You're in the desert, you see a tortoise lying on its back, struggling, and you're not helping -- why is that?
We have all filled out online forms where one has to copy sometimes (purposely) hard to read letters from an image to confirm that one is not a robot (CAPTCHA). Microsoft offers an alternative called Asirra, which stands for "Animal Species Image Recognition for Restricting Access." I thought this might be a joke at first, but apparently it is real and MS provides access to it and sample code to use it for free. You can get it here, and, perhaps more importantly, you can test to see if you are human.
Post title from here.
Ian Random:
I can't thank you enough for posting that link. I can finally prove to my wife that I'm human.
May 14, 2008, 9:26 amepobirs:
A LOT of financial institutions have started using this recently.
May 14, 2008, 10:14 amSailorcurt:
Blade Runner is one of my all time favorite movies. I recognized the title immediately.
Answer: What's a tortoise?
May 14, 2008, 11:47 amErik The Red:
I've heard about this, and I'm wondering if we're about to experience a revolution in feline image detection algorithms. Seriously, these guys have been absolutely shredding captchas. I think that this is a stopgap measure at best.
Here's what gets me: A well-recognized best practice is to never log into a financial institution from a computer that isn't yours - keeping your computer secure is enough of a pain; relying on someone else's security is batshit insane. So if you take it as a precondition that you will be doing your online banking from your own computer(s), the simple solution is to have a thorough verification process (for example, one of my banks calls my phone and reads me a number to input into a web page) and then sends an SSL certificate to your browser. Yes, SSL authentication works both ways. It can identify a web site to you (the most common use), but your browser can also store certificates that authenticate it to the site in question. This is pretty good security - it's pretty much impossible to brute-force it. It still relies on the security of the end-user's machine and browser, but so does every other online authentication system so in no case are you worse off. Bonus - it's 100% transparent and automatic. Once it's installed, the user doens't have to do a thing.
May 14, 2008, 8:57 pmJim Hu:
Followers of Microsoft will be shocked, shocked to hear that they stole the idea
May 14, 2008, 9:57 pmbob r:
It isn't very "smart": if you select _only_ dog pictures it says "You're a bot!". I would think it obvious that 100% "wrong" is just as indicative of being a human as 100% correct; possibly more so.
May 14, 2008, 11:57 pmGeorge Weinberg:
This is much better.
May 15, 2008, 9:41 amErik The Red:
@George - Ironically enough, on a technical lever that is probably the most difficult problem to "crack." Tragically, political correctness will keep it out of the mainstream (although I might find a use for it on my site).
May 15, 2008, 3:01 pmScott:
Worse. Captcha. Ever.
May 15, 2008, 8:27 pm