Solve media and their solution, CAPTCHA advertisements, provide a very simple, but effective solution to both drive bots out and generate revenue from advertisements.
 |
| Credit: Solve media. Blurred advertising. |
But bots can still solve text-based capture challenges... We know this from the expanding field of Optical Character Recognition (OCR) and from Google's own artificial network designed to recognize house numbers:
- "To test the algorithm, Google also let it loose on its own reCAPTCHA puzzles. There, it is 99.8 percent accurate on the hardest reCAPTCHA puzzle" - Google’s New Street View Image Recognition Algorithm Can Beat Most CAPTCHAs - Techcrunch
- "Turns out that this new algorithm can also be used to read CAPTCHA puzzles—we found that it can decipher the hardest distorted text puzzles from reCAPTCHA with over 99% accuracy." - Street View and reCAPTCHA technology just got smarter - Google Online Security Blog
- "With this model, we are able to achieve a 99.8% accuracy on transcribing the hardest reCAPTCHA puzzle." - Multi-digit Number Recognition from Street View Imagery using Deep Convolutional Neural Networks - Scientific Paper
I mean. If computers can solve this with 99% accuracy:
 |
| Can you solve this? From the "Multi-digit Number Recognition from Street View Imagery using Deep Convolutional Neural Networks" paper |
Then something is going wrong in terms of sorting computers from humans...
So, continuing from a project I started a year ago, I opted for a more practical solution. Instead of a crackable and exceedingly complicated text challenges, why not ask questions, or use puzzles as a bot-detection technique?
So, not, its not about questioning about the pixels that make up a few characters. Its about asking tangible questions with actual answers.
This technique uses a few fancy algorithms to ensure that data is as difficult to bruteforce by a computer as possible, using scrypt to expand the bit combinations, and SHA-256 (which can be changed at any time or removed entirely [where only the scrypt result sent and checked]). Confirmation also takes time, due to the nature of scrypt, which makes it the perfect algorithm to prevent bruteforcing of the server for a valid key to be issued...
Of course, a human can still work out a way to store all of the randomly outputted sequence, reverse engineer the code and figure out what is happening on a primitive level in order to brute-force this technique, but that's when having the message delivered in text is now delivered as an image... Sort of like a hybrid between CAPTCHA and my solution. Which involves both OCR and sentence parsing... Which we can all do...
Sure, the implementation isn't perfect, but you can shoot me an email here: http://www.extramaster.net/email/