While reading with interest a couple of posts about Microsoft Live Mail and Google GMail security being penetrated, I also saw another interesting articles on CAPTCHA.
By the way CAPTCHA stands for “Completely Automated Program to Tell Computers and Humans Apart”. A bit of a mouthful but basically its those really annoying images that show you a word and you have to enter that word into a box.
It always amuses me how much faith we put in computing now. things are so complex that it really is next to impossible to keep everything in your head. And people are very creative. What makes these recent attacks so interesting isn’t so much the fact that wiggly characters are being scanned and processed as OCR technology has been around for ages, but that people are actually shocked by the fact that has gone on, and more importantly that MAJOR players like Microsoft and GMail are completely unready for this.
What makes these little images so magical is that the human brain is substantially more powerful than a computer. The amount of information we take in though our eyes, process, and then attach meaning to is phenomenal, and it is this ‘trick’ that enables a human to ‘filter out’ all of the wiggle and noise. There is obviously a fine line between making it completely illegible and it being easy to crack, but then what are you protecting. Whatever gets onto a prime website will always be attacked.
Do what the face-book dude did… start small, and then sell it to Microsoft for 250 million.