How Does CAPTCHA Work?
Techquickie
·Techquickie
·2017-05-06
·
1,116 words · ~5 min read
0:00
to continue watching this video prove that you are a human by clicking on
0:04
every box that contains Aus who are we
0:07
kidding we welcome all viewers organic or robotic here at Techquickie but back
0:13
on topic odds are you've probably seen
0:16
little tests like that scattered around the internet when you're trying to post
0:21
a comment create an account or buy something they're called captas which
0:27
stands for completely automated public Turing tests to tell computers and
0:32
humans apart proving once again that the
0:35
computer science Community continues to struggle with the concept of acronyms
0:40
anyway the irony of using Computing
0:44
techniques to trick other computers
0:47
isn't really new le speak which goes all
0:50
the way back to the early 1980s originated as a method of preventing
0:56
content from being easily searchable and
0:59
to work around obstacles like profanity filters a use that is still common to
1:05
this day but modern capture didn't come
1:08
around until the late 1990s when the
1:12
then popular search engine altav Vista
1:16
man I'm old was trying to find a way to
1:19
prevent Bots or automated computer programs from adding tons of spam and
1:25
malicious URLs to their link database
1:28
they wanted to put some kind of barrier in place and approach the problem by
1:34
thinking about something that both humans and computers were good at namely
1:40
optical character recognition which you can learn more about here then
1:45
introducing elements that made the task
1:49
much more difficult for computers while keeping it fairly easy for humans and
1:54
since computers of the day could only recognize clear easyto read text TT
2:00
altavista's Engineers forced the user or
2:04
the bot as it were to read a puzzle with
2:07
distorted misaligned text with stray
2:10
marks in order to submit a URL to the database cool right this form of capture
2:17
continues to be quite popular along with
2:20
audio capture for the visually impaired that in a similar vein typically
2:25
includes spoken letters that are somewhat garbled to defeat autom ated
2:30
sound analysis q
2:34
y26 w you'll see it employed in
2:37
situations ranging from preventing Bots
2:40
from signing up for social media accounts to cut down on spam to
2:45
verification on ticket buying websites to ensure that Bots working for ticket
2:50
scalpers can't snatch up all the tickets to popular events you might even see
2:55
captas more frequently if you're using a VPN service and as many website
3:01
administrators are aware that vpns are a
3:04
popular tool that scammers can use to conceal their identities so a request
3:10
from a known VPN IP address is more
3:14
likely to trigger a capture prompt but
3:17
there's a bit more to it than simply presenting the scheming bot with a
3:23
confusing image capture scripts also
3:26
need to be written securely so that the correct answer is isn't available to the
3:30
bot through a back door for example some
3:34
capture scripts especially many freely available ones render the text on the
3:40
user's computer instead of on the server and handle the answer in plain text
3:45
meaning that a bot can be written to steal the answer without ever solving
3:50
the puzzle but even if proper security is implemented Bots are also getting a
3:56
lot more sophisticated than they used to be and greater processing power has
4:01
enabled them to use machine learning to get better at solving these kinds of
4:06
captas so everything from image recognition puzzles to trivia questions
4:11
have been employed to stay one step ahead of the spam bot arms race but
4:18
lonus what about those prompts that I've been seeing these days that just say I'm
4:24
not a robot and then I just check a box I mean couldn't a robot do that how does
4:29
that work well this is a pretty cool mechanism from Google called No capture
4:36
it actually tracks your mouse movements right before you check the box humans
4:42
tend to move their mice in Wiggly imperfect ways when they want to point
4:47
at something whereas this behavior is usually absent with a bot no capture
4:53
also looks at your IP address and cookie activity to see if it's probably
4:59
consistent with a Human Instead of a bot
5:02
and this automation has made it much faster and less frustrating for the user
5:07
increasing its popularity it's generally regarded as reliable which is cool but
5:13
back to that face I made before it has privacy Advocates concerned about how
5:18
much information it's sending to Google and uh how exactly is it being
5:24
used oh that Google but considering how many people
5:29
see an opportunity to make a quick Buck by deploying spam Bots as the internet's
5:34
influence continues to grow it isn't likely we'll see the human verification
5:39
arms race cool down anytime soon I just
5:43
hope that it doesn't reach the point where we have to submit like a DNA
5:48
sample and like a stool sample just to downvote somebody on Reddit TunnelBear
5:54
VPN vpns are great for more than just spammers and scammers by the way they
5:58
are perfect for anyone who wants to use online services and browse the internet
6:04
anonymously or to access things that just plain might not be available in
6:09
their country tunnel bear has easy to use apps for iOS Android PC and Mac they
6:15
also have a Chrome extension and it's so easy to use all you do is install it
6:20
pick the country that you wish to be
6:23
from and press a button when you do that
6:27
two things happen one your connection gets get encrypted with AES 256-bit
6:31
encryption and two your public IP address gets switched so you show up as
6:37
though you are in a different country and tunnel bear lets you bypass all the
6:41
BS that often comes with VPN use no DNS
6:46
ports blah blah blah none of that stuff they've also got a top rated privacy
6:50
policy and do not log user activity so
6:53
try it out for nothing 500 megabytes free data no credit card required and
6:59
when you go wow this is great I can watch that soccer game or I can buy that
7:04
thing or whatever you can get an unlimited plan and save 10% by going to
7:09
Tunnel bear.com Linus so thanks for watching guys like
7:13
dislike leave a comment if you have a suggestion for a future video most of
7:17
the suggestions are terrible but every once in a while a gem does come in so uh
7:21
kudos for that and as always don't forget to subscribe for more videos just
7:25
like this one