sciencehabit writes "Computer scientists have developed a program, called reCAPTCHA, which is being used in lieu of CAPTCHA by several sites, to help digitize old books and newspapers. The reCAPTCHA takes entries from old and faded texts that optical scanners and digital-text readers have trouble with. So every time you solve that string of crooked letters, you may actually be helping historians digitally reconstruct a page from the 1908 New York Times." The Science Now story links to the longer and more informative article at Ars Technica. (We last mentioned this program last year — and now it's good to get some sense of how well it's working.)
Ticketmaster and other sites have already been doing this for a while. Go to ticketmaster and search for tickets, you'll see two words. One is known and the other is unknown. If you don't believe me, try to guess which one they know and misspell the other one on purpose (or don't, this is for historic posterity =) )
So is the US Patent and Trademark Office, as part of the process of using PAIR [uspto.gov], the Patent Application Information Retrieval system, which lets the public look at information about patent applications that have been published.
Do they really? From what I was able to tell, it's not specified as reCAPTCHA anywhere in the window; having looked at the reCAPTCHA site from a development side I could swear that I read that you needed to give credit if developing a custom style for it. Either I'm remembering wrong, they've got a deal, or FB is undergoing one of the stupidest TOS violations ever.
When showing reCAPTCHA to the user, is it possible not to show the reCAPTCHA logo? We allow you to customize the theme of reCAPTCHA with our Client API. You are still required to have text on your website which states that you are using reCAPTCHA, however with our theming API, you are free to do this in a way that blends in to your site.
Do they really? From what I was able to tell, it's not specified as reCAPTCHA anywhere in the window; having looked at the reCAPTCHA site from a development side I could swear that I read that you needed to give credit if developing a custom style for it. Either I'm remembering wrong, they've got a deal, or FB is undergoing one of the stupidest TOS violations ever.
They do give attribution to reCAPTCHA. You have to click on "What's this?"
This is a standard security test that we use to prevent spammers from creating fake accounts and spamming users.
Our captchas are provided by ReCaptcha
Quoting from the NPR story [npr.org] which aired earlier today:
more than 40,000 Web sites -- including popular ones such as Ticketmaster, Facebook and Craigslist -- are using a new kind of security program called reCAPTCHA.
Quoting from the NPR story [npr.org] which aired earlier today:
more than 40,000 Web sites -- including popular ones such as Ticketmaster, Facebook and Craigslist -- are using a new kind of security program called reCAPTCHA.
That's scary. The way ReCaptcha works allows the reCaptcha server to collect the IPs of reCaptcha users (along with the reCaptcha-enabled website they are using). If many websites are using reCaptcha, it allows to track users as they are moving through the web, from one reCaptcha-enabled website to the next.
The idea is cute, but the implementation is fundamentally broken and a huge breach of privacy.
by Anonymous Coward
on Thursday August 14 2008, @08:16PM (#24609359)
I can usually tell which of the two words is from a real old text. With high probability (>90%) I can correctly answer the real CAPTCHA and replace someone's OCR'd word with "penis".
I've only ever done this maybe ten or twenty times, but it could easily become an automatic part of using the system.
The thing is, they're often actually both from old texts. It's just that one of them has already been verified.
And TFA states that they do pass every word by multiple people so as to get more accuracy in what they say. I have little doubt that they're well acquainted with people who try spoofing them.
Since they use entries from several users to validate correct translations for OCR'ed text, this probably won't cause them major problems. OTOH, I wonder if they can track the accuracy of each user's inputs and, if it becomes evident that a user is either incompetent or attempting to screw with the system, take appropriate measures.
When someone's karma starts dropping into the negative range, they should let us know how well this worked out. If anyone can see their posts, that is.
The New York Times is already online from 1851 onwards. the concept is cool, truly, but why not CAPTCHA something not already accomplished? Oh, I know. That was, like, a metaphor, right?
I am almost certain that it is not all there in its entirety. There are bits that are not online specifically because of OCR errors. That is going to be true with any large volume of OCRed text.
Yeah I was kinda wondering about that too, but from a different perspective... I mean: "So every time you solve that string of crooked letters, you may actually be helping historians digitally reconstruct a page from the 1908 New York Times."
What the hell is the problem with people? All text is apparently on a single page from the NY Times in 1908... I mean fuck, stop the press, cause its obviously all redundant shit anyways, just keep redistributing that one page across the world!
The feature known as FADING was designed to protect copyright works from being pirated by becoming illegible before the work could fall into the public domain.
