Intelligent CAPTCHA

It occurs to me that CAPTHCHA could be somewhat better and indeed is. CAPTCHA has been a staple of Web 2.0 and is fairly effective for the purpose it serves. We know that it is possible to circumvent captcha, delivering users looking at a porn site CAPTCHA images and getting new porn images for each captcha they enter correctly, which is pulled from some mail service by some bot and the user enters the CAPTCHA and sends it back to the bot through the webserver. New mail account established.... begin spamming.

However, that said, it still does not stop us from making CAPTCHA more "intelligent" for people. Everyone uses CAPTCHA and it seems to me that we could make the current CAPTCHA systems "learn". Intelligent software, solely basic on logic (or have frustrating with a purpose, more on that later). Google pay attention, this example CAPTCHA came from Google Analytics.

Take the following example:

Now we can see that the first character/s are either dft or olft, confusing to start with. The next characters, that is a bit more guess work. If you look closely we can see that the 4th or 5th (depending on dft or olft) character is a t however is the next a w or two v's (vv). Has CAPTCHA changed the second v here and made it a bit fatter? Not sure, but if we use the logic of the CAPTCHA we are presented with here then we could assume no, because we are presented with 2 t's and the presentation of the t character is the same in both instances. However, is that true for all characters or is it random... Damn I do not know. So there is a possibility of this CAPTHCA being entered incorrectly by a person, because some ambiguity exists. Now although many CAPTCHA implementations give you the options to see a different image, we miss to be missing a trick here.

Why do we not record the number of successes to failures for each CAPTCHA even though there are almost infinite numbers of CAPTCHAs possible, we could start determine the configuration of the CAPTCHAs that work well and people have a high success rate on first try. We could even cache each CAPTCHA that were generated, record the configuration of the output and the image itself, store it in cache and use it every x CAPTCHAs presented. This makes sense in any event as many CAPTCHA implementations warn about the CPU impact that generating high resolution and function CAPTCHAs can have on the system. Why do we just randomly generate every CAPTCHA and use CPU resources every time, why not just cache loads? If a number of sites used a CAPTCHA system like this all of a sudden we would have a huge number of CAPTCHA images and/or image configurations that had a near 100% success rate for people. We would have millions! It would still fulfill its primary function of stopping bots, however there would be no more ambiguous CAPTCHA images anymore... No joy. It is the simple things in life that make the difference.

I am sure we have all been a victim of CAPTCHA ambiguity.

Maybe Google and everyone else should just use reCAPTCHA, which is brilliant and has a great purpose too, to help in digitising books. A brilliant idea! Over 60 million CAPTCHAs are solved every day by people around the world. reCAPTCHA channels this human effort into helping to digitize books from the Internet Archive. When you solve a reCAPTCHA, you help preserve literature by deciphering a word that was not readable by computers.

Now that is clever, Google and everyone else should just use reCAPTCHA, it is a distributed automated task service. Amazon Mechnical Turk on speed, maybe because it has single purpose. However, Google would never embed someone else’s work on their pages, which is a bit hypocritical seeing as Google wants everyone else to embed their stuff on their pages. Google developers, you lost the CAPTCHA engine competition, just face it and Google, do something good for something else for a change, you monolith, self-important, pseudo empire. The world does not revolve around Google and Google fails to ever recognise any other organizations achievements. All empires fall, but an empire is remembered for what it did and although Google will be remember for lots, they will not be remembered for embedding someone else’s stuff on their site. Google just use reCAPTCHA, deflate your ego.

UPDATE

18 September - Goggle accquires reCAPTCHA