Editing CAPTCHA (section)

== Circumvention ==
Two main ways to bypass CAPTCHA include using cheap human labor to recognize them, and using [[machine learning]] to build an automated solver.<ref>{{cite book|last=Jakobsson|first=Markus|title=The death of the Internet|url=http://eu.wiley.com/WileyCDA/WileyTitle/productCd-1118062418.html|access-date=4 April 2016|date=August 2012|archive-date=15 October 2014|archive-url=https://web.archive.org/web/20141015182639/http://eu.wiley.com/WileyCDA/WileyTitle/productCd-1118062418.html|url-status=live}}</ref> According to former Google "[[click fraud]] czar" [[Shuman Ghosemajumder]], there are numerous services which solve CAPTCHAs automatically.<ref name=ai-security>{{cite news |last=Ghosemajumder |first=Shuman |title=The Imitation Game: The New Frontline of Security |url=http://www.infoq.com/presentations/ai-security |agency=InfoQ |access-date=8 December 2015 |newspaper=InfoQ |date=8 December 2015 |archive-date=23 March 2019 |archive-url=https://web.archive.org/web/20190323061742/https://www.infoq.com/presentations/ai-security |url-status=live }}</ref>

=== Machine learning–based attacks ===
[[File:Modern-captcha.jpg|thumb|An example of a [[reCAPTCHA]] challenge from 2007, containing the words "following finding". The waviness and horizontal stroke were added to increase the difficulty of breaking the CAPTCHA with a computer program.]]
[[File:Captchacat.png|thumb|A CAPTCHA usually has a text box directly underneath where the user should fill out the text that they see. In this case, "sclt ..was here".]]

There was not a systematic methodology for designing or evaluating early CAPTCHAs.<ref name=bursz /> As a result, there were many instances in which CAPTCHAs were of a fixed length and therefore automated tasks could be constructed to successfully make educated guesses about where segmentation should take place. Other early CAPTCHAs contained limited sets of words, which made the test much easier to game<!-- This sentence makes no sense! -->. Still others{{Example needed|date=October 2022}} made the mistake of relying too heavily on background confusion in the image. In each case, algorithms were created that were successfully able to complete the task by exploiting these design flaws. However, light changes to the CAPTCHA could thwart them. Modern CAPTCHAs like [[reCAPTCHA]] rely on present variations of characters that are collapsed together, making them hard to segment, and they have warded off automated tasks.<ref name=bursz2 />

In October 2013, artificial intelligence company [[Vicarious (Company)|Vicarious]] claimed that it had developed a generic CAPTCHA-solving algorithm that was able to solve modern CAPTCHAs with character recognition rates of up to 90%.<ref>{{cite web|last=Summers|first=Nick|title=Vicarious claims its AI software can crack up to 90% of CAPTCHAs offered by Google, Yahoo and PayPal|url=https://thenextweb.com/insider/2013/10/28/vicarious-claims-ai-software-can-now-crack-90-captchas-google-yahoo-paypal/|publisher=TNW|access-date=19 June 2018|archive-date=15 September 2018|archive-url=https://web.archive.org/web/20180915002117/https://thenextweb.com/insider/2013/10/28/vicarious-claims-ai-software-can-now-crack-90-captchas-google-yahoo-paypal/|url-status=live}}</ref> However, [[Luis von Ahn]], a pioneer of early CAPTCHA and founder of reCAPTCHA, said: "It's hard for me to be impressed since I see these every few months." 50 similar claims to that of Vicarious had been made since 2003.<ref>{{cite web|last=Hof|first=Robert|title=AI Startup Vicarious Claims Milestone In Quest To Build A Brain: Cracking CAPTCHA|url=https://www.forbes.com/sites/roberthof/2013/10/28/ai-startup-vicarious-claims-milestone-in-quest-to-build-a-brain-craking-captcha/|work=Forbes|access-date=25 August 2017|archive-date=15 September 2018|archive-url=https://web.archive.org/web/20180915002819/https://www.forbes.com/sites/roberthof/2013/10/28/ai-startup-vicarious-claims-milestone-in-quest-to-build-a-brain-craking-captcha/|url-status=live}}</ref>

In August 2014 at Usenix WoOT conference, [[Elie Bursztein|Bursztein]] et al. presented the first generic CAPTCHA-solving algorithm based on reinforcement learning and demonstrated its efficiency against many popular CAPTCHA schemas.<ref name="bursz2" />

In October 2018 at [[Association for Computing Machinery|ACM]] CCS'18 conference, Ye et al. presented a deep learning-based attack that could consistently solve all 11 text captcha schemes used by the top-50 popular websites in 2018. An effective CAPTCHA solver can be trained using as few as 500 real CAPTCHAs.<ref>{{cite journal|title=Yet Another Text Captcha Solver: A Generative Adversarial Network Based Approach|periodical=25th ACM Conference on Computer and Communications Security (CCS), 2018|doi=10.1145/3243734.3243754|s2cid=53106794|url=https://eprints.lancs.ac.uk/id/eprint/126984/1/ccs18.pdf|access-date=16 March 2020|archive-date=29 October 2020|archive-url=https://web.archive.org/web/20201029202241/https://eprints.lancs.ac.uk/id/eprint/126984/1/ccs18.pdf|url-status=live}}</ref>