I really wish the RIAA (Rock Industry Association of the Archean eon) [wikipedia.org] would update their business model to the current Phanerozoic eon. [wikipedia.org]
a little OT I know but is anyone else having a bad time with gmail's captchas? I've tried signing up several of our customers for gmail recently and it's becoming really hard to get them right. The "audio" playback used to be the saving grace, but the last two I did it sounded like ten people were talking to me all at once with no discernible key voice. (and last I succeeded, the string to be entered was spoken in three groups, by three different voices)
I've found implementing a simple "please choose the name of the item seen bellow" eliminates a large amount of spam (all?) but has the problem of not being viable for blind people.
Right about now, I'm wondering what the implications would be for including reCAPTCHA in an open source project. (a PHP-based blog I'm working on) Right now the blog is read-only, since I have yet to build my own working CAPTCHA system and putting up an unprotected reply form is sheer idiocysince it wil lbe a whole five minutes before the spam bots find it. My project is GPLv3, so would including ReCAPTCHA cause me some sort of licensing problem?
It's Easy. reCAPTCHA is a Web service. As such, adopting it is as simple as adding 4 lines of code on your site. For many applications and programming languages such as Wordpress and PHP we also have easy-to-install plugins available. We generate and check the distorted images, so you don't need to run costly image generation programs.
There are multiple libraries for reCAPTCHA already published, all under the MIT License. Just see http://code.google.com/p/recaptcha/ [google.com] for a list of them.
How are they able to tell if I've accurately solved an unknown. If the word is "Yesterday" and I enter "Fucktard", not only will the society get some very wrong data, but I'll also have passed the CAPTCHA without entering the actual letters.
You get two captchas. One is your standard, let's find out if you're human captcha, where the program knows the answer. The other is the scanned text. It also presents the same scanned text to many people, and then uses the results to figure out which one is the most likely correct result.
That slashdot's Goatse troll server guy proves useful.
Note: This is not a troll. One of the guys that offers open web services to slashdot trolls is also responsible for considerable development of CAPTCHA breakage and is an eminent Debian developer. This is why I've said that we should respect his efforts despite the unpleasant side effects. The truly brilliant we should grant exceptions from social behavior because they discover things more proper folk would not.
How is being responsible for CAPTCHA breakage useful?
Look, just because the guy who more or less invented both trolling and automated trolling is an eminent UNIX guru and textbook author that doesn't mean his trolling on net.suicide was any less disgusting. I was appalled at the people who laughed along with Pike when he revealed that he was behind Bimmler and Shaney. This kind of thing is just not acceptable no matter who you are.
When solving these I sometimes find that there's more than one possibility for an illegible word, yet I can't tell which it is without knowing the context.
For example, in some fonts "cost" and "cast" might be indistinguishable in the image shown. But given the context of the sentence it's trivial for a human to tell the difference.
Suppose that they found these words on which people disagreed and had another captcha system which showed the full sentence. I'd guess they could improve their accuracy significantly in this case. Since they could prescreen for ambiguous words using the current captcha system, even if fewer people were willing to solve the "large" captcha, they would still get all the solutions they needed.
why don't they just use whatever software is used by the crackers to bombard us with spam email to go through all of these books are whatever speed they're capable of. If compromised PCs can send tens of thousands of fake emails, why not just set a few up to figure out these words/
How much worse is this than trusting users to correctly identify the text? I ask because I honestly don't know the succcess rate of the automated system.
The authors also tested software designed to crack CAPTCHAs against images created using reCAPTCHA, and found that they failed completely. The authors ascribe this to the fact that the letters in scanned images contain distortions that are not the result of a clean mathematical transformation. User response times were also measured, but there were no significant differences between the time it took users to handle traditional systems and that required to use reCAPTCHA.
You can also use reCaptcha for your own email address, and be more willing to provide it "publicly" since they'd have to answer the reCaptcha to get to the mailto... reCaptcha mailhide [recaptcha.net]
The software presents one optically unreadable word and one "control" CAPTCHA word. Getting the control word right identifies the user as a human, and the program records his or her response to the unreadable word and adds it to a database.
So, there is the real CAPTCHA, and another reCAPTCHA.
Not new (Score:4, Informative)
Re: (Score:3, Informative)
So is the US Patent and Trademark Office, as part of the process of using PAIR [uspto.gov], the Patent Application Information Retrieval system, which lets the public look at information about patent applications that have been published.
Re: (Score:3, Funny)
Facebook uses reCAPTCHA. I guess you can make something useful out of the millions of useless teenagers wasting their time on Facebook.
Re:Not new (Score:5, Funny)
Facebook uses reCAPTCHA. I guess you can make something useful out of the millions of useless teenagers wasting their time on Facebook.
That's not fair.
Plenty of useless adults waste their time on Facebook.
