CAPTCHA: Telling Humans and Computers Apart AutomaticallyA CAPTCHA is a program that protects websites against bots by generating and grading tests that humans can pass but current computer programs cannot. For example, humans can read distorted text but current computer programs can't:
The term CAPTCHA (for Completely Automated Public Turing Test To Tell Computers and Humans Apart) was coined in 2000 by Luis von Ahn, Manuel Blum, Nicholas Hopper and John Langford of Carnegie Mellon University.
Applications of CAPTCHAs
CAPTCHAs have several applications for practical security, including (but not limited to):
· Preventing Comment Spam in Blogs. Most bloggers are familiar with programs that submit bogus comments, usually for the purpose of raising search engine ranks of some website (e.g., "buy penny stocks here"). This is called comment spam. By using a CAPTCHA, only humans can enter comments on a blog. There is no need to make users sign up before they enter a comment, and no legitimate comments are ever lost!
· Protecting Website Registration. Several companies (Yahoo!, Microsoft, etc.) offer free email services. Up until a few years ago, most of these services suffered from a specific type of attack: "bots" that would sign up for thousands of email accounts every minute. The solution to this problem was to use CAPTCHAs to ensure that only humans obtain free accounts. In general, free services should be protected with a CAPTCHA in order to prevent abuse by automated scripts.
· Protecting Email Addresses From Scrapers. Spammers crawl the Web in search of email addresses posted in clear text. CAPTCHAs provide an effective mechanism to hide your email address from Web scrapers. The idea is to require users to solve a CAPTCHA before showing your email address. A free and secure implementation that uses CAPTCHAs to obfuscate an email address can be found at reCAPTCHA MailHide.
· Online Polls. In November 1999, http://www.slashdot.org released an online poll asking which was the best graduate school in computer science (a dangerous question to ask over the web!). As is the case with most online polls, IP addresses of voters were recorded in order to prevent single users from voting more than once. However, students at Carnegie Mellon found a way to stuff the ballots using programs that voted for CMU thousands of times. CMU's score started growing rapidly. The next day, students at MIT wrote their own program and the poll became a contest between voting "bots." MIT finished with 21,156 votes, Carnegie Mellon with 21,032 and every other school with less than 1,000. Can the result of any online poll be trusted? Not unless the poll ensures that only humans can vote.
· Preventing Dictionary Attacks. CAPTCHAs can also be used to prevent dictionary attacks in password systems. The idea is simple: prevent a computer from being able to iterate through the entire space of passwords by requiring it to solve a CAPTCHA after a certain number of unsuccessful logins. This is better than the classic approach of locking an account after a sequence of unsuccessful logins, since doing so allows an attacker to lock accounts at will.
· Search Engine Bots. It is sometimes desirable to keep webpages unindexed to prevent others from finding them easily. There is an html tag to prevent search engine bots from reading web pages. The tag, however, doesn't guarantee that bots won't read a web page; it only serves to say "no bots, please." Search engine bots, since they usually belong to large companies, respect web pages that don't want to allow them in. However, in order to truly guarantee that bots won't enter a web site, CAPTCHAs are needed.
· Worms and Spam. CAPTCHAs also offer a plausible solution against email worms and spam: "I will only accept an email if I know there is a human behind the other computer." A few companies are already marketing this idea.
Guidelines
If your website needs protection from abuse, it is recommended that you use a CAPTCHA. There are many CAPTCHA implementations, some better than others. The following guidelines are strongly recommended for any CAPTCHA code:
· Accessibility. CAPTCHAs must be accessible. CAPTCHAs based solely on reading text — or other visual-perception tasks — prevent visually impaired users from accessing the protected resource. Such CAPTCHAs may make a site incompatible with Section 508 in the United States. Any implementation of a CAPTCHA should allow blind users to get around the barrier, for example, by permitting users to opt for an audio or sound CAPTCHA.
· Image Security. CAPTCHA images of text should be distorted randomly before being presented to the user. Many implementations of CAPTCHAs use undistorted text, or text with only minor distortions. These implementations are vulnerable to simple automated attacks.
· Script Security. Building a secure CAPTCHA code is not easy. In addition to making the images unreadable by computers, the system should ensure that there are no easy ways around it at the script level. Common examples of insecurities in this respect include: (1) Systems that pass the answer to the CAPTCHA in plain text as part of the web form. (2) Systems where a solution to the same CAPTCHA can be used multiple times (this makes the CAPTCHA vulnerable to so-called "replay attacks"). Most CAPTCHA scripts found freely on the Web are vulnerable to these types of attacks.
