan(x) * Math.sin((1/x)))));
     System.out.println(a);
     x = x / 1.1;
    }

    Allows you approximate A (the needed answer), as X approaches 0.

    Yielding the value 0.6931471805599453

    Since A is an irrational and transcendental number, you cannot express it exactly anyways, so the only way to simplify it to a decimal is to give an approximation with arbitrary precision -- here limited by the size of the Java Double, which is probably precise enough for any real-life purpose.
     



  • @PSWorx said:

    I believe that's the strategy most captchas use. The individual images are mostly relatively easy to crack from what I've heard. But the diversity of algorithms makes it difficult to write a solver that can target a profitable amount of sites at once. And no spammer got rich by spamming only one site.

    The irony is that while most captchas are easily defeated by contemporary computer vision techniques, the spammers don't bother using them. Instead, they all use the same generic solver that works for every one ever invented:

    Create a free or nearly-free porn site, or music sharing site, or anything else along those lines (with very little content in it and pathetic bandwidth). Whenever somebody logs in, fetch an image from the target server, show it to the user, and feed their response back to the target server. The user goes on into the spammer's site, with no idea what just happened. The spammer's software does whatever it wanted to do with the target server.

    It has been suggested that this method was the inspiration for Amazon's mturk.com.



  • @iwpg said:

    If someone [i]did[/i] want to target that particular site, though, you'd be right, of course.

    Some time ago I started writing captcha breakers for various sites just for fun - I've got a nice collection of them now and it didn't take THAT long really. It seems spammers are not that interested in captchas - probably something else is an easier target. Otherwise every typical forum / maillist would be filled with v1agr4 unfortunately.... There are LOTS of broken systems in the wild.

    @iwpg said:

    I assume "it" was supposed to refer to the product.

    Oh well... at least maths expressions are not ambiguous :)



  • Reverse captcha's should be fun:

                   _
            _..._   \':,
           `._..-""` ) \\
            ___/9    \ |/
           P      9     |
           \            |
            '--.       _/
                (`'---'_)
               ()`---'` \
                |        ',
                |          `'.            ,
                ;             '-._       /(
                 \            _   `'.    | \
                 | ,        .'       '.   \ `\
                 | |   ;   /           \   \  \
                 | |   |.  |            |  /  |
                 | |   | `-.\           |"`  /
               .-;.|   |  _..;._       /-..-'
              (( .-;.  | ((  _..`>    /
               `((    _/  '-((  `  .__)
          jgs    `"""`       `"--'`
    

    Question: What animal is this?

    :-p



  • Answer: a dog whose face appears to be melting.





  • Just had a flash of genius... we need a stereogram captcha! Let's see those pesky bots try and read it >:-)



  • @viraptor said:

    [edit timeout = double post... :( ] 

    Strange thing is that everyone wants to have their own captcha
    system - especially those who have no idea what's the difficulty in
    reading them... Braille system - obvious. Lighter letters in the
    background and darker in foreground - joke. Red / white captcha - joke

    • noise just needs a blur pass and splitting by brightness. Images
      converted to letters - if someone wants to spam this server - it would
      be easy to write dedicated captcha breaker - they provide patterns for
      free. Circles / triangles - very easy to find / invert colours where
      needed. Mixed grey / dotted grey letters - joke.

      Seriously leave writing captcha systems to guys who know something about pattern recognition :/

    You're absolutely right. A friend of mine made a Captcha once which used geometric shapes of various shades of grey with plain black text in the foreground, distorted a bit. He challenged me to break it with reasonable reliability, and said he'd buy me lunch if I could. I never turn down a free lunch :)

    Knowing nothing about pattern recognition or any other captcha-breaking nonsense, I set about the task. First, I filtered out everything that wasn't pure black. So much for the distortions. Then I took each letter individually, filtered out all the whitespace, and did some figurin'. I broke it up into quarters and found the proportion of whitespace to blackspace in each of them, then compared that to the amount expected (I did a few hundred tests to get the amounts for each number (did I mention it was only numbers, 0 - 9?)).

    That strategy, with a little tweaking that I don't even remember now, gave me about a 20% success rate, which was enough to win my free lunch :D



  • @viraptor said:

    @Daniel Beardsmore said:

    Those are absolutely awesome. I can't read Russian (or any other language written in Cyrillic) so I am not sure what you're meant to do with that horrible equation. I would be intrigued by the intellect and maturity levels of any site that expects you to solve it to get in!

    Some service for mathematicians / other not useful for general public? Like Quantum Random Bit Generator - http://random.irb.hr/signup.php ?

    But greatest thing about Russian captcha is that there's dot noise under the equation to make it harder to read :D

     

    Sry had to sign up to try it, but i failed at beinf sucessful



  • @rbowes said:

    Knowing nothing about pattern recognition or any other captcha-breaking nonsense [...] I broke it up into quarters and found the proportion of whitespace to blackspace in each of them, then compared that to the amount expected

    Kudos to you! It's not rocket science, right? But not many people would think about it like that :) If you are .NET guy and want to improve that idea in the future, try http://www.cdrnet.net/projects/neuro/ - it does fine job on either 2d (has general class for that) or arbitrary pattern matching / learning with neural networks. Kicks most captchas' asses :)



  • @DOA said:

    Just had a flash of genius... we need a stereogram captcha! Let's see those pesky bots try and read it >:-)

     

    But what if you can't see the sailboat? 



  • @HitScan said:

    But what if you can't see the sailboat? 




    "It's a schooner!"



  • @HitScan said:

    @DOA said:

    Just had a flash of genius... we need a stereogram captcha! Let's see those pesky bots try and read it >:-)

     

    But what if you can't see the sailboat? 

     

    Sometimes you have to make sacrifices in the name of science!
     



  • @Daniel Beardsmore said:

    So far, I don't recall experiencing any howlers myself, just irritatingly hard to read ones that I've got wrong. I even lost a whole blog comment once, because I couldn't read the captcha so I hit Back to try again, only to find that the site's bad caching practice blew away the whole form contents and everything I'd written.

    Same thing with me. I hate captchas that are too obfuscated to actually read!

    I'm not even sure whether they actually work either, i.e. my blog doesn't have a captcha but Akismet catches pretty much all the spam that goes through, and it doesn't annoy anyone who wants to make a comment!



  • @SQB said:

    @HitScan said:

    But what if you can't see the sailboat?




    "It's a schooner!"

    Haha, you totally stole my response!



  • Well apparently that captcha is for Akademgorodok forums, Akademgorodok being kind of scientific city in/near Novosibirsk, so that math is quite understandable and most people logging onto those forums will be able to understand that captcha.

    Curiously I can't find it on the forums now, but the forum software looks different now too.

    btw, the text on left of image reads "Protection from automatic registration" and text above box says "Insert answer", it's your standard forum software.

    Also that screenshot is horrible. Had to invert colours and turn up contrast before I could read some of text, and I'm normally good at reading low-contrast-difference text.





  • I cannot find a link to it now, but I remember some guy "invented" the following: add some form fields and make them invisible, with CSS or whatever. Spambots will try to fill or change them, humans won't even see them. This may fail here and there (due to extra smart bots, or extra smart people who disable CSS to mention a few) but the idea sounds good.





  • @merphle said:

    Evil: http://learnwpf.com/Captcha.ashx?txt=҈҉

    A captcha that no one can read except bots! Amazing! 


Log in to reply