Microsoft's CAPTCHA Successfully Cracked
Filed in archive Spam News on May 31, 2008
Researchers at the School of Computing Science, Newcastle University, Englandm, have announced they've successfully cracked Microsoft's CAPTCHA system, which is used on services like Windows Live and Hotmail. The researchers claim an amazing 92% recognition rate. Here is a summary of the paper they published on their study:
In this paper, we analyse the security of a text-based CAPTCHA designed by Microsoft and deployed for years at many of their online services including Hotmail, MSN and Windows Live. This scheme was designed to be segmentation-resistant, and it has been well studied and tuned by its designers over the years. However, our simple attack has achieved a segmentation success rate of higher than 90% against this scheme. It took ~80 ms for our attack to completely segment a challenge on a desktop computer with a 1.86 GHz Intel Core 2 CPU and 2 GB RAM. As a result, we estimate that this Microsoft scheme can be broken with an overall (segmentation and then recognition) success rate of more than 60%. On the contrary, its design goal was that "automatic scripts should not be more successful than 1 in 10,000″ attempts (i.e. a success rate of 0.01%). For the first time, we show that a CAPTCHA that is carefully designed to be segmentation-resistant is vulnerable to novel but simple attacks. Our results show that it is not a trivial task to design a CAPTCHA scheme that is both usable and robust.
This is not the first time a CAPTCHA system has been cracked. Both Google and Yahoo have had their systems breached as well. This latest successful crack is just another sure sign that CAPTCHA's time is done and a better system is sorely needed!
Permalink: Microsoft's CAPTCHA Successfully Cracked
Tags: spam antispam spammers CAPTCHA microsoft phishing internet security captcha successfully+cracked
Vote for Microsoft's CAPTCHA Successfully Cracked:
|
Rating: 7.00 out of 1 vote(s) cast.
|
| RSS | |
|
| |
| Yahoo! |
|
| Addthis |
|
| Bloglines |
|
| Follow us on Twitter! |
Most Popular
Announcements
Anti-Spam Tools
Archival Tools
Best of
Did you know
Events
Fight!
Information about
Malware
Misc
Phishing
Security measures
Spam
Spam News
Spyware

