Websites often ask people to decipher a few wiggly letters because they are trying to find out if a user is a human or spamware.
The electronic hoop people are required to jump through was invented in 2000 by a team of programmers at Carnegie Mellon University because someone at Yahoo! went to them hoping that they could come up with a program to stop criminals from using software to automatically create thousands of e-mail accounts and then using those accounts to send out spam.
The Carnegie Mellon team developed CAPTCHA which stands for "completely automated public turing test to tell computers and humans apart". The purpose of the CAPTCHA is that reading those swirly letters is something that computers aren't very good at doing.
By the way, the term "turing" refers to a hypothetical computer with an infinitely long memory tape which can modify its original instructions by reading, erasing, or writing a new symbol on a moving tape of fixed length that acts as its program.
The CAPTCHA has become widespread all over the web. According to Luis von Ahn, an assistant professor at Carnegie Mellon, who was part of the original CAPTCHA team, estimates that people fill out close to 200 million CAPTCHAs every day.
Von Ahn is confident that the good guys are still ahead for now, but the point at which cyber-criminal software can reliably read CAPTCHAs is probably as few as three to five years away.
The real innovation among cyber-criminals will come through social networking and Web-based services. During the year 2008, spammers increased with the targeting of web-based e-mail from large, free, reputable providers, using new techniques to break CAPTCHAs and to generate massive numbers of personal accounts. Mail from these domains was the least likely to be blocked by IT departments.
The real innovation among cybercriminals will come through social networking and Web-based services. This past year spammers expanded to targeting web-based email from large, free, reputable providers, using new techniques to break CAPTCHAs and generate massive numbers of personal accounts. Mail from these domains was the least likely to be blocked by IT departments.