· Security Even After Wide-Spread Adoption. There are various "CAPTCHAs" that would be insecure if a significant number of sites started using them. An example of such a puzzle is asking text-based questions, such as a mathematical question ("what is 1+1"). Since a parser could easily be written that would allow bots to bypass this test, such "CAPTCHAs" rely on the fact that few sites use them, and thus that a bot author has no incentive to program their bot to solve that challenge. True CAPTCHAs should be secure even after a significant number of websites adopt them.
· Should I Make My Own CAPTCHA? In general, making your own CAPTCHA script (e.g., using PHP, Perl or .Net) is a bad idea, as there are many failure modes. We recommend that you use a well-tested implementation such as reCAPTCHA.
The "Pornography Attack" is Not a Concern
It is sometimes rumored that spammers are using pornographic sites to solve CAPTCHAs: the CAPTCHA images are sent to a porn site, and the porn site users are asked to solve the CAPTCHA before being able to see a pornographic image. This is not a security concern for CAPTCHAs. While it might be the case that some spammers use porn sites to attack CAPTCHAs, the amount of damage this can inflict is tiny (so tiny that we haven't even noticed a dent!). Whereas it is trivial to write a bot that abuses an unprotected site millions of times a day, redirecting CAPTCHAs to be solved by humans viewing pornography would only allow spammers to abuse systems a few thousand times per day. The economics of this attack just don't add up: every time a porn site shows a CAPTCHA before a porn image, they risk losing a customer to another site that doesn't do this.
Advancing Artificial Intelligence
CAPTCHA tests are based on open problems in artificial intelligence (AI): decoding images of distorted text, for instance, is well beyond the capabilities of modern computers. Therefore, CAPTCHAs also offer well-defined challenges for the AI community, and induce security researchers, as well as otherwise malicious programmers, to work on advancing the field of AI. CAPTCHAs are thus a win-win situation: either a CAPTCHA is not broken and there is a way to differentiate humans from computers, or the CAPTCHA is broken and an AI problem is solved.
About business and Software
1. Is this official software from servers ?
o The answer is no, no any official software from site, there is always option for you to not use software and use browser instead.
2. will I get banned using software ?
o If you are using the software with correctly and typing without timeout problem, you wont be banned.
o Make sure you have all the requirement , and stabile Internet Connection.
3. Software said "login failed" what to do ?
o Check your firewall setting or your antivirus setting, make sure your firewall or your antivirus allow software to send or receive stream.
4. Will I get charge if any update in software ?
o all our softwares are free update and for life time
5. Will you give return if your software not match my computer ?
o you can always try the sofware by your self before purchasing, but we dont give refund.
6. I heard some provider said these are fake software ?
o ask the person which said these are fake softwares to make customization on their software if they can. We try doing fair bussiness here, not jungle bussiness :)
7. Are your bussiness scam ?
o We always do good customer maintenance and relationship, we have thousands of customers around the worlds and no any negative feed back we get until now.
o if you want proof, we can give you view about how many still using our soft everyday !!
Client Problems And Their Solution
CLIENT
Captcha Job
ONLINE JOB FOR CAPTCHA ENTRY
This job comes an image and type this image only and type good 1000 captcha entry. But you are not paid by typing bad captcha entry's. Bad captcha entry payment is out. Type this image and click keyboard button "ENTER" or click "SUBMIT" and you have done you task. If over this time then captcha will have refresh and come in new captcha image.
Clients
We know your needs and provide solutions to all types of data entry projects.
We have experience and expertise to handle large volumes of data entry jobs. We took up the census cum electoral data with around 167 million data records in record time.
Client satisfaction is our prime goal. We guarantee high quality data entry solutions with 99.9% accuracy. We are using all data entry entry system, cross check and auditing to ensure the best accuracy and timely completion of the assignments. Our widely growing network of members is our strength who make us commited for delivering the best quality services.
DATA ENTRY JOBS FOR MEMBERS
Join us and try our data entry jobs a few hours per day. You can work from home doing part time jobs like data entry jobs, form filling jobs, data processing jobs, etc.
Most of our members earn big through our referral program only. We provide training on how to refer the members. Simply refer other members and get paid. This is amongst the best part time jobs available online. You will see your earnings increasing month after month with very little efforts. Yes, It is that easy and you can start earning in the next few minutes with our data entry jobs. There is no limit how much one can earn; The more you work the more you will earn.
0 comments:
Post a Comment