Intel's Ronler Acres Plant

Silicon Forest
If the type is too small, Ctrl+ is your friend

Tuesday, February 9, 2010


Word verification has gotten to be a common place requirement for commenting on blogs or posting on forums. That's where you are shown a distorted picture of a word and you have to type it in to show that you are a real live person and not some stupid computer program, i.e. a "bot", a minion of some evil advertising campaign (Buy Viagra now, cheap! You buy now!).

Yesterday I ran into a forum that used two forms of this torture. One was Recaptcha, which is a fairly common one, and a second one which only required entering the certain letter of a specified word. I thought Recaptcha was fairly impenetrable, at least for stupid little bots, so this second level of defense seemed superfluous. So I wrote to the webmaster and complained, and he assured me that they needed both devices in order to keep the spammers at bay. Huh.

I have to admit I've wondered how difficult if would be to write a program to defeat these word verification defenses. I imagine that image processing software has made tremendous strides in the last 30 years, so I suppose it's possible that some anti-social whiz kid has fallen into the clutches of an evil spam lord and delivered him a program that can pick the text out of those distorted images.

Or maybe they've found a weak spot in the word verification procedures that allow them to bypass it completely. We may be moving to network wide identification handles (OpenID, etc.) sooner than some of us expected.

Update January 2017 replaced missing image.

No comments: