[cryptography] CAPTCHA as a Security System?

Sampo Syreeni decoy at iki.fi
Mon Jan 2 15:59:06 EST 2012

On 2012-01-02, Marcus Brinkmann wrote:

> My personal experience with CAPTCHAs is that they are increasingly 
> hard to decipher for humans.  Has the scale already tipped over in 
> favor of computer programs?

On this one I'm not ready to take any sides, but I'd like to remind you, 
too, that a given form of CAPTCHA, as in its success or failure, is not 
a measure of how the overarching principle behind such validation can do 
at best. Instead it's a measure of how well somebody out there was able 
to capture the essence of the methodology. There, it's pretty much 
equivalent to how well any single designer can capture the essence of 
biometrics (which by extension include all of your cognitive, unusual 
computational capabilities as well).

Those things aren't being captured too well, as you can see from the 
contrary, hacker side: http://cvdazzle.com/ .

> Computer programs today are limited by attention of experts 
> (programmers, researchers).  What does "hard for computer programs" 
> actually mean then?

Pretty much anything where Fourier-like methods don't apply, I think.
Sampo Syreeni, aka decoy - decoy at iki.fi, http://decoy.iki.fi/front
+358-50-5756111, 025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2

More information about the cryptography mailing list