I wrote a solver for my bank's CAPTCHAs in a few hours.

#001 | Kodiologist | Tue 30 Aug 2011 @ 3:06:01 AM (UTC)

Should I be concerned that I'm trusting my money with these people?

---
"…and the colonel was certainly not going to waste his time and energy making love to beautiful women unless there was something in it for him."

#002 | Dont Interrupt Me | Tue 30 Aug 2011 @ 3:17:07 AM (UTC)

Have you told them that you wrote a solver?
---
Was it a car or a cat I saw?

#003 | Kodiologist | Tue 30 Aug 2011 @ 3:23:52 AM (UTC)

No. I'm a little afraid to.

---
"…and the colonel was certainly not going to waste his time and energy making love to beautiful women unless there was something in it for him."

#004 | willis5225 | Tue 30 Aug 2011 @ 11:12:22 AM (UTC)

Are captchas taken seriously as a form of security? I kind of figured they were like those "THIS E-MAIL IS CONFIDENTIAL DON'T SHOW IT TO ANYONE" signatures: completely toothless but omnipresent because it "feels" more secure.

Do a little googling and see if they're likely to litigate. I really doubt it would be a problem unless you threaten to sell it to whomever, but people can be pretty dumb.
---
Willis, it seems like every other time you post, I need to look up a word that's in the OED or Urban Dictionary but not both.
-Mimir

#005 | Dont Interrupt Me | Tue 30 Aug 2011 @ 12:24:32 PM (UTC)

Walk into your local branch wearing a big floppy wizard's hat and demonstrate it to them in person. I'm sure they'd be mighty impressed. They might not do anything about it, but it's nice to let them know.
---
Was it a car or a cat I saw?

#006 | HeyDude | Tue 30 Aug 2011 @ 12:27:24 PM (UTC)

People like you are the reason CAPTCHAs keep getting harder to read.

#007 | Dont Interrupt Me | Tue 30 Aug 2011 @ 12:30:02 PM (UTC)

What is it that's actually protected by this captcha, by the way? Is it really that disasterous if some person had a solver for this one?
---
Was it a car or a cat I saw?

#008 | Kodiologist | Tue 30 Aug 2011 @ 12:38:58 PM (UTC)

From: willis5225 | Posted: 8/30/2011 7:12:22 AM | #004
Are captchas taken seriously as a form of security?

I'd say so. For example, if you try to use Google Scholar programmatically, you'll eventually get (good) CAPTCHAs, which got me, at least, to switch websites. IP bans are more secure (since any CAPTCHA system can be gotten around by hiring human solvers in India or something) but much more inconvenient to the user in the case of a false positive.

I guess the white-hat thing to do here is get on a proxy, make a new Yahoo Mail account, and email my bank the source code.

---
"…and the colonel was certainly not going to waste his time and energy making love to beautiful women unless there was something in it for him."

#009 | Kodiologist | Tue 30 Aug 2011 @ 12:44:06 PM (UTC)

From: HeyDude | Posted: 8/30/2011 8:27:24 AM | #006
People like you are the reason CAPTCHAs keep getting harder to read.

From: Dont Interrupt Me | Posted: 8/30/2011 8:30:02 AM | #007
What is it that's actually protected by this captcha, by the way?

Not much—it's just a CAPTCHA you have to solve every time you want to log in to your account. And they already have things set up so that your account is locked if you get your password wrong too many times, so I'm not sure what the point is. I'm mostly just worried by the impression I get that these people who really ought to know what they're doing, don't.

---
"…and the colonel was certainly not going to waste his time and energy making love to beautiful women unless there was something in it for him."

#010 | PaperSpock | Tue 30 Aug 2011 @ 3:02:58 PM (UTC)

Just curious--what made you decide to try to write a solver for your bank's CAPTCHA system?
---
If you're a human and not feeling creative, make this your signature.

#011 | Kodiologist | Tue 30 Aug 2011 @ 3:40:22 PM (UTC)

(A) I'll eventually want to write some code to fetch my transaction history from the website. Being able to solve the CAPTCHAs makes that a bit more convenient.

(B) I was nerd-sniped. The CAPTCHAs looked nontrivial but very possible to break without real OCR. See for yourself:

http://img41.imageshack.us/img41/51/captcha07913.jpg
http://img192.imageshack.us/img192/4344/captcha55451.jpg
http://img196.imageshack.us/img196/2030/captcha81918.jpg

---
"…and the colonel was certainly not going to waste his time and energy making love to beautiful women unless there was something in it for him."

#012 | HeyDude | Sun 4 Sep 2011 @ 5:42:33 PM (UTC)

Did the bank happen to be Bank of America? They sent me a new debit card yesterday, saying that an undisclosed third party may have compromised some accounts and they wanted to ensure my account security by cancelling my old card and issuing a new one.

#013 | Kodiologist | Sun 4 Sep 2011 @ 5:54:53 PM (UTC)

Nope, Teachers Federal Credit Union. It's local to Long Island, so the only other PMSian who might be using it is James.

---
"…and the colonel was certainly not going to waste his time and energy making love to beautiful women unless there was something in it for him."

#014 | Jacehan | Mon 5 Sep 2011 @ 12:39:49 PM (UTC)

I do, in fact, have an account with them, though it has, like, 2 dollars in it and I haven't touched it since I moved back to Queens.
---
"To truly live, one must first be born." ~ Evan [aX]
Paper Mario Social: The Safe Haven of GameFAQs. (Board 2000083)