Speakers: Chad Houck, Jason Lee
Due to the prevalence of spammers on the internet CAPTCHAs have become a necessary security measure. Without a CAPTCHA in place a system is incapable of knowing whether a human or an automated computer is executing a request. Currently one of the most widely implemented versions of this system is Google's reCAPTCHA due to its robustness thus far. This paper illustrates techniques to defeat this system which has been trusted to secure websites such as Twitter, Facebook, Craigslist, and many others, as well as methods to secure it further. The efficacy of the techniques outlined herein is at a very conservative figure of ten percent, which is more than enough for an applicable exploitation of the system.
For presentations, whitepapers or audio version of the Defcon 18 presentations visit: http://defcon.org/html/links/dc-archi...
Watch video DEFCON 18: Decoding reCAPTCHA 1/3 online without registration, duration hours minute second in high quality. This video was added by user Christiaan008 04 October 2010, don't forget to share it with your friends and acquaintances, it has been viewed on our site 1,70 once and liked it people.