May 252014

Over 60% of all visitors to the average website are non-human. Many of these are automatic spam robots. These so called bots post comments with links and nonsensical content to increase ranking in search engines or  harvest information to aid personalized advertising .

To stop these annoying automated posting and information harvesting machines, many websites today require their visitors to identify letters and characters in an image. The assumption is that only humans can identify these correctly. Unfortunately this is not true anymore.

Automatic CAPTCHA plugins appear convenient. What is the downside?

CAPTCHA image verification. A convenient browser plugin could do this for you – but do you want to pay the price for that? Do you want to help spammers? Do you want to make live easier for humans or for robots?

The service provided by e.g. the browser plugin Rumola proves beyond doubt that robots can now do the same in about 95% of all images (CAPTCHA image verification) shown. As a consequence the images we need to deal with become more and more difficult.

Here are some reasons outlining the downside of automatic CAPTCHA plugins:

  • the few good captures that cannot yet be solved by robots are forwarded to the programmers by thousands of internet users voluntarily. This is an incredibly effective way for the spammers to further improve their code breaking software
  • when the robots can solve even our best spam barriers, websites will need to make registration even harder

It may well be that the makers of Rumola or any competitors do not use or sell their crowd sourse supported  program for spamming. However, we do not know this for sure. The company may be bought. Management may be replaced by more evil (or greedy) people.  The code breaking mechanisms could be stolen or revealed by an employee.

It is strange that these plugins are commended so often  (e.g. here) without mentioning the negative implications. Of course, the death of CAPTCHA may not be a bad thing. A different (better) anti spam protection may emerge.


Keywords: deception, spam, security, downside of automatic CAPTCHA plugins, Rumola



 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>