Slash Boxes

SoylentNews is people

posted by LaminatorX on Tuesday January 27 2015, @02:34AM   Printer-friendly
from the croud-fleecing dept.

It turns out that while you're proving to the web server you're a human, you might also be pitching in to provide one of Google's services to its corporate customers. A woman filed a class action lawsuit against Google last Thursday in US District Court in Massachusetts, alleging that Google's reCAPTCHA service has harvested unpaid image-to-text transcription work from millions of web site visitors. Google markets reCAPTCHA as a service to web site owners; its customers include Facebook, Twitter, and Ticketmaster. Like other CAPTCHA implementations, reCAPTCHA challenges site visitors to type in the text corresponding to a visually distorted word. But reCAPTCHA differs from the others in that its images often contain two distorted words, as noted by the civil complaint:

One of those words is a “known” word, which the website user must enter correctly to access the website as a security measure. That is, because Google already knows what word is being displayed in the first distorted image, if the user enters the word correctly, Google knows the user is likely to be a human, and thus permits the users to continue using the website...

The other of the two words, however, serves no security purpose. The second word is an image with text that Google is attempting to transcribe. The sole purpose of the second word is to require the user to read and transcribe the word for Google’s commercial use and benefit, with no corresponding benefit to the user.

The lawsuit notes that Google makes use of optical character transcription for its own products such as Google Books and Street View, and also provides an archive digitization service to newspapers, including the New York Times.

This was apparently never a dark secret; the use of reCAPTCHA to "crowdsource" digitization of old printed materials was publicized as a feature by both Luis von Ahn (who invented reCAPTCHA as a graduate student at Carnegie Mellon University) and Google (who acquired the reCAPTCHA technology in 2009):

reCAPTCHA technology was developed not merely with an eye toward improving cyber security, but also as a way to harness and reuse the collective human time and mental energy spent solving and typing CAPTCHAs—a concept von Ahn has dubbed “human computation.” By constructing CAPTCHAs using words tagged as unreadable in the digitizing of books and other printed material, millions and millions of cyber users play a part every day in the digitization and preservation of human knowledge by transcribing words. Tests have shown that reCAPTCHA textual images are deciphered and transcribed with 99.1% accuracy, a rate comparable to the best human professional transcription services.

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Interesting) by jcross on Tuesday January 27 2015, @04:40AM

    by jcross (4009) on Tuesday January 27 2015, @04:40AM (#138434)

    I'm not buying that transcribing the second word is useless for preventing spam. If there were a finite set of known words, spammers would simply use humans to decode them until they had a complete enough set of search images to do it automatically, feeding the diminishing set of failures back to the humans. I think part of how the system works is that today's unknown words become tomorrow's known words, so there's no fixed dataset for the attackers to gain headway on.

    Side note: the cleverest attack I've heard of is running a free porn site, but requiring people to complete a captcha to click through to the goods. The twist is that the captcha is proxied from some legit site, so you're using the porn-clickers to get you gmail accounts or whatever. Now that's exploitation! I doubt the victims will be filing a class-action lawsuit anytime soon. "They made us work for five seconds before we could fap. It's a crime I tell you, a crime against humanity!"

    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 0) by Anonymous Coward on Tuesday January 27 2015, @05:41AM

    by Anonymous Coward on Tuesday January 27 2015, @05:41AM (#138446)

    This would be the obvious thing to do. However, having payed attention to this detail, and suggesting it formally years ago, ... it appears to not be happening. Look at the captchas. They _always_ have one clear word.

    In fact, on the other site a couple years ago, they had an article about how spammers would just OCR the one readable word, submit trash, and get through the system. Everyone commenting was going, "Nuh-uh! The second word is _undecipherable_, that's why it's there!" -- and that's why the method worked. The second word was unknown, ungradeable. What you've said is the obvious fix; alas, ...