{"id":2441,"date":"2024-02-03T08:00:00","date_gmt":"2024-02-03T07:00:00","guid":{"rendered":"https:\/\/vivalainfo.com\/en\/kaj-je-captcha-prednosti-in-slabosti\/"},"modified":"2024-02-03T08:00:00","modified_gmt":"2024-02-03T07:00:00","slug":"kaj-je-captcha-prednosti-in-slabosti","status":"publish","type":"post","link":"https:\/\/viva.racunalniske-novice.com\/en\/what-is-captcha-pros-and-cons\/","title":{"rendered":"What is CAPTCHA? How does it know you're not a robot?"},"content":{"rendered":"

Why do websites use CAPTCHA? Where does this protection even come from? And why is it such a common occurrence?<\/p>\n\n\n\n

Any website can be a target of cyber attack, digital abuse and bots that collect visitors' personal information for malicious purposes. CAPTCHA was designed to protect against such abuses and bot attacks.<\/p>\n\n\n\n

Even in the editorial office, upon registration, the computer checks whether we are a robot or a human. Sometimes we just need to tick the box, and other times we need to find all the photos on the screen with a water hydrant or something similar. Why this difference, you will find out below.<\/p>\n\n\n\n

What is a CAPTCHA anyway?<\/strong><\/h2>\n\n\n\n

CAPTCHA is an acronym for "Completely Automated Public Turing Test to Tell Computers and Humans Apart". Simply put, it's a random test with a challenge and a specific solution that websites use to defend against attacks. 40 % of all global traffic online is done by "bots", so you can easily imagine the damage they can do. If you recognize them right from the start and let only people onto the website, you can save yourself a lot of trouble.<\/p>\n\n\n\n

How did CAPTCHA technology evolve?<\/strong><\/h3>\n\n\n\n

The first CAPTCHA tests appeared towards the end of the 1990s and consisted of distorted images with a combination of letters and numbers. The technology was developed by several different groups with the aim of making it easier to counter bots and hackers. Do you remember the AltaVista search engine? Their developers wanted to prevent bots from adding malicious web addresses to the database.<\/p>\n\n\n\n

The term CAPTCHA itself was first used in 2003 by a group of computer science researchers at Carnegie Mellon University. The impetus for development was given by the speech of the director of the then giant Yahoo, who spoke about the problems with spiders that were creating millions of fake e-mail addresses.<\/p>\n\n\n\n

A group of researchers created a computer program that first generated random text, then generated a distorted image of that text (which was called a CAPTCHA), and finally asked the user to solve it and click on the "I'm not a robot" box. At the time, optical character recognition (OCR) technology was unable to decipher this simple puzzle, so the robots failed the CAPTCHA test as a bet. Soon after, Yahoo required its users to pass a CAPTCHA test before signing in to an email address. The decline in the number of bots has also prompted other companies to implement CAPTCHA protection.<\/p>\n\n\n\n

Inevitably, however, hackers developed algorithms that could reliably circumvent the new protection. This battle continues to this day.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

reCAPTCHA v1 - an upgrade that failed to stop the bots<\/strong><\/h3>\n\n\n\n

In 2007, Luis von Ahn, a member of the original team that developed the CAPTCHA system, introduced reCAPTCHA v1, with which he wanted to make it harder for hackers and improve the accuracy of the optical character recognition used to digitize printed texts. Hackers came across even more distorted images, and soon the words were crossed out as well.<\/p>\n\n\n\n

It improved OCR by replacing one image of randomly generated garbled text with two garbled images of words scanned from actual texts by two different OCR programs. The first word, or control word, was a word correctly recognized by both OCR programs; the second word was a word that was not recognized by the OCR program. If the user correctly identified the control word, the reCAPTCHA program assumed that the user was human.<\/p>\n\n\n\n

Two years later, Google intervened, buying the new technology and using it to digitize texts for Google Books and licensing it to other companies. At the same time, the development of OCR technology was grist to the mill for hackers, who diligently used it to develop advanced algorithms that began to successfully solve new reCAPTCHA challenges. In 2012, reCAPTCHA image challenges emerged that could trick OCR while being more mobile friendly.<\/p>\n\n\n\n

reCAPTCHA v2 - better but invasive for users<\/strong><\/h3>\n\n\n\n

The second version (reCAPTCHA v2 or no CAPTCHA reCAPTCHA) completely eliminated the text and image challenges. Instead, a simple "I'm not a robot" checkbox started to be used, and behind the scenes, reCAPTCHA v2 analyzes the user's interactions with web pages, how fast the user types, also cookies<\/a>, device history and IP address. It also tracks mouse movements. Users who find the system suspicious are presented with a CAPTCHA challenge, while others can continue browsing.<\/p>\n\n\n\n

This newer protection has several drawbacks. Because it relies heavily on cookies, it is friendlier to Chrome browser users and those signed in with a Google Account. For example: Firefox users (or Brave, Opera...) who have third-party cookies turned off have a higher chance of getting a CAPTCHA challenge.<\/p>\n\n\n\n

However, with the advancement of artificial intelligence, bots can solve even the most advanced reCAPTCHA challenges. Malicious people can also help themselves with these CAPTCHA farms, which are an automated service where bot developers use cheap human labor to solve CAPTCHA challenges.<\/p>\n\n\n\n

It was more than obvious that the existing protection was not sufficient.<\/p>\n\n\n\n

\n