nCircle.com >> 360 Security >> Sync

« The Security Trickle Down Effect | Main | Do Your Vendors Have Information Security That's Aaa Good? »

Free Lunch :: ReCAPTCHA

Product Information


 Name: ReCAPTCHA
Website: http://recaptcha.net/
Category: Stopping the Bots
Date: 10-Sep-07

(This is part of a regular series where I discuss free information security products, tools, methodologies, hardware, etc. For a description of this column and to read other Free Lunch menus, check out the category archive)

The onslaught of bots and spammers gave birth to a new tool to differentiate human from android. Alan Turing would be proud to see just how much technology we have devised. One such technology is that of the CAPTCHA - it's the text and numbers graphic we need to input in order to sign up for a service or make a comment at a blog. ReCAPTCHA takes this technology to solve more than one problem.

On May 24th 2007, Carnegie Mellon announced a new method to improve its methods of transforming written text into its digitized form. ReCAPTCHA's motto "Stop Spam. Read Books", describes it best. The idea is simple and elegant. Using the familiar CAPTCHA system, it presents the user both a known and unknown CAPTCHA graphic. The user, not knowing which is which, enters the text for both. If the user correctly solves the CAPTCHA then the CMU system gives a high probability to the letters in the unknown picture. While digital scanners and OCR have advanced, there are still cases where humans are needed to translate graphics into text. ReCAPTCHA is one method to solve this problem.

Besides helping out the CMU book digitization project, ReCAPTCHA has a unique technical upside - nothing is stored on your server. Many of the existing CAPTCHA systems require a server-side process to generate and store graphics. Instead ReCAPTCHA uses a public/private key system with client-server architecture to track challenges and tokens.

Product Rating

Features:
Ease of Use:
Documentation:
Community:
Overall:

Overall, ReCAPTCHA is an interesting implementation of CAPTCHA systems. While its use may not be directly apparent in your security architecture, consider using it anywhere you want to increase the likelihood of there being a human at the other side of the conversation. nCircle recently implemented ReCAPTCHA on our blog and I'd recommend others to do the same.
Enjoy the free lunch.

Additional Resources

What is CAPTCHA how does ReCAPTCHA work

ReCAPTCHA API documentation

ReCAPTCHA and CMU Press Release


Tags:

Posted by Andrew Storms on September 10, 2007 12:37 PM |

TrackBack

TrackBack URL for this entry:
http://blog.ncircle.com/cgi-bin/mt-tb.cgi/245

Comments (1)

ds:

http://www.eweek.com/article2/0,1759,2210445,00.asp

The opposition is always more clever than we are.

Posted by ds | November 19, 2007 1:30 PM

Posted on November 19, 2007 13:30

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Verification (needed to reduce spam):

Search


About

This page contains a single entry from the blog posted on September 10, 2007 12:37 PM.

The previous post in this blog was The Security Trickle Down Effect.

The next post in this blog is Do Your Vendors Have Information Security That's Aaa Good?.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type 3.35