It’s been getting harder to prove you’re a human online in recent years. The squiggly letters known as CAPTCHAs that protect websites against spam software have got more distorted, as the software has got better at reading them.
That was why I thought it worth noting when NuCaptcha launched its video CAPTCHAs, which are easier for humans but still secure and have been adopted by sites including Groupon. Now researchers at Stanford suggest they, too will have to become more cryptic.
Elie Bursztein led the research, and explains on his blog how he designed software that compared multiple frames from NuCaptcha’s videos to spot and decode the jiggling letters needed to enter a site protected by a NuCaptcha puzzle. Video CAPTCHAs require the use of techniques not used against the puzzles before to isolate the puzzle amongst everything else in the footage, says Bursztein. But once software has located the string, but also provide multiple copies of the same puzzle, which makes it easier to solve. He reports that software that identifies video frames showing the CAPTCHA then goes back to the video to track the movement of the letters to accurately isolate them for recognition can beat NuCaptcha with close to 100 percent accuracy.
In response (full statement here), NuCaptcha have pointed out that their software tracks computers that solves their puzzles and serves up more complex versions than Bursztein cracked to very active solvers, which may be attackers. However, Bursztein says those harder versions pose little extra difficulty to his methods.
Fortunately, Bursztein also suggests that tweaks could make video CAPTCHAs even more secure than regular ones. If decoy objects designed to confuse video processing algorithms were added then CAPTCHA-cracking bots would not be able to tell which object needed decoding to beat the puzzle. Whether those designs also make it harder for humans to solve the puzzles is another matter.
Given the gradual increase in the proportion of CAPTCHAs that I need more than one attempt to solve, I’m not optimistic.
Five poems about the mind
Work reinvented: Tech will drive the office evolution
As organizations navigate a new world of hybrid work, tech innovation will be crucial for employee connection and collaboration.
I taught myself to lucid dream. You can too.
We still don’t know much about the experience of being aware that you’re dreaming—but a few researchers think it could help us find out more about how the brain works.
Is everything in the world a little bit conscious?
The idea that consciousness is widespread is attractive to many for intellectual and, perhaps, also emotional
reasons. But can it be tested? Surprisingly, perhaps it can.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.