Fight Spam and Save Shakespeare

reCAPTCHA is a free CAPTCHA service that helps to digitize books, newspapers and old time radio shows. Check out our paper in Science about it (or read more below).

CAPTCHA is a program that can tell whether its user is a human or a computer. You’ve probably seen them — colorful images with distorted text at the bottom of Web registration forms. CAPTCHAs are used by many websites to prevent abuse from “bots,” or automated programs usually written to generate spam. No computer program can read distorted text as well as humans can, so bots cannot navigate sites protected by CAPTCHAs.

About 200 million CAPTCHAs are solved by humans around the world every day. In each case, roughly ten seconds of human time are being spent. Individually, that’s not a lot of time, but in aggregate these little puzzles consume more than 150,000 hours of work each day. What if we could make positive use of this human effort? reCAPTCHA does exactly that by channeling the effort spent solving CAPTCHAs online into “reading” books.

To archive human knowledge and to make information more accessible to the world, multiple projects are currently digitizing physical books that were written before the computer age. The book pages are being photographically scanned, and then transformed into text using “Optical Character Recognition” (OCR). The transformation into text is useful because scanning a book produces images, which are difficult to store on small devices, expensive to download, and cannot be searched. The problem is that OCR is not perfect.

Security

reCAPTCHA has the highest security standards. Many other implementations of CAPTCHAs use undistorted text, or text with only minor distortions. These implementations are vulnerable to simple automated attacks. Others, such as MAPTCHA, consist of asking text-based arithmetic questions like “what is 1+1”. These can be trivially broken by an attacker.

To protect your site, reCAPTCHA uses two layers of security when generating images. It starts with images that can’t be read by computers, and then distorts them even more:

security diagram
 

Adaptive Security

reCAPTCHA is a Web service. That means that all the images are generated and graded by our servers. In addition to the convenience that this provides (you don’t have to run costly image generation scripts on your own servers), this also provides an extra level of protection: our CAPTCHAs can be automatically updated whenever a security vulnerability is found. For example, if somebody writes a program that can read our distorted images, we can add more distortions in very little time, and without Web masters having to change anything on their side. This is significantly more secure (and convenient) than having to re-install a CAPTCHA every time a vulnerability is found.

IP Address Detection

Our service also includes IP address filtering and detection. If we determine that a given IP address is successfully solving too many CAPTCHAs in a certain period of time, the address is immediately flagged for review. In addition, by providing CAPTCHA services to many customers we obtain a global view of spamming attacks, allowing us to react quickly to security threats.

Article source:http://www.google.com/recaptcha/learnmore

Bom Sabado worm on orkut- Tips to save your privacy

I just login on my orkut account as i got a scrap with “Bom Sabado”. I checked the update and visit few profile which listed on my orkut home page. after few time later i got chat call from lots of my online friend what is that “Bom Sabado”. They also informed me that i sent them that scrap. Also i noticed i am now part of some community few are following. WJXENBB77WD9

  1. O vírus que contagia… (252340)
  2. saadzin, meu miguxinho. (248114)
  3. Dino ♥ (249218)

The number after community name clearly indicate infected person number.

Possible Solution and precaution

Follow these steps:

  1. Immediately change your password and security question{ including secondary email and  number if they also got changed.) This will solve the problem.
  2. Find out whether some communities has been joined automatically. if yeah, do remove them.
  3. If your account has been completely hacked, see here:
    http://www.google.com/support/forum/p/orkut/thread?tid=39fa418ed1162078&hl=en
  4. Always remember these  :
    1. Donot ever login to any site rather than www.orkut.com
    2. Donot ever run any javascripts while logged into your orkut account
    3. Never use any flooder in your account
    4. Donot ever share your password with anyone else and keep changing your password regularly.
    5. Donot ever  suspicious link while logged into Orkut a/c. if you are curious you can copy the link and check them in other browser after cleaning it’s browser’s cookie and cache.
    6. Donot ever  any suspicious script on greasemoneky and ALWAYS DIABLE THE GM before logging in to orkut.
    7. Do your mobile verification also, so that you can get back your a/c if hacker doesn’t change the mobile number there.
      http://www.orkut.co.in/Main#MobileSetupSettings
    8. a good Update Ant ivirus and Anti Key logger and keep your system free from Key loggers and backdoor trojans.
    9. Use Virtual Keyboard to  your password for more securite. KIS 2010 provides it and there are many other V. keyboards available.

