From aa42a347647853bf266b78fa049c446499297d1c Mon Sep 17 00:00:00 2001 From: realaravinth Date: Mon, 20 Sep 2021 19:31:02 +0530 Subject: [PATCH] blur text, context and conclusion --- analysis/blur-text.tex | 31 +++++++++++++++++++++++++++++++ analysis/context.tex | 36 ++++++++++++++++++++++++++++++++++++ analysis/main.tex | 2 ++ conclusion.tex | 13 +++++++++++++ intro/methods.tex | 12 ++++++------ paper.tex | 2 ++ 6 files changed, 90 insertions(+), 6 deletions(-) create mode 100644 analysis/blur-text.tex create mode 100644 analysis/context.tex create mode 100644 conclusion.tex diff --git a/analysis/blur-text.tex b/analysis/blur-text.tex new file mode 100644 index 0000000..a2b9b22 --- /dev/null +++ b/analysis/blur-text.tex @@ -0,0 +1,31 @@ +\subsection{Noisy Text} + +\subsubsection{Privacy} +Excellent\\ +The method doesn't employ any tracking elements and works when used in anonymous +networks like TOR\@. + +\subsubsection{Effectiveness} +Bad\\ +The method relies on Optical Character Recognition (OCR) capabilities of human +users. OCR technology is becoming increasingly sophisticated which would render +this method ineffective in the future. + +Without OCR, this method can be bypassed using human-powered CAPTCHA farms with +% TODO cite CAPTCHA farm cost analysis paper +ease. +\subsubsection{Accessibility} +Bad\\ +Since the method relies on OCR, it is inaccessible to users with visual +disabilities and the added noise poses challenges to users with cognitive +disabilities. The noise sometimes makes the challenge unsolvable which results +in failures for even users without any disabilities, +\subsubsection{Accuracy} +Good\\ +Success and failure are absolute states in this method. A solution that doesn't +match the challenge text results in failure while a match is considered a +success. But when using employing CAPTCHA farms for circumvention, the method +fails absolutely. + +The method uses only text matches in its decision process. No other +external factors are involved. diff --git a/analysis/context.tex b/analysis/context.tex new file mode 100644 index 0000000..b8af88e --- /dev/null +++ b/analysis/context.tex @@ -0,0 +1,36 @@ +\subsection{Context-based} + +\subsubsection{Privacy} +Excellent\\ +The method doesn't employ any tracking elements and works when used in anonymous +networks like TOR\@. + +\subsubsection{Effectiveness} +Bad\\ + +Domain context is limited in nature. An attacker could either become familiar +with the service and then mount an attack, or they could mount brute force attack +to aggregate all possible challenges that the service presents. + +Both of these attacks are practical. + +% TODO cite CAPTCHA farm cost analysis paper +ease. +\subsubsection{Accessibility} +Bad\\ + +This method poses challenges to users with cognitive disabilities as it requires +them to retain information and recollect in a timely manner. Also, this method +makes poses challenges to new visitors to service. The familiarization period to +solve CAPTCHAs in a timely fashion might be too high for someone new. + +\subsubsection{Accuracy} +Bad\\ +Success and failure are absolute states in this method. A solution that doesn't +match the challenge text results in failure while a match is considered a +success. But when above-mentioned circumvention methods are used, there will be +results will be completely inaccurate and as the system lacks any adaptational +capabilities, the failure will be long-lasting. + +The method uses only challenge answers in its decision process. No other +external factors are involved. diff --git a/analysis/main.tex b/analysis/main.tex index db7fdba..b755628 100644 --- a/analysis/main.tex +++ b/analysis/main.tex @@ -1,2 +1,4 @@ \section{Analysis} \input{analysis/align-obj.tex} +\input{analysis/blur-text.tex} +\input{analysis/context.tex} diff --git a/conclusion.tex b/conclusion.tex new file mode 100644 index 0000000..fb19721 --- /dev/null +++ b/conclusion.tex @@ -0,0 +1,13 @@ +\section{Conclusion} + +In today's web, CAPTCHA systems are the deciding factor in weather a user should +be able to access a service or not. Every false positive makes the web less +accessible and even a single challenge posed to persons with disabilities makes +the web inaccessible entire to groups of users. Also, the +ubiquitous presence of privacy-invasive systems like reCAPTCHA post serious +threats to the internet and its users as right to access to information is +now determined by single entity using an opaque process. + +So it is imperative that future system designers take these factors into +consideration. We believe mCaptcha is an attempt at making the web more +accessible while securing it with a decentralised command structure. diff --git a/intro/methods.tex b/intro/methods.tex index 598001b..747ea32 100644 --- a/intro/methods.tex +++ b/intro/methods.tex @@ -6,14 +6,14 @@ parameters. These are popular methods are currently in deployment. \subsubsection{Align object} Objects in various degrees of misalignments are displayed to the user and are asked to choose the one that is perfectly aligned. - % Example GitHub/Kik inverted Hipop + % Example GitHub/Kik inverted Hippo -\subsubsection{Blurred Text} -A sequence of randomly generated letters and digits are - presented to the user with added noise, scattered distribution and - rotations. Sometimes, they are also presented in 3D form. +\subsubsection{Noisy Text} +A sequence of randomly generated letters and digits are presented to the user +with added noise, scattered distribution and rotations. Sometimes, they are also +presented in 3D form. -\subsubsection{Context based} +\subsubsection{Context-based} This method is personalised to the platforms they are displayed on. They usually pose challenges which can only be solved if the user is familiar with the platforms. Some examples are: diff --git a/paper.tex b/paper.tex index 65f79d7..3e526f2 100644 --- a/paper.tex +++ b/paper.tex @@ -13,4 +13,6 @@ \input{pre-req/main.tex} \input{analysis/main.tex} + +\input{conclusion.tex} \end{document}