Submitted by guest contributor Austin Webberley
If you’ve ever wanted to post a comment to a blog or registered a new email, you’ve surely encountered the dreaded distorted text that is CAPTCHA.
These tests, while sometimes obnoxious to solve, are in place to prevent any unwanted “bots” from getting into parts of the Internet that they shouldn’t be in. If not for security like CAPTCHA, these bots (which are simply bits of code that carry out instructions automatically) can create hundreds of email accounts while sending from them, post spam in the comments section of hundreds of websites, take part in online voting polls, and more. In short, CAPTCHA is a great security feature of the Internet.
Or at least it was.
Enter Google. As a background, Google purchased CAPTCHA in 2009, refined it, and renamed it reCAPTCHA. Also, Google Maps had integrated “Street View” back in 2007; a feature that allowed the user to navigate through any street they wanted to as if they were driving down the street themselves.
To improve the accuracy of navigation for Google Maps, developers had been working on an algorithm to use images from Street View to read the address numbers on buildings. The idea is that this would tell Google Maps users exactly where their destination is, and once it was completed it had around a 90% success rate.
While Google was celebrating their new achievement, a lone developer wondered how their algorithm would fare when tested against reCAPTCHA. As it turned out, the algorithm came back with a 99.8% success rate for solving reCAPTCHA tests. While this accidental discovery was a success, it simultaneously made reCAPTCHA outdated.
It may not be widely known, but this isn’t the first time reCAPTCHA has been “broken.” Vicarious, a tech company devoted to creating human-like artificial intelligence, claimed to have had success rates of cracking reCAPTCHA’s back in October, 2013. Fortunately both of these deciphering algorithms are kept under lock and key for now, but if anyone does get control of them, reCAPTCHA and other similar tests will be completely obsolete, letting spammers have their way with comment sections and email accounts.
Google is looking into new human verification tests that haven’t yet been broken by bots. Currently there are two other options at which they are looking. The first, Squigl-Pix, presents the user with three images and tell them to draw around one of the images. The other is Esp-Pix, which gives the user a set of images and asks them to type what category they fall into such as bird, plane, weather, etc. Expect a new security measure like one of these to become “the new reCAPTCHA,” at least until Google figures out how to break it, themselves.