Pages

Saturday, August 25, 2012

The Wacky Letter Version of an Arms Race?

Does anybody else find this to be as irritating as I do?  At websites like Ticketmaster and other online ticket sellers, you are required to perform a "word verification" procedure with "words" written in such wacky "letters" that it makes the "word" virtually unreadable, like in the examples above.  It sometimes takes three or four attempts for me to type a "word" correctly, and even then it seems like I am mostly just guessing, as if there might actually be multiple acceptable "words." 

There's actually a more technical term for trying to read unreadable wacky letters, it's called CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) which is "a type of challenge-response test used in computing as an attempt to ensure that the response is generated by a person."

The "wacky word" verification known as CAPTCHA is therefore an attempt to stop ticket purchases using "ticket bot software" and verify that it's an actual person buying the ticket.  However, ticket software companies like TicketBots (available here for $990) claim their products have a "CAPTCHA bypass" feature to somehow get around the word verification requirement.  

So it must be like a "wacky letter" version of an "arms race," where Ticketmaster and other online ticket sellers try to stay one step ahead of the "CAPTCHA bypass" features of the bot software by making the letters wackier and wackier to the point that they are now mostly  unreadable?  And if the "CAPTCHA bypass" features of the bot software actually work, it appears that the bot software is winning the "wacky letter race."     

Comments welcome.   

26 comments:

  1. Agree 1000%
    Just had this conversation with my son yesterday!
    Especially problematic for older folks who have eyesight issues.

    ReplyDelete
  2. DITTO! I dunno who came up with the idea but the two word verification is a GOOD idea but the implementation sucks big time.

    I too have the same problem with actually reading BOTH words. I usually can read one quite well but the other one ..usually one character is often virtually inscrutable.

    Whoever wrote that code should be strung up and assaulted with bad grammar for a month.

    ReplyDelete
  3. If the “wacky word race” is like an arms race, then consulting Dr. Strangelove is the next logical step:

    Dr. Strangelove: Based on the findings of the report, my conclusion was that this idea was not a practical deterrent for reasons which at this moment must be all too obvious.

    - Dr. Strangelove or: How I Learned to Stop Worrying and Love the Bomb

    ReplyDelete
  4. It's obvious the CAPTCHA team isn't the one building a better mousetrap.

    ReplyDelete
  5. There is an alternative to CAPTCHA and it is NUCaptcha.

    NUCaptcha used a video stream (not Flash) of moving letters. When the moving letters separate from each other they seem easier to read.

    "Another security feature is our Behavior Analysis System. This gives easier Captchas to legitimate users and progressively more secure Captcha attackers."



    ReplyDelete
  6. Make that:

    "This gives easier Captchas to legitimate users and progressively more secure Captcha to attackers."

    How can a guy lose "to" in an easy copy and paste? Doh.

    ReplyDelete
  7. Not only do they use CAPTCHAs but they also block your IP for 24 hours if you search Ticketmaster too often (they'll release new tickets to shows as the show date approaches).

    ReplyDelete
  8. Just get more screwy with the scalpers. Mark any tickets internally as invalid, but look valid for any tickets that look like scalpers bought them.

    In addition, work with legislators to make such automated purchases illegal, with a very low bar of proof.

    ReplyDelete
  9. Sell the tickets at their true value to begin with. Or better yet put them up to bid. All the scalpers will price themselves out of business or buy just what they need to serve their market.

    By not pricing based on the true supply the artist(s) are creating the market. Eliminate the margin and the scalpers won't buy out the venue.

    ReplyDelete

  10. Sell the tickets at their true value to begin with.

    Which is face value.



    Eliminate the margin and the scalpers won't buy out the venue.

    Eliminate the ability for the scalpers to buy out the venue and the problem no longer exists. Scalpers lose, but everyone else(the majority) wins and you even get certainty through flat non-bid prices.

    ReplyDelete
  11. "Scalpers lose, but everyone else(the majority) wins and you even get certainty through flat non-bid prices."

    Not true. The people who would buy from scalpers lose - as they won't get the tickets at all. And as by eliminating scalpers you very likely eliminate the secondary market, you will very likely get a pareto-suboptimal situation...

    ReplyDelete

  12. The people who would buy from scalpers lose - as they won't get the tickets at all.

    Nope. They still have the approved, primary markets.


    And as by eliminating scalpers you very likely eliminate the secondary market

    Which is not suboptimal unless you're the scalper.

    ReplyDelete
  13. True value is what a buyer is willing to pay. If the face value of the ticket is lower than this, extra demand above the supply is created. Enter the scalper to take advantage of the system because it pays. Thus the arms race which they will always win until the artist charges accordingly.

    At some point the scalper will be the only entity capable of buying tickets.

    The artist must increase supply and/or the price to reduce scalping. If the CAPTCHA gets too crazy NO ONE could buy a ticket, problem solved!

    ReplyDelete

  14. At some point the scalper will be the only entity capable of buying tickets.

    I would call complete bull on that one. "Willingness" as you measure it, has a level of duress associated with it - the higher it is, the closer it is to non-willing - no matter what direction the decision goes.

    For these events, face value is the only true value. Flat prices, stringent checks against scalpers, and a legal framework to smite them - if they try - will make more tickets available for legitimate(non-scalping) attendees.

    Unstable pricing structures result in things being worse off overall.

    ReplyDelete
  15. About forty % of the time I canno complete, or even read these things.

    You are all aware of my typing challenges, let alone my reading challenges.

    PFCT is correct.

    Inscrutable characters is a good description.

    ReplyDelete
  16. "Willingness" as you measure it, has a level of duress associated with it

    ==================================

    Aha. A perfect example of the failure in assuming equal willingness in a fair market trade.

