CAPTCHA video defeat

Monkey Archive Forums/Digital Discussion/CAPTCHA video defeat

degac(Posted 2012) [#1]

I was reading this news about the (new) violation on the Captcha system, and I got an idea to 'resolve' the problem about this security system.

The idea is quite simple.
Create a mini game (like this old game for example, with less tiles of course) in HTML5.
If the user resolves the game, pass granted, otherwise nothing.
Maybe with a timer.

And Monkey is the right tool, in my opinion.
(I must register the idea...)
Any ideas?

Floyd(Posted 2012) [#2]
Captcha seems to have gotten less obnoxiously difficult in recent months. I don't know how secure it is and don't really care. That's the site administrator's problem.

Any replacement should stump the bots while being trivially easy for humans. A game/puzzle, no matter how easy, seems like overkill.

I recently visited a site that used a text box containing hundreds of random alphanumeric characters. I had to copy and paste to another box to get access. That was trivial for me. But I've met many people who don't know how to copy and paste.

benmc(Posted 2012) [#3]
@degac I think it's a terrific idea.

The perfect game for this might be the classic "which cup is the ball under" game.

All three cups are up. It shows you which cup the ball is under. It slowly shuffles the cups. You pick the one with the ball and you are through.

It would take a lot for a bot to crack, and it would be easy and fun for someone to do for the captcha.

I also do websites, and clients are asking me often to remove reCaptcha from their sites because the words are becoming ridiculously hard to figure out.

Something like this would be a beautiful alternative.

degac(Posted 2012) [#4]
@benmc: glad to see you like the idea

@floyd: the 'game' idea can be replaced with something less overkill, maybe a 'slide to unlock' version of iOS or 'connect the points'; everythig you need is a 'human interaction' with mouse and non so easy (for today standards) simulable by a computer.


Paul - Taiphoz(Posted 2012) [#5]
the cup idea is a bad one, it would only stop 2 thirds of the bots, and 1 third would still get through, the bots would simply pick option 1 all the time.

A better idea would be something that used a little AI so that the outcome cannot be predicted, nor giving a generic answer provide a decent entry number.

Floyd(Posted 2012) [#6]
maybe a 'slide to unlock'

It never occurred to me before but that's a sliding block puzzle with one block. And I see those all the time on my phone for things like turning an alarm on or off.

Soap(Posted 2012) [#7]
They are to stop bots not humans... to be effective you would need your game to be entirely server based (otherwise the bot would skip the game and just say win=true), and even then bots could be written to beat your game. WoW has bots, match 3 games have bots. Even abstract games could and would have bots if it was profitable for someone to write them.

The best anti-bot system is one which is custom to a site (like asking simple domain specific knowledge based questions on sign up) and then hope your own site doesn't become the explicit target of spammers.

benmc(Posted 2012) [#8]
@Taiphoz I still think the cup idea would work, at least for a while. The bot would have to exist first, and I don't think you'd type in the cup number, you'd actually have to click it, so there could be some randomness added to the game so a bot couldn't just click the same spot over and over again.

Another idea might be 9 squares of a chess board, and it places the King and a Rook somewhere on the board, and you have to put the king in check to move on :)

degac(Posted 2012) [#9]


therevills(Posted 2012) [#10]
LOL! Hope you sent it your patent on time ;)