Feeds

Campaigners roll out political-correctness Voight-Kampff CAPTCHAs

Works on (truthful) unrighteous - but not so well on bots

Providing a secure and efficient Helpdesk

Politically correct security experts have come up with a Voight-Kampff version of CAPTCHAs, the popular but sometimes irritating challenges designed to make sure that a human and not a bot is behind a request to sign-up for an online service or post a comment on an online forum.

The Civil Rights Defenders CAPTCHA asks respondents how they feel about gay people being beaten with sticks instead of simply asking punters to decipher the visually distorted letters in an image. Another challenge invites respondents to type in one of three options that best expresses their opinion about a proposed ban on "homosexual propaganda" in Russia.

Disappointingly respondents are not asked to examine their feelings about turning a tortoise on its shell in the middle of a desert, as depicted in a test using the Voight-Kampff machine in seminal Sci-Fi flick Blade Runner. The main similarity between the PC CAPTCHA systems and the polygraph-like machine as imagined by Philip K. Dick is the use of emotionally provocative questions. Both tests bill themselves as a test for human empathy.

The Swedish group behind the technology said that its CAPTCHA system "takes a stand for civil rights issues across the globe".

The Civil Rights CAPTCHA is as safe as traditional versions, but also informs users about human rights violations that occur daily around the world. The Civil Rights CAPTCHA also aims to be more user friendly than some of the impossible-to-read versions available today.

(Politically) incorrect responses mean that a user needs to wait five seconds before being prompted with a fresh challenge. The correct response to the multiple-choice question for one of three selections allows punters to gain access to an online service which relies on the technology, a Civil Rights Defenders group affiliate. The whole set-up means members of the Westboro Baptist Church - for example - are unlikely to want to access content their views are out of step with in the first place. For right-on sites that make use of the technology it can act as a filter, according to the Civil Rights Defenders.

The CAPTCHA was launched during Belgrade Pride, a week of festivities that culminated on 6 October. More on the technology can be found here.

The main issue with the technology, at least for the moment, is the challenge relies on a small set of questions, meaning it might not be especially hard for robots to defeat it.

"If I have any issue with the Civil Rights Defenders' CAPTCHA system it would be that at the moment there seems to be a very limited selection of questions - and all the ones I saw required a negative response," writes Graham Cluley, security consultant at Sophos.

"A wider gallimaufry of questions for web users to ponder - both negative and positive - would probably be a more effective challenge for automated bots."

The irony of application of politically correct technology to challenge-response systems is, as Cluley notes, that CAPTCHAs are frequently defeated by spammers and other low-lives by outsourcing the cracking of the technology to online sweatshops in India and elsewhere. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.