Have you ever wondered what black, twisted mind dreamed up the abomination that is Captcha? Have you ever questioned what stygian depths spawned this horrible anti-spam measure- and why, for the love of all that is right and good, it has to be so illegible? That question occurred to me the other day, actually- so I decided to do a bit of research.
We’ll start with a very brief history of the technology.
The first use of anything similar to CAPTCHA was way back in 1997, when search platform Alta-Vista sought a means of blocking automated URL submission to their engine. See, while the ability to submit URLs to the organization was definitely helping them broaden their horizons and enhance their searches, there were plenty of unscrupulous individuals who tossed together bots designed to simply spam their servers with URLs- an underhanded effort to skew the engine’s ranking algorithms in their favor.
Alta Vista’s chief scientist, Andrei Broder, believed he came up with a solution, by developing an algorithm that randomly generated an image of printed text- the earliest instance of the CAPTCHA tech. The algorithm was perfected by researchers at Carnegie Mellon in 2000, who termed the technology CAPTCHA, short for Completely Automated Public Turing Test to tell Computers and Humans Apart. Yeah…acronyms weren’t really their thing.
Anyway, computers were unable to recognize it, but humans were still perfectly capable of reading the message and typing it in. The technology quickly caught on, and in short order, spread across the Internet. A patent was issued to Broder and his team in April 2001.
It was a pretty lethal blow in the arms race between professional programmers and spam agents- for the time being.
See- and here’s the reason why modern CAPTCHAS are so often illegible and nigh-impossible to read- it didn’t take long for spammers to figure out a way to circumvent the technology. Many of them simply brute-forced their way past weak security in order to get in, but many of them worked out even smarter spambots, which were capable of character recognition within the images.
Nobody said spammers were stupid- quite the contrary, the best of them are every bit as smart as the brightest professionals.
Once again, Carnegie Mellon University delivered, coming up with a new technology known as GIMPY CAPTCHA, which now slightly deformed and distorted the words, often rendering them against odd backgrounds. It worked by nabbing a selection of random words from the dictionary- the user had to identify at least a few of them correctly in order to pass the test and get wherever they were trying to go.
By this point, computers were actually more adept at recognizing single characters than humans.
Once again, the technology eventually proved ineffective, as applications were fairly quickly developed which allowed computers to ‘segment’ the images into parts, recognize individual characters, and piece them together into words. The arms race escalated once again, and modern CAPTCHA- the oft-unreadable gobbledygook we see most commonly- was born. This form of CAPTCHA used high levels of distortion, crowded the characters together, and generally made them extremely difficult to both read and segment.
Other Forms of CAPTCHA
Graphical CAPTCHAs aren’t the only form of spam protection that exist out there- they’re simply the most common (and most irritating). There are audio captions (which are often distorted to counteract audio recognition programs), text questions that computers aren’t yet able to understand( ie. “One of these words does potato belong”), and even PiCAPTCHAs, which present a user with a series of images and tell them to click on them in a particular sequence.
Unfortunately, even these forms of CAPTCHA aren’t unbreakable, and we’ve started to see a trend of spammers making use of other human beings to solve the problems for them. Sometimes, they’re ‘digital sweatshop workers,’ forced to sit hunched over a computer keying out solutions to CAPTCHA problems so these spammers can add them to their database.
Ocassionally, though, they might well be unwitting dupes, such as the poor fools who unwittingly increased the spammer’s arsenal because they wanted free porn.
We’ve not yet found a solution to this avenue of attack- and we may well never find one.
Anyway, there you have it. A brief history behind the headache-inducing squiggly lines on your computer screen.
The PCMech.com weekly newsletter has been running strong for over 8 years. Sign up to get tech news, updates and exclusive content - right in your inbox. Also get (several) free gifts.