Ever been reading a site and they show an email address as: “name AT example DOT com” to try and fool email address harvesters?
Well I have 22 million reasons why this is a stupid method. Anyone want to buy an email list?
Approximately 30 hours after I posted Digg made a change to CAPTCHA by altering the foreground colors and background colors, alternating normal and bold face, and mixing upper an lowercase letters. With the a slight modification to my program (not making all letters lowercase) it reduced my program’s accuracy to 11 % (out of 200 samples). But there was another problem, approximately 15% were not human solvable.
While using digg.com, I was surprised to see such an obviously weak CAPTCHA challenge. I was able to create a script that defeats it with a 88% accuracy within a couple hours using nothing but free software. (If you are looking for code, forget it. This is almost too much information) Continue reading