I manage few online forums that use reCAPTCHA to limit the number of spammy registrations and comments. Lately, I noticed the increase of spam. I was confused about on how these bots could by pass reCAPTCHA. After searching the matter, I realized i wasn't the only one suffering and the only valid explanation is: reCAPTCHA have been compromised. I'm kind of disappointed of reCAPTCHA & Google. I'm sure I'm not the only one! Stop spam, read books (about how to crack recaptcha) and you will win! Also, this is an interesting write up about the matter.
CAPTCHA cannot be cracked. Crackers can only be more successful at interpreting the captcha word image. The article you link to states the "new" version, without a word separating space, is weaker and that crackers are getting better at interpreting it. Captcha can't be cracked cause there's nothing to crack and trying to blame Google for this makes no sense whatsoever.
It's a Google product, of course its the one to blame not apple. Also what you jut said makes no sense, if they managed to crack recaptcha image, then they just cracked recpatcha. I'm telling this from personal experience, My forums got hammered by spam registrations which lead me to change the method of verification from reaptcha to Questions & Answers.. and it seems working fine now. Also if you read some of the comments below the article, you will notice that i'm not the only one confirming this.
I have a program that will send googles captcha to a data center where they solve it and send the links back to me. It's not cracking it, just using programs in a smart way to solve it. I can have one solved about every 8 seconds. I don't use mine to spam websites, I use it for something different. I would imagine someone is using a similar program to spam sites.
I also wonder how these spammer bots can get through different forums with CAPTCHAS. Yes it seems to be an achievement for the makers but please, they are not funny. Spams everywhere are so annoying! Especially those posts without sense at all.
Ok. i will change the title to reCAPTCHA is "OWNED". It doesn't really matter if it's done with an algorithm (cracking) or simply by breaking a visual CAPTCHA . The bottom line is the results and not the How-TOs.. As now it's just not working and defeat the whole concept: stop spam, read books!
I gave up on CAPTCHA a long time ago. The nature of the beast is that no matter what spam technique is blocked, it works only as long as spammers can't find a work around. Eventually they do. IMO as a visitor, CAPTCHA is so ridiculous these days I won't use sites with it, unless I really need what's on the other side. For website developers, there's a good thread on alternative solutions here: http://forums.digitalpoint.com/showthread.php?t=2033740
Captcha image reading is a very hard thing to code and it's almost impossible... I've been developing for almost 12 years now and trust me OCR systems are not the easiest code to write. My self and every one I know, are using an alternative solution to get over such troubles.. We hire other people services (HUMAN) to read/decode the captcha. By doing so, we compress the image and send it over-network 'internet' using a fairly simple API provided by them, and wait for the response with plain text. What we get is not an OCR System that can read/decode/crack captcha images (especially the ones with different fonts, spaces and special math). Instead, It's provided by PEOPLE.
Agreed with AdamFL, on the fact that recently lot of forums have reported sudden increase in spam registration including my own dental forum as well. I was also confused with 100s of spam registrations per day and searched for the reason and ended up on the same article which OP shared: http://www.allspammedup.com/2010/01/google-recaptcha-cracked/ Its the fact that spam attacks have increased to unbelievable extent.
They really do! I am an admin to a sports forum and I ban spammers every hour I guess. They are rapidly multiplying.
Spam registrations are beyond ridiculous - I have two forums and one I stopped the majority of spammers with a challenge question, the other picks up several HUNDRED a day. The software on it is old commercial software without many anti-spam devices, and it is almost more effort than I am willing to expend to get rid of them all. Both forums have recaptcha on. I just set a question/answer custom profile field on the worst forum so I can at least mass delete any new users that don't have the right answer in there. They are less about viagra and pr0n and more about shoes, handbags, insurance, SEO, other consumer crap these days that makes me think of this forum and the horrid spammy efforts people go to to make their awful MFA sites rank #1 for some keyword carefully researched to get the most per click.
I'm glad it's confirmed by other forum admins and communities managers. I'm sure google is still denying it, but soon enough they will have no choice but to do something about it. Otherwise their acquisition of recaptcha was a total waste of money! I also hope that wasn't one of the reasons why Mr. Schmidt is leaving his CEO position. Stop Spam, Read Books! I guess those books were about how to crack recaptcha!
Wow that's a very long time. I know spam is a big business/empire and by passing captcha is and will always be a challenge and a lucrative achievement. However, if i had to choose how to spend 12 years of my life coding, I will probably pick something more exciting than trying to figure out how to spam the world with a penis enlargement pills or whatever the product is. I might be wrong but i wish i have those programming skills, I'd do much better than Zuckerberg.
reCAPTCHA is a captcha by definition (Completely Automatic Public Turing Test to Tell Computers and Humans Apart). reCAPTCHA was acquired by google on 9/16/09 for $27.8 million if not more, therefore that's their product.
One way I've found to combat spammers is to ask specific questions. I would have a system set up where it will ask a random question from a pre selected list of questions. That way the robot could never really know what it is encountering.
I do agree with AdamFL I am running a smf powered forum & i am getting 100's of bots registrations daily I tried making the registration through email activation but, it still seems worthless and i am getting a lot of spam posts daily, i am kinda fed up with these spammers i think i am going to leave captcha very soon & will switch over to question & answers for 'human verification' purpose