Comments for The Cutest Human-Test: KittenAuth

On top of the ludicrously low factors, image recognition (not just OCR) is only going to get better.

Eventually spam will find a way to solve a full-on turing-test, I'm sure. ;)

Perhaps there might be a bot waiting on our servers one day to detect other bots. Then it will be a battle of wits. :)

Put the you know what, in the you know where.

One small problem. If someone really wanted to write an app to automatically post spam on your messages then all they have to do is brute force your authentication system. 84 combinations is abysmally low, leaving the system with a 1/84 chance of guessing it every time it attempts. So, assuming they do want to brute force your authentication system, they'll not only succeed (it may take a few minutes or so, but who cares, it's automated), but they'll be Denial of Servicing you in the same step!
Don't get me wrong, it's a nice idea and it will work so long as too many people don't start using it. However, there will be a certain point where it's just too cost effective for the spammers to write their easy little app to brute force/DOS you in the same step.
Cheers,
Ivan.

Make the grid bigger.

Assuming order doesn't matter when picking the kittens, then nCr is the correct function to use to predict the number of possibilities. If you were to somehow make order of selection important, then you could make this system much more robust. If order somehow mattered, then you'd go from 84 possibilities to 84*3! = 504. The effect is much more dramatic with the 4x4 grid, requiring 8 choices, or even 4. If you really want to learn about this stuff I reccomend finding an intro book to combinatorics and probability.

I did some research into human recognition of steganographic images. I had a library of images that I would apply different degrees to steganography to. Then I had users look at about 30 of these images, and identify which ones contained steganography. It was all web-based, so the images were generated on the fly and copied to a folder specific to the user, with a MD5 checksum used as the filename. I had to keep a copy of all the images that users had been shown, for ethical reasons, but you could just delete them afterwards.

The conclusion of the research was that people really couldn't compete with computers at detecting steganography. Sadly that doesn't give much hope for any image based system. It's only a matter of time before someone programs an algroithm that recognizes kittens...

On the flip side, we also showed that humans can be trained and actually improve their ability to recognize steganography. They still suck at it, but the prospect of training computers is definitely there. That's where my work stopped, but I think if you developed a good algorithm based on computer training, you could probably completely destroy any visual recognition system, like captchas.

Still a really freaking cool idea, and a lotter cuter than traditional captchas.

why fix number of kittens to 3. have a random number of kittens > 0 each time. this way u will have 510 possibilities with 3x3 grid.

this is my message of ultamate DOOM!

test this would be cool i was just testing this out here

I would like to see the kitten auth.

Authentication test

kitten auth