Over 60% of all visitors to the average website are non-human. Many of these are automatic spam robots. These so called bots post comments with links and nonsensical content to increase ranking in search engines or harvest information to aid personalized advertising .
To stop these annoying automated posting and information harvesting machines, many websites today require their visitors to identify letters and characters in an image. The assumption is that only humans can identify these correctly. Unfortunately this is not true anymore.
The service provided by e.g. the browser plugin Rumola proves beyond doubt that robots can now do the same in about 95% of all images (CAPTCHA image verification) shown. As a consequence the images we need to deal with become more and more difficult.
Here are some reasons outlining the downside of automatic CAPTCHA plugins:
- the few good captures that cannot yet be solved by robots are forwarded to the programmers by thousands of internet users voluntarily. This is an incredibly effective way for the spammers to further improve their code breaking software
- when the robots can solve even our best spam barriers, websites will need to make registration even harder
It may well be that the makers of Rumola or any competitors do not use or sell their crowd sourse supported program for spamming. However, we do not know this for sure. The company may be bought. Management may be replaced by more evil (or greedy) people. The code breaking mechanisms could be stolen or revealed by an employee.
It is strange that these plugins are commended so often (e.g. here) without mentioning the negative implications. Of course, the death of CAPTCHA may not be a bad thing. A different (better) anti spam protection may emerge.
Keywords: deception, spam, security, downside of automatic CAPTCHA plugins, Rumola