Those that have had too much to drink, are safe from morning embarrassments.
A group of boffins from Carnegie Mellon University is proposing that inkblot-style patterns form the basis of a system to replace CAPTHCAs, and is offering an open challenge to see how well it works. While the CAPTCHA has been successful in preventing some forms of attack, such as comment-spam on Web forums, CAPTCHA-protected …
Those that have had too much to drink, are safe from morning embarrassments.
Oh dear, I think I must be a robot ... I couldn't make any sense of any of the patterns shown.
Hint: it's all about sex!
I can see Miley Cyrus's tits but the rest of it is meaningless to me.
"I can see Miley Cyrus's tits"
No doubt, but that's no good as an authentication scheme.
Everybody can see Miley Cyrus's tits.
Use blotches of tomato and brown sauce instead.
I see... a clown?
Either I'm a natural comedian, or have suppressed memories of being raped by a guy with a squeaky nose as a kid. Not sure which.
Is your clown upside-down and ahem, 'kissing' a lamb? Just asking because I see two bees trying to land on the same flower. Yeah, that's it, bees and a flower.
The one with mind bleach in the pocket.
I like what you did there, but more correctly it should be "birds and bees". We all know what male viewers see when looking at a Rohrschach blob, but there is no way to say that, politely, in a public forum.
"I like what you did there, but more correctly it should be "birds and bees"."
I remember when my parents sat me down and gave me the talk about the birds and the bees. I didn't believe them because, well, wouldn't the bees sting the birds?
Paris. She knows about the birds and the bees.
If they make them all so brightly colored, I expect "a clown" will be a very common answer.
Dead thread on the forum this morning, lock icon over its topic. This website is afraid of me. I have seen its true face. The pages are extended comment sections, and the comment sections are full of flames, and when the moderators finally get sick of it, all the trolls will get banned. The accumulated filth of their rage and hatred will flood from their monitors and all the kiddies and neckbeards will look up and shout "Let us in!"... and I'll whisper "access denied".
I don't think this will work. The thing behind CAPTCHAs is defeating bulk access by restricting access to people capable of working their way through something less-than-programmatic, like a distorted picture. The big thing the GOTCHA doesn't do, it seems, is CHECK the initial response against anything reasonable.
So if a machine encounters a GOTCHA for the first time, what's to stop it from putting down a bunch of gibberish like "correct horse battery staple" and simply remembering what it used for the next time it sees the blot (quite easy with the right technique)? Even if the system checks for grammar, you could easily construct a "mad lib" type of system ("I see <NOUN> with <NOUN> and <NOUN>).
Indeed. Worse yet, I see mentions of "username" and "password" as the first thing there - what the...? The whole point of a Captcha is to "authenticate" an *unidentified* user as "at least not a computer" - registered / logged in users are never supposed to see Captchas...
I think you've misunderstood what it's for. It seems to be a replacement for "think of a question you'd like to be asked when you want your password reset" - Mother's maiden name or similar. You supply your set of tags for the image when you generate your password, and they show you the same image again when you want to retrieve/reset your password. You have to come up with (some of?) the same tags.
So although it's something used at account generation, it's not used by the server to verify that whoever is registering is a person - I guess you'd still need a CAPTCHA for that.
I think you've misunderstood what it's for. It seems to be a replacement for "think of a question you'd like to be asked when you want your password reset"
The problem is that the article specifically says that the GOTCHAs are supposed to replace CAPTCHAs. But the technology, as described, seems incapable of doing so.
That'd be lovely, plz to tell this to the cretins at yahoomail who seem to think that 25 addresses is "too many". Which wouldn't really be a problem if the darned thing actually worked, you know, let me send after typing the characters multiple times.
Given that they all have mirror symmetry about the vertical centre, as do humans and our faces, and since human eyes/brains are very good at finding and recognising faces; it's to be expected that people will 'see' clowns and other anthropomorphic things. Maybe a few butterfiles as well.
I tried to imagine what a butter-file might look like. Now I feel dirty...
Imagine dancing the tango, late at night, in Paris. I'll stand back while you take it from there.