Parent
Re: (Score:3, Informative)
Do they really? From what I was able to tell, it's not specified as reCAPTCHA anywhere in the window; having looked at the reCAPTCHA site from a development side I could swear that I read that you needed to give credit if developing a custom style for it. Either I'm remembering wrong, they've got a deal, or FB is undergoing one of the stupidest TOS violations ever.
Re:Not new (Score:4, Informative)
Parent
Re: (Score:3, Informative)
Do they really? From what I was able to tell, it's not specified as reCAPTCHA anywhere in the window; having looked at the reCAPTCHA site from a development side I could swear that I read that you needed to give credit if developing a custom style for it. Either I'm remembering wrong, they've got a deal, or FB is undergoing one of the stupidest TOS violations ever.
They do give attribution to reCAPTCHA. You have to click on "What's this?"
This is a standard security test that we use to prevent spammers from creating fake accounts and spamming users. Our captchas are provided by ReCaptcha
Re: (Score:3, Insightful)
Re:Not new (Score:4, Funny)
But you...
*sigh* ...Nevermind. It's Friday. Go have a beer or something.
Parent
Re: (Score:3, Insightful)
I would imagine that they use multiple logins to verify one word - it's not like people don't mistype captchas in the first place.
Re:Not new (Score:4, Informative)
Quoting from the NPR story [npr.org] which aired earlier today:
Parent
Re: (Score:3, Interesting)
Quoting from the NPR story [npr.org] which aired earlier today:
That's scary. The way ReCaptcha works allows the reCaptcha server to collect the IPs of reCaptcha users (along with the reCaptcha-enabled website they are using). If many websites are using reCaptcha, it allows to track users as they are moving through the web, from one reCaptcha-enabled website to the next.
The idea is cute, but the implementation is fundamentally broken and a huge breach of privacy.
Validate your data, guys! (Score:3, Funny)
I can usually tell which of the two words is from a real old text. With high probability (>90%) I can correctly answer the real CAPTCHA and replace someone's OCR'd word with "penis".
I've only ever done this maybe ten or twenty times, but it could easily become an automatic part of using the system.
Re: (Score:2)
I'm sure they send the same unknown word out to multiple people, and wait for a concensus on it.
Now, if we ALL started entering "penis" for the obvious unknown words.. :)
Re: (Score:2)
The thing is, they're often actually both from old texts. It's just that one of them has already been verified.
And TFA states that they do pass every word by multiple people so as to get more accuracy in what they say. I have little doubt that they're well acquainted with people who try spoofing them.
Re:Validate your data, guys! (Score:4, Interesting)
Since they use entries from several users to validate correct translations for OCR'ed text, this probably won't cause them major problems. OTOH, I wonder if they can track the accuracy of each user's inputs and, if it becomes evident that a user is either incompetent or attempting to screw with the system, take appropriate measures.
When someone's karma starts dropping into the negative range, they should let us know how well this worked out. If anyone can see their posts, that is.
Parent
Re: (Score:2, Funny)
I can see future generations sitting down for a good read:
MOBY COCK
Chapturd One
Call me LOLOLFAG...
Cool possible uses (Score:5, Interesting)
Man, I would love to see the results if this technique was used for an ontological [google.com] purpose.
Please type in the word from the choices below that most closely relates to this word: OLD
HISTORIC
LIFESPAN
Interesting shit indeed.
Re:Cool possible uses (Score:5, Funny)
Or perhaps SLASHDOT-READER:
OVERWEIGHT
GEEK
SPENDS-TO-MUCH-TIME-USING-COMPUTERS
ALL-OF-THE-ABOVE
I fit into the category ALL-OF-THE-ABOVE. The only generalisation that is missing about slashdotters is the one about girlfriends.
Parent
your sig (Score:2)
Re: (Score:2)
That's kinda the point moron.
Let me introduce you to the concept of context.
Re: (Score:2)
The linked page is self purporting. That's it's purpose.
If you are smart enough to see through it, you are smart enough to discredit it. In turn that makes it an example, not a message.
The problem with trying to communicate a message of the sort I link to is that the goal is to get you to scream "BULLSHIT!"
Parts apply and others don't, but they do provoke thought. Thought allows you to discard its catalyst for new ideas, but doesn't require it.
If you take the link as truth, you miss the point.
Re: (Score:3, Informative)
The point is to see what the populace thinks the relation is.
If you think google is the end all be all of absolute information then you already fail.
Huh? 1908 New York Times? (Score:3, Funny)
The New York Times is already online from 1851 onwards. the concept is cool, truly, but why not CAPTCHA something not already accomplished? Oh, I know. That was, like, a metaphor, right?
