[geeklog-devel] Breaking Captchas with Trojans

Dirk Haun dirk at haun-online.de
Mon Oct 29 17:04:37 EDT 2007

Oliver Spiesshofer wrote:

>Any thoughts on this? I do not think that there is anything one can do 
>against that.

You should have attended my Webspam presentation[1]. I've argued that
spam protection currently relies too much on CAPTCHAs which will be
broken pretty soon anyway, due to the advances in OCR to fight email
spam. You know, those emails where the spam is hidden in an attached
image - and in order to bypass regular OCR software, the text is often
skewed or otherwise distorted, pretty much like a CAPTCHA text.

Attacks like this trojan will be the exception for now, but the end of
CAPTCHAs is nigh - and then we have a real problem on our hands.

bye, Dirk

[1] <http://www.geeklog.net/filemgmt/index.php?id=873>


More information about the geeklog-devel mailing list