    ReplyDelete
  17. "Aha. A perfect example of the failure in assuming equal willingness in a fair market trade. "

    What nonsense. You are either willing to trade or you are not. If you trade you are willing, if you don't trade you aren't willing.

    When a free trade occurs both parties are willing.

    ReplyDelete
  18. In the pre-buy-everything-online days if a broker wanted to buy tickets he had to physically stand on a line (or hire someone to do so) at a box office or a TicketMaster outlet.

    So instead of hiring someone for $50 to stand in line, you can hire thousands of someones for only $990 as pointed out in the original post. What a deal! Who said technology doesn't cut costs?

    They implement the CAPTCHA to foil bots... but pretty soon the bots are going to be the only ones that can read the damn CAPTCHA.

    So Seth, to your point, the way is NOT to limit markets. Making it illegal to resell tickets, cutting people out of the buying process because you think they are reselling and the like will not work. Face value is NOT the market value.

    Market value is what someone is willing to pay for a given item at a specific time. Unlike commodities, Tickets are very different. A ticket in the front row center has a different value from one in the 5th row side, has a different value from one in the 12th row in the lower level has a different value from on in the last row behind the stage. The promoter will "scale the house" with different price levels, but in the the end, they do not price every ticket individually. Or do they?

    Here's a look at Jay-Z performing at the new Barclay's center in NY on TicketMaster (it won't let me do HTML, so goto Ticketmaster and look under Jay-Z and click on Platinum seats)

    Notice that there are (at the time of posting) multiple price points on a select few seats. 1st lower level section by the stage in the 1st row - $575 per. 2nd lower level out $220 in the 2nd row. 4th row in the same section? $195 per.

    Now, I'd argue that these are currently priced above the current "market value" because they haven't sold. But if the DO sell, well... the promoter is holding more just like them and they will raise the price on the next set. These "official platinum seats" are quite simply the promoter's attempt to price tickets "correctly". Does it work? To an extent... but overall I don't think so.

    What happens is the the holding of these seats to sell at tiered or dynamic prices contributes to an artificial shortage in the primary market of the other seats to be sold. So what will happen is the next best set of seats that were sold at the un-tiered "face value" have an artificially inflated "market value" on the secondary market... because people will go to StubHub and not find the best, but they will find next best and pay more for them.

    Seth, back to your point of limiting resellers, it doesn't work except in one utopian circumstance. That would be when the promoter books a building with EXACTLY the number of seats of people that want to see the show AND the promoter sets the price at the EXACT point where those people are willing to buy... not a penny more and not a penny less.

    The reality is that when promoters price below the true market value, there is a shortage and markets take hold. No matter what happens, if U2 has 200,000 people that want to see them at $95 and the building holds 20,000, 180K people ARE NOT getting in. They could add 9 more shows in an attempt to meet demand or they could charge more so that only 20K people want to go. But there will always be market failures and there will be a secondary market of people willing to pay... or not.

    If not, if the market supply is too great, then the prices fall. One need only look to just about any Yankees game this season on StubHub and see that you can pick up many tickets (actually a majority of the tickets) for below the face value. Why? Because too many sellers have too much product and they will sell at a partial loss to avoid a complete loss.

    Other example: Jason Aldean this Thursday in PA. Look on StubHub and tix start at $20 plus fees

    If you went to the "primary" source, the only "face value" is $68.35 ($59 plus tm fees). Supply has outstripped demand and the market price is lower.

    ReplyDelete

  19. When a free trade occurs both parties are willing.


    While you forget the reservations that each party may have, combined with the pressure to reach a state of willingness - one that may technically exist yet is not really there when duress is included.

    ReplyDelete
  20. I say ,,,,,,,F***U""""C...K the Captcha.

    ReplyDelete
  21. "While you forget the reservations that each party may have, combined...blah...blah...blah."

    When you are willing to do something you do it. When you are not willing to do something you don't.

    When you exchange something it is because you value what you give up less than you value what you get.

    End of story.

    ReplyDelete
  22. The way many companies get around CAPTCHAs is by just hiring low-wage workers in places like India to sit around and solve them all day. The going rate is about $1/1000 solved.

    http://www.zdnet.com/blog/security/inside-indias-captcha-solving-economy/1835

    It's an unwinnable arms race, and the only losers are honest consumers.

    ReplyDelete
  23. It's fascinating to see the interpretations about systems people are forced to use (like CAPTCHA) without communication around why the system is in place. It seems that boundaries enforced without knowledge of benefit equals complaints and wild conjecture as to the nefarious purpose of the boundary. Common enough brain-bias pattern in humans, to be sure. I'm sure examples of this same human tendency abound in the finance and economics world.

    This TED talk gives the overview of CAPTCHA by the inventor of the twisted-words version of CAPTCHA - he even mentions Ticketmaster -- along with the bigger picture of how it has evolved to do truly useful work in the human social and language spheres. After watching this, I think you'll feel differently about the "bozo that invented these twisted CAPTCHAs".

    http://www.ted.com/talks/luis_von_ahn_massive_scale_online_collaboration.html

    Another brain-bias effect: unfortunately, people's hatred and negative experiences with Ticketmaster are transferred and associated with technology employed in the experience. Perhaps unconsciously, perhaps not, but the emotional transfer certainly seems to be present for many people.

    Meanwhile, another side-effect of the hacker-security war: computer algorithms for image and text recognition have improved by an order of magnitude since spammers and bot-writers have taken to the task of getting computers to recognize CAPTCHAs. This same technology is employed to help read computers to the blind and several other helpful technologies.

    Interesting self-feