unCAPTCHA violated Google's reCAPTCHA

unCAPTCHA: Google was quick to celebrate offered by the reCAPTCHA service, a system that automatically recognizes that you are not a bot. unCAPTCHA

A ερευνητών από το Πανεπιστήμιο του Maryland ανέπτυξαν ένα νέο αλγόριθμο, που τον ονόμασαν unCAPTCHA. Ο νέος αλγόριθμος μπορεί να νικήσει το σύστημα reCAPTCHA της Google με ποσοστό επιτυχίας 85 τοις εκατό. Η συγκεκριμένη μέθοδος εκμεταλλεύεται μια ευπάθεια στην έκδοση of reCAPTCHA.

Οι ερευνητές χρησιμοποίησαν λογισμικό αυτοματοποίησης του προγράμματος περιήγησης για την ανάλυση των απαραίτητων στοιχείων και τον προσδιορισμό των αριθμών που απήγγειλε η Google. Μετά μεταβίβασαν αυτούς τους αριθμούς προγραμματιστικά, με σκοπό να ξεγελάσουν τα που κάνει το AI της Google να ξεχρίζει bots από ανθρώπους.

To make this happen, the AI ​​they developed violates several known flaws in Google's security system to significantly reduce the level of suspicion of reCAPTCHA.

Most strikingly, the researchers used a number of audio transcription services to defeat the system. Surprisingly, these services were from IBM, Google Cloud and Speech Recognition, Sphinx, Wit-AI, but also Bing Speech Recognition. So, in a way, the researchers used Google technology to infringe on Google technology.

Following the revelation of this flaw in the Big G in April, researchers report that the company has added some additional protections that limit the success rate of unCAPTCHA.

"For example, Google has also improved browser automation detection. In addition, we have noticed that some sounds include not only digits but also small excerpts of spoken text. ”

Researchers have since released the complete PoC in a paper where you can see all the details [PDF]. The paper was officially presented at Usenix WOOT '17 held in Vancouver.


Watch this

iGuRu.gr The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).