Re: (Score:3, Insightful)
Re: (Score:2)
Yeah I was kinda wondering about that too, but from a different perspective... I mean: "So every time you solve that string of crooked letters, you may actually be helping historians digitally reconstruct a page from the 1908 New York Times."
What the hell is the problem with people? All text is apparently on a single page from the NY Times in 1908... I mean fuck, stop the press, cause its obviously all redundant shit anyways, just keep redistributing that one page across the world!
DMCA Violation (Score:5, Funny)
Prior art (Score:5, Funny)
Parent
Re: (Score:3, Funny)
gmail captchas (Score:3)
a little OT I know but is anyone else having a bad time with gmail's captchas? I've tried signing up several of our customers for gmail recently and it's becoming really hard to get them right. The "audio" playback used to be the saving grace, but the last two I did it sounded like ten people were talking to me all at once with no discernible key voice. (and last I succeeded, the string to be entered was spoken in three groups, by three different voices)
Re: (Score:2)
Image Captchas (Score:4, Informative)
Re:Image Captchas (Score:5, Funny)
Just use an alt tag.
Parent
Finally logged in (Score:2, Funny)
Took me a bit to get past the new security measures, But I got a coupon 5 cents off my next shoe purchase.
reCAPTCHA and Open Source (Score:2)
Re: (Score:2)
from why reCAPTHCHA [recaptcha.net]
Word
Re:reCAPTCHA and Open Source (Score:4, Informative)
There are multiple libraries for reCAPTCHA already published, all under the MIT License. Just see http://code.google.com/p/recaptcha/ [google.com] for a list of them.
Parent
Known unknown? (Score:2)
Re: (Score:2)
RTFA.
You get two captchas. One is your standard, let's find out if you're human captcha, where the program knows the answer. The other is the scanned text. It also presents the same scanned text to many people, and then uses the results to figure out which one is the most likely correct result.
It turns out... (Score:3, Informative)
That slashdot's Goatse troll server guy proves useful.
Note: This is not a troll. One of the guys that offers open web services to slashdot trolls is also responsible for considerable development of CAPTCHA breakage and is an eminent Debian developer. This is why I've said that we should respect his efforts despite the unpleasant side effects. The truly brilliant we should grant exceptions from social behavior because they discover things more proper folk would not.
Re: (Score:3, Interesting)
How is being responsible for CAPTCHA breakage useful?
Look, just because the guy who more or less invented both trolling and automated trolling is an eminent UNIX guru and textbook author that doesn't mean his trolling on net.suicide was any less disgusting. I was appalled at the people who laughed along with Pike when he revealed that he was behind Bimmler and Shaney. This kind of thing is just not acceptable no matter who you are.
Recaptcha doesn't recapture context (Score:5, Interesting)
For example, in some fonts "cost" and "cast" might be indistinguishable in the image shown. But given the context of the sentence it's trivial for a human to tell the difference.
Suppose that they found these words on which people disagreed and had another captcha system which showed the full sentence. I'd guess they could improve their accuracy significantly in this case. Since they could prescreen for ambiguous words using the current captcha system, even if fewer people were willing to solve the "large" captcha, they would still get all the solutions they needed.
If most captchas are already cracked... (Score:2)
How much worse is this than trusting users to correctly identify the text? I ask because I honestly don't know the succcess rate of the automated system.
Re:RTFA (Score:3, Informative)
The authors also tested software designed to crack CAPTCHAs against images created using reCAPTCHA, and found that they failed completely. The authors ascribe this to the fact that the letters in scanned images contain distortions that are not the result of a clean mathematical transformation. User response times were also measured, but there were no significant differences between the time it took users to handle traditional systems and that required to use reCAPTCHA.
Use to hide your own email addy (Score:5, Informative)
You can also use reCaptcha for your own email address, and be more willing to provide it "publicly" since they'd have to answer the reCaptcha to get to the mailto... reCaptcha mailhide [recaptcha.net]
Re: (Score:3, Funny)
The following security test allows us to validate you are a human and not an automated script.
please type the following two words in the text box below
you moron
____________ _____________
Re: (Score:2)
The software presents one optically unreadable word and one "control" CAPTCHA word. Getting the control word right identifies the user as a human, and the program records his or her response to the unreadable word and adds it to a database.
So, there is the real CAPTCHA, and another reCAPTCHA.
Re:One Problem (Score:5, Funny)
One FUNDAMENTAL problem with this
... is that you didn't RTFA.
Parent
Re:AC for the plain old CAPTCHA (Score:5, Funny)
Parent
Re:Problems With ReCaptcha (Score:4, Informative)
I've seen one ReCAPTCHA string that was just a distorted entirely illegible blob of ink.
Just do what I did: click the "refresh" button to the right for a new word pair and enter that one.
Parent