Sophos Cloud Optix
Human? Not a robot? Says you! Take this test to prove it:
What’s at times essentially illegible, fuses characters together into melted blobs of unrecognizable goo, and occasionally tells you to go f**k yourself?
If you answered “CAPTCHA”, congratulations – you’re made out of carbon!
Because of this, it’s unlikely you will robotically buy up reams of tickets and sell them at vicious markups, and therefore, Ticketmaster, the world’s largest online ticket retailer, will be happy to sell to you.
Now, though, Ticketmaster is going to sell tickets without torturing your eyeballs with the use of CAPTCHA.
According to the BBC, Ticketmaster has dumped the reviled challenge-response test and put in its place software created by Solve Media, which achieves the same robot-screening ends by asking for well-known phrases, descriptions of brands, or with simple multiple-choice questions.
CAPTCHA came out of Carnegie Mellon University and stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”.
The tests are designed to be hard for robots, easy for humans.
They typically consist of typing letters and/or digits from a distorted image. Or messages, as noted, to go pleasure yourself. Or, then again, mathematical problems that make your brain bleed.
Or, as with the Civil Rights Defenders group, a multiple-choice test to prove you’re not a homophobic creep. Or, sometimes, a tricky extra character or two.
For some reason, people don’t like these CAPTCHA tests.
Lord Teapot, a commenter on the BBC story, said that he or she finds these tests so distasteful, he or she gives up and buys from another site after the first failed attempt:
Lord Teapot
30TH JANUARY 2013 - 15:57
I will generally attempt a CAPTCHA once. After that I seek another site to purchase/view/etc the material I was seeking. Some of the CAPTCHA images are essentially illegible, tend to contain multiple characters that seem to be fused together into unrecognizable masses, and other nonsense that makes the entire scheme a complete [hassle]. Find a legitimate way to ID humans, or we find other sites.
Revenue-harming disgust caused Ticketmaster to rethink the use of CAPTCHA.
According to the company’s executive vice president of e-commerce, Kip Levin, preliminary trials show customer satisfaction is ticking up, and security hasn’t suffered.
He told the BBC:
"We're starting to see an uptick in fan satisfaction."
"We're happy with what we've seen from a security standpoint as well."
Levin also told the BBC that the new system has halved the time users take to puzzle out an answer: average time to solve a CAPTCHA puzzle was 14 seconds, while the new system took users an average of 7 seconds.
As far as security goes, it’s time for us to find a better method. Back in 2008, spammers were achieving a CAPTCHA success rate of 30% to 35% for Microsoft’s Live Mail service and a success rate of 20% against Gmail.
But, as Sophos’s Graham Cluley noted this past fall, nowadays, spammers are simply outsourcing the cracking of CAPTCHAs to impoverished workers in the third-world, to whom they pay a pittance for completing thousands of puzzles each day.
And there’s no reason to believe that such a technique won’t work just as well against Ticketmaster’s new system.
Frustrated computer user image courtesy of Shutterstock
I'll be happier when we can say goodbye to Ticketmaster.
Ticketmaster is trying to get a publicity boost out of this by even suggesting it’s done to please their users. The BBC fails to see through this, even though they had reported that Ticketmaster admitted that 1/5 of their sales in 2011 went to botnets.
So the real story: Ticketmaster’s CAPTCHAs were insecure for all of 2011, and in early 2013 they finally tried something else.
How does it validate the "describe this brand with any word(s)"? I've just tried it on their site, and it seems to accept any description. If that's the case, it wouldn't be too hard for a robot to bypass it.
Thank God for that. Hopefully others will follow.
Normally they are not as clear as your example above. Many times I have just moved away from a page and done business elsewhere because of these annoying doodles.
"Some" captcha's were easy to work with, most indecipherable to anyone. There has to be a better way than that to stop bot's. I'm glad they are getting rid of it, I hope every site does.
Glad these nonsense checks are going away, often can't read them.
But the alternative has to use options that people know about and can recognise well enough to give a short description. For example, it's no use using a business that may be well known in Bolivia but nowhere else! Plus there must be an allowance made for the way businesses differ between countries as the regulatory regime may well be different.
So what businesses are known to everyone in every country? Very few I wager.
I'd rather see them get rid of those added "convenience" fees instead!
Are you a bot? [] Yes [] No
Now we’re talking 🙂
CAPTCHA was the most inane way to filter robots.
Like Lord Teapot I will only go through the torture of CAPTCHA if I am desperate.
Wouldn't be easier if the website asked "Are you and honest robot?" and rejected both "yes" and "no".
From images.google.com:
"Best guess for this image: nbc channel logo"
What's an uptick in fan satisfaction? Is there a downtick?
YAY!!!!!!!!!!