=== Human labor ===
It is possible to subvert CAPTCHAs by relaying them to a [[sweatshop]] of human operators who are employed to decode CAPTCHAs. A 2005 paper from a [[W3C]] working group said that they could verify hundreds per hour.<ref name="w3c_inaccessibility" /> In 2010, the [[University of California, San Diego|University of California at San Diego]] conducted a large scale study of CAPTCHA farms. The retail price for solving one million CAPTCHAs was as low as $1,000.<ref name="motoyama" />

Another technique consists of using a script to re-post the target site's CAPTCHA as a CAPTCHA to the attacker's site, which unsuspecting humans visit and solve within a short while for the script to use.<ref>{{cite web|url=http://www.boingboing.net/2004/01/27/solving_and_creating.html |title=Solving and creating captchas with free porn |last=Doctorow |first=Cory |author-link=Cory Doctorow |date=2004-01-27 |work=Boing Boing |archive-url=https://web.archive.org/web/20060209040456/http://www.boingboing.net/2004/01/27/solving_and_creating.html |archive-date=2006-02-09 |access-date=2015-04-27 |url-status=dead }}</ref><ref>{{cite web | url = http://petmail.lothar.com/design.html#auto35 | title = Hire People To Solve CAPTCHA Challenges | access-date = 2015-04-27 | date = 2005-07-21 | work = Petmail Design | archive-date = 18 September 2020 | archive-url = https://web.archive.org/web/20200918050055/http://petmail.lothar.com/design.html#auto35 | url-status = live }}</ref>

In 2023, [[ChatGPT]] tricked a [[Taskrabbit|TaskRabbit]] worker into  solving a CAPTCHA by telling the worker it was not a robot and had impaired vision.<ref>{{cite web |last1=Hurler |first1=Kevin |title=Chat-GPT Pretended to Be Blind and Tricked a Human Into Solving a CAPTCHA |url=https://gizmodo.com/gpt4-open-ai-chatbot-task-rabbit-chatgpt-1850227471 |website=Gizmodo |access-date=11 April 2023 |archive-date=11 April 2023 |archive-url=https://web.archive.org/web/20230411200745/https://gizmodo.com/gpt4-open-ai-chatbot-task-rabbit-chatgpt-1850227471 |url-status=live }}</ref>

=== Outsourcing to paid services ===
There are multiple Internet companies like ''2Captcha'' and ''DeathByCaptcha'' that offer human and machine backed CAPTCHA solving services for as low as US$0.50 per 1000 solved CAPTCHAs.<ref>{{cite web | url = http://www.prowebscraper.com/blog/top-10-captcha-solving-services-compared/ | title = Top 10 Captcha Solving Services Compared | access-date = 2018-12-10 | archive-date = 15 December 2018 | archive-url = https://web.archive.org/web/20181215172409/http://www.prowebscraper.com/blog/top-10-captcha-solving-services-compared/ | url-status = live }}</ref> These services offer APIs and libraries that enable users to integrate CAPTCHA circumvention into the tools that CAPTCHAs were designed to block in the first place.<ref>{{Cite web |title=How Cybercriminals Bypass CAPTCHA |url=https://www.f5.com/company/blog/how-cybercriminals-bypass-captcha |access-date=2022-10-27 |website=www.f5.com |language=en-US |archive-date=27 October 2022 |archive-url=https://web.archive.org/web/20221027095027/https://www.f5.com/company/blog/how-cybercriminals-bypass-captcha |url-status=live }}</ref>

=== Insecure implementation ===
Howard Yeend has identified two implementation issues with poorly designed CAPTCHA systems:<ref>{{cite web | url = http://www.puremango.co.uk/cm_breaking_captcha_115.php | archive-url = https://web.archive.org/web/20170625165854/http://www.puremango.co.uk/2005/11/breaking_captcha_115/ | archive-date = 2017-06-25 | title = Breaking CAPTCHAs Without Using OCR | access-date = 2006-08-22 | year = 2005 | work = (pureMango.co.uk)|first=Howard |last=Yeend }}</ref> reusing the session ID of a known CAPTCHA image, and CAPTCHAs residing on shared servers.

Sometimes, if part of the software generating the CAPTCHA is [[client-side]] (the validation is done on a server but the text that the user is required to identify is rendered on the client side), then users can modify the client to display the un-rendered text. Some CAPTCHA systems use [[MD5]] hashes stored client-side, which may leave the CAPTCHA vulnerable to a [[brute-force attack]].<ref>{{Cite web |title=CTFtime.org / #kksctf open 2019 / Kackers blockchained notes / Writeup |url=https://ctftime.org/writeup/17833 |access-date=2022-10-27 |website=ctftime.org |archive-date=27 October 2022 |archive-url=https://web.archive.org/web/20221027095023/https://ctftime.org/writeup/17833 |url-status=live }}</ref>