A new start-up aims to keep spammers out of websites – without forcing human beings to undergo CAPTCHA tests.
Last month, We Live Security reported on an AI firm which showed off software which can reliably crack the wobbly text used to “block” automated programs.
Instead, Keypic uses an image – usually an advert, but it
can be a single pixel, an animation, or anything the site’s
administrator wants – and checks for typically “human” behavior. It’s
already used on nearly 6,000 sites, and is available as a plug-in for
WordPress and Drupal.
“Our service does a full cross check against all other
requests (we receive hundreds or them every second) to determine if your
user is a spammer or not,” the company says, claiming that its service
is effective for free email service sign-up, and for blog comment spam.
The service works by an automated process that looks for
typical spammer behavior – starting with the fact that most programs
won’t download an image, whereas a human using a browser will. The data
is cross-referenced with thousands of other form submissions.
“Whether the image is retrieved is just one of the ten or so data points Keypic checks,” says Mark Gibbs of Network World.
“Other data points include how long it takes for the form to be
submitted (which reveals software that tries to submit at a high rate),
what order are the fields filled in, what the IP address is, what
browser is being used, how many requests are received per minute from a
single IP address, and the characteristics of any text entered into
fields other than name and password.”
Keypic Web Service sends back a number – in percentage form – showing
the likelihood a user is or is not a spammer. The company says it can
radically improve response to interactive features such as polls – or
blog comment channels.
“Most bloggers are familiar with programs that submit bogus
comments, usually for the purpose of raising search engine ranks of
some website (e.g., “buy penny stocks here”). This is called comment
spam,” the company says. “With Keypic, only humans can post comments on a
blog, and bot actions are really restricted. There is no need to make
users sign up before they enter a comment, and no legitimate comments
are ever lost.”
Last month, a new artificial intelligence startup, Vicarious, showed off software which could “crack” CAPTCHA tests.
A program designed by Vicarious is shown “breaking” CAPTCHA
text in a video released by the company. The system, known as Vicarious
AI, achieves a success rate of up to 90% against standard CAPTCHAs used
by Google, Yahoo and PayPal, its creators claim – using machine
learning, rather than massive amounts of computing power
No comments:
Post a Comment