An article in ComputerWorld today notes a recent report from security vendor MessageLabs that the proliferation of CAPTCHA-breaking tools has resulted in a surge of spam. Worse:
The report paints a cascade effect, which has allowed hole in CAPTCHA to let criminals set up large numbers of fake blogs and content, which are then used to feed bogus profiles to social networking systems. Messages and requests from these domains are a simple way around reputation-based anti-spam technology because they emanate from trusted sites not as aggressively filtered by such software.
It is amazing how what once seemed like a clever idea now plays an instrumental role in the balance of power of our adversarial attention economy. Naturally, all techniques like these fuel an arms race. I suppose many will argue that we need better CAPTCHAs. I suppose that’s a short-term fix, but I wonder if we need to stop being quite so dependent on models that are inherently adversarial.