Rather than 'here's a distorted bunch of text, try to guess what it says' - you have 'here's a distorted picture, try to remember what you thought this was the last time you looked at it 3 months ago'.
Cue everyone needing a password reset anyway?
"I see spots."
"Have you seen a doctor?"
"No, just the spots."
Thank you. I'm here all week, etc etc.
What about those who are colourblind? Being unable to see red and its shades is enough to stop someone from becoming an electrician so how do these so called boffins(sorry idiots) expect those people to be able to use this POS???
Yes, I'm one of those afflicted.
In this case, color is only used for uniqueness, not as a distinguishing trait. IOW, a colorblind person may something different, but it's still useable to them because the color doesn't HAVE to factor in.
Ask humans to recognise shapes and I expect the top answers would still be butterfly, bird, vase, balloon etc.
I think a far better challenge would be something like e.g. - "do these in reverse order - click on the wet dog, click on the happy cat", "click on the shape under the red square and then the shape to the right of that". Use context, spatial arrangements, emotions etc, to produce a sentence that a human could follow but a computer would have great trouble with.
I still don't see how a computer couldn't figure it out. It's just a matter of two levels of pattern recognition, and since the CAPTCHAs normally have to be made by computer in order to get out the desired level of randomness, patterns WILL emerge that a computer can exploit.
"Do these in reverse order" - Should be easy enough for a computer to recognize the word "reverse". Even if you tried a scrambled-number order combined with reverse and the occasional, "DO NOT DO THIS STEP" at the end or directional cues like "under" or "to the right", a system with enough training should be able to pick out all these gotchas. Language isn't a big stumbling block anymore as this is the first step towards decent machine translation (while while not perfect is still improving considerably over some years ago). Same for the pictures. It shouldn't be too difficult to tag a certain image (even if rotated or flipped) with "wet dog" and "happy cat".
The flaws are so numerous!
Although I'd probably be happier if they had this on the Google account login page. Google's CAPTCHA is almost impossible to read. And it pops up after like the 3rd failed drunken login attempt. I even tried the audio version once and I wondered how the Google employees thought ANYONE could understand it.
CAPTCHA is OK I guess, just Google's implementation of it is ridiculous.
You get a captcha? I get a "input your cellphone number" no other options. And since it'll be a cold day in hell before Google gets my cellphone number, I go through a google account a week.
All audio CAPTCHA I have encountered are terrible. I occasionally try the audio when a site uses a ridiculously scrambled CAPTCHA, and invariably the audio is unintelligible as well. So I end up or going elsewhere if there is an alternative, or refreshing the CAPTCHA until it finally throws up a readable one if it's a site I have to use.
Actually, I also get Google pestering me for my mobile phone number occasionally, although I've also noticed that way down at the bottom of the page, in tiny type so they'll hope you miss it, is a link reading "no, thanks".
But, yeah, seriously, cold day in Hell.
My pattern recognition circuits must be busted, I can't see anything in those Rohrschachs.
It's the grumpy faun from Pan's Labyrinth wearing clown make-up.
Is clearly Buddha sitting under aa branch of the Bodhi tree, with birds flocking 'round.
I see a devil-clown with horns coming out of its eyes now, but I'm not sure I'd see a devil clown with horns coming out of its eyes next time.
This is not quite exactly the same problem as "what did I pretend my mum's maiden name was when I was asked 3 years ago?"
can I put "leaky marker" on all of them?
The least you could have done is put a NSFW tag on the story, so we wouldn't bring up an image that disgusting on our work computers.
I don't think dong that is even legal. ;)
All I can see in that pattern is a clown being buggered by the horned beast thing on the cover of Donnie Darko.
... that's a horse with a hat on.
- William Shatner in Airplane II
"Of course, if a user failed the challenge, the system would merely generate a new password, as would be the case today."
That seems to imply that if you get it right then you can get into your account without a password reset, which suggests they will tell you your old password, which means the passwords are being stored in plaintext or using reversible encryption, in which case there are probably one or two other things they should be fixing before messing around with ink blots.
Keypic remove completely the concept of captcha