Archive for January, 2007

Defeating Captchas

Tuesday, January 30th, 2007

When sign in into a website, to open an e-mail account for example, we frequently face a request to type in a code including letters and numbers. These characters are shown on a distored image to be identify only by human beings. These images are known as “captchas”. They were introduced a few years ago as a security measure to stop access to HTML forms by computarized programs attempting to obtain multiple e-mail addresses and other records from the web. 

The purpose of captchas is that only a human being would be able to decipher them. Since they are distored images with characters in different sizes or with geometrical figures on the background, OCR programs could hardly identify them. However, and in most cases, an OCR can be “trained” by a person to decipher the characters in a captcha. Therefore, many websites change their captchas constantly to prevent access by automated programs. 

Sometimes captchas become also a challenge for humans, since people with impaired vision might find them hard to solve. 

With its captchas, the PHP scripts generated by Forms To Go offer you higher protection for your HTML forms. Based on our users’ comments and the reviews we have made to our website, we are able to confirm that spam or temporary forms’ hijacking has been almost eliminated. 

For more information about “captchas” and strategies on how to ”defeat” them, go to: 

http://en.wikipedia.org/wiki/Captcha 

One of the most creative captcha-defeating projects we have found is one in which humans are tricked into typing in a captcha for a spammer. For example… 

A person sees banner of a website offering free porn pictures or software downloads. To access them the user only needs to type in the captcha shown on the banner or website. Attracted by this “excellent deal”, the user enters the characters of the captcha. But in fact, the captcha belongs to a website where the spammer wants to log into. A program or robot connects to the web form, gets the captcha image and shows it to the user, who naively types in the captcha to get what he is been offered: a picture or a download. Or he might never get any of these. But with the solved captcha, the spammer already achieved his goal, signin into the website, an automatically use the account, like an email account, for spamming or other use. Sometimes they get many accounts on the same website. 

With this kind of tactic, spammers can solve many captchas in just one day. 

We would like to know your opinion on captchas, whether you think they are being used properly on the web or if you know about a website offering a creative captcha that would be hard to “defeat”. 

Tags: , ,
Posted in Forms To Go, General | No Comments »

Bebosoft + Blog = BeboTips

Monday, January 29th, 2007

Happy new year. This is the perfect time of the year to start a new fitness program, get fit and start a blog. 

Someday in the middle of 2006, in a meeting with Bebosoft’s software developers, discussing new features to be included in Forms To Go, we were reviewing more than 100 new features proposed by our customers and it was difficult to decide which one shall be included in version 3.0. 

Customers had been sharing their knowledge to us, by providing info on the way they work and the difficulties they confront with different hosting providers. This had become a very important feedback we want to always receive, which helps redifine our software, our tech support and refine our products. 

If it wasn’t for the customer’s feedback, we would had released Forms To Go 3.0 with just 2 or 3 new features. 

We want to share also some of our knowledge and learnings during these years and that’s why we decided to start a blog. However, we considered the best moment to start it was not 2006: too many new features in the oven and a new version of our survey software coming out. 

Here is 2007 and here is our blog. We hope you find it interesting.

Tags:
Posted in General | No Comments »