11.4.08

CAPTCHAs broken? Few thoughts

After this post about the break of Google CAPTCHAs by Justin Mason, the prestigious author of Spam Assassin, it was clear enough for me that CAPTCHAs had been broken by human beings (in other words, they had not been broken at all).

Now there are evidences of spammers hiring persons at India for solving CAPTCHAs by hand, in order to register email account used for sending spam. So I must rethink it: CAPTCHAS have been actually broken, if there is a cost-efficient method for solving them. And paying a few $$$ a day for solving hundreds of them is quite efficient. Jeremy Jaynes, a convict spammer, was spending $50.000 a month in sending spam (and getting upto $750.000 a month). If much less is not cost-efficient, please tell whit is it.

The next generation of Search Engine Spam, no doubt it will use human farms to post links in blogs and blog comments to promote Web pages :-(