自动收发短信验证码机器人_除了验证码：禁止机器人！

自动收发短信验证码机器人

I’m sure you’ve seen them many times — those wild squiggles that need to be deciphered and typed into a text box before you can buy concert tickets online or access a comment form.

我相信您已经看过很多次了-需要解密并在文本框中输入这些狂野的曲折，然后才能在线购买演唱会门票或访问评论表。

CAPTCHAs are generally one or two words presented as graphics, overlaid with some kind of distortion, and they function as a test that relies on your human ability to recognize them. CAPTCHA stands for "Completely Automated Public Turing test to tell Computers and Humans Apart." This is a misnomer, because a CAPTCHA isn’t a Turing test — but we’ll come back to that later!

验证码通常是一个或两个单词，以图形表示，上面覆盖着某种失真，它们的作用取决于您人类识别它们的能力。 CAPTCHA代表“完全自动化的公共Turing测试，以区分计算机和人类。” 这是用词不当，因为验证码不是 图灵测试 -但我们稍后会再讲！

The CAPTCHA innovation was pioneered by developers at Carnegie Mellon University. The idea behind it was to develop a means of distinguishing between people and web robots, so that web sites could offer their resources to individual humans without being exploited by robots.

CAPTCHA创新是由卡内基梅隆大学的开发人员开创的。 其背后的想法是开发一种区分人和网络机器人的方法，以便网站可以将资源提供给个人，而不会被机器人利用。

需要验证码(或其他) (The Need for CAPTCHA (or Something))

Site owners face a number of unique challenges in protecting their resources from automated harvesting. These include:

网站所有者在保护其资源免受自动收获方面面临着许多独特的挑战。 这些包括：

• Resources may be expensive to provide, and machines can consume far more data far more quickly than humans. Therefore, services that are machine-accessible may prove prohibitively expensive to maintain.
  提供资源的成本可能很高，并且机器消耗的数据要比人类快得多。 因此，机器可访问的服务维护成本可能过高。
• Allowing bots to post comments and user-generated content opens a floodgate for spammers, which inevitably results in massive volumes of spam — often to the point where a service becomes unuseable.
  允许僵尸程序发表评论和用户生成的内容为垃圾邮件发送者打开了闸门，这不可避免地导致大量垃圾邮件-经常导致服务无法使用。
• Data may be highly sensitive, such as personal medical or financial information, and needs to be sufficiently protected to prevent against attacks from data-mining robots.
  数据可能是高度敏感的，例如个人医疗或财务信息，并且需要得到充分保护以防止受到数据挖掘机器人的攻击。
• Interactions with a system may have fundamental implications for society as a whole; consider the issues that would arise in the case of electronic voting.
  与系统的交互可能会对整个社会产生根本的影响； 考虑在电子投票的情况下可能出现的问题。

验证码问题 (The Problem with CAPTCHA)

CAPTCHA systems create a significant accessibility barrier, since they require the user to be able to see and understand shapes that may be very distorted and difficult to read. A CAPTCHA is therefore difficult or impossible for people who are blind or partially sighted, or have a cognitive disability such as dyslexia, to translate into the plain text box.

CAPTCHA系统会造成严重的可访问性障碍，因为它们要求用户能够看到和理解可能会非常扭曲且难以阅读的形状。 因此，对于盲人或部分视力不佳或患有阅读障碍等认知障碍的人来说，CAPTCHA很难翻译成纯文本框。

And of course there can be no plain-text equivalent for such an image, because that alternative would be readable by machines and therefore undermine the original purpose.

当然，对于这种图像，不可能有与之等效的纯文本格式，因为这种替代方式将可由机器读取，从而破坏了原始目的。

Since users with these disabilities are unable to perform critical tasks, such as creating accounts or making purchases, the CAPTCHA system can clearly be seen to fail this group.

由于这些残障用户无法执行关键任务，例如创建帐户或进行购买，因此可以清楚地看到CAPTCHA系统使该组失败。

Such a system is also eminently crackable. A CAPTCHA can be understood by suitably sophisticated scanning and character recognition software, such as that employed by postal systems the world over to recognize handwritten zip or postal codes. Or images can be aggregated and fed to a human, who can manually process thousands of such images in a day to create a database of known images — which can then be easily identified.

这样的系统也是非常容易破解的。 可以通过适当复杂的扫描和字符识别软件来理解CAPTCHA，例如，全世界的邮政系统都使用该软件来识别手写的邮政编码。 或者，可以将图像聚合并提供给人类，人类可以每天手动处理成千上万个这样的图像，以创建已知图像的数据库，然后可以轻松地对其进行识别。

Recent high-profile cases of bots cracking the CAPTCHA system on Windows Live Hotmail and Gmail have highlighted the issue, as spammers created thousands of bogus accounts and flooded the systems with junk. Even more recently, security firm Websense Security Labs have reported that the Windows Live CAPTCHA can be cracked in as little as 60 seconds.

最近出现的备受瞩目的僵尸程序案例破坏了Windows Live Hotmail和Gmail上的CAPTCHA系统，因为垃圾邮件发送者创建了数千个虚假帐户，并用垃圾邮件充斥了系统。 安全公司Websense Security Labs最近甚至报告说，Windows Live CAPTCHA可以在短短60秒内破解。

One CAPTCHA-cracking project, called PWNtcha ("Pretend We’re Not a Turing Computer but a Human Antagonist"), reports success rates between 49% and 100% at cracking some of the most popular systems, including 99% for the system used by LiveJournal, and 88% for that employed by PayPal.

一个名为