Take a look here and follow the points given to protect your a/c:

http://www.google.com/support/orkut/bin/answer.py?hl=en&answer=57442
and http://www.google.com/support/orkut/bin/answer.py?hl=en&answer=48579

Other links

http://www.google.com/support/forum/p/orkut/thread?tid=47a34f01fce49673&hl=en
http://www.google.co.uk/support/forum/p/orkut/thread?tid=3f7832a56f672e48&hl=en

Network Solutions hosting issue or WordPress Security Flaw

My one of client is victim of this mass hack on network solution hosted blog. I am going to share some interesting fact about this vulnerability story.

  1. when our client contacted to Network Solution support tell them to buy SSL as your site is not secure.  (6 April)
  2. I fixed theme files which is altered by this hack and checked my database for any possible code. found a funx.php on theme file and called in footer.php. site seems to fix that time for me. I used to clear my cookies to check at every refresh. my avast home antivirus and chrome browser help me to do that. Suddenly my blog database connection gone due to network solution effort i think. I changed all username and password for ftp, database, wp-admin users (8 April)
  3. When i wake up at 9 April found hacked blog again this time this this is another issue. Theme footer have reference to a function and 1 file included that is created on server. not able to remember the name 2 random file without any extension. I am not sure how someone put file on my server. I fixed the site again and and checked multiple time with clearing the cookies.  Seems fixed. I am very curious to know how this thing is happing to the site. anyone placing file on my server. (9-April).
  4. Seems everything is fixed i start working on to make site secure with ssl. fed up with redirect error and i finaly make that working. (10 April)
  5. Url is now https.  i loosed my page rank and all back link on new site. (10 April)
  6. Site is infected again. this time a plugins JavaScript file is infected. fixed again. (12 April).
  7. Till now not noticed any infection issue (14 April)

Now i am getting strange errors on site not sure this is infection or ?????

1
2
3
Error in ISAPI_Rewrite helper ISAPI extension.
12030 - The connection with the server was terminated abnormally
File: .\rwhelper.cpp, Line: 1290.

More update coming . Feel free to comment. Thanks

Update 18 April

Site is again showing virus warning. I did all step to resolve nothing works. then i rename .htaccess upload a 1.php on root with  following code

1
< ?php phpinfo(); ?>

According to my knowledge this is server issue. This is no more any WordPress Issues. May be this problem is solved by Network solution before people notiiced that.

Update 21 April

I gave up my effort with Network Solution and i shifted to another Host.

Best response on this issue

Summary: A web host had a crappy server configuration that allowed people on the same box to read each others’ configuration files, and some members of the “security” press have tried to turn this into a “WordPress vulnerability” story.

WordPress, like all other web applications, must store database connection info in clear text. Encrypting credentials doesn’t matter because the keys have to be stored where the web server can read them in order to decrypt the data. If a malicious user has access to the file system — like they appeared to have in this case — it is trivial to obtain the keys and decrypt the information. When you leave the keys to the door in the lock, does it help to lock the door?

A properly configured web server will not allow users to access the files of another user, regardless of file permissions. The web server is the responsibility of the hosting provider. The methods for doing this (suexec, et al) have been around for 5+ years.

I’m not even going to link any of the articles because they have so many inaccuracies you become stupider by reading them.

If you’re a web host and you turn a bad file permissions story into a WordPress story, you’re doing something wrong.

P.S. Network Solutions, it’s “WordPress” not “Word Press.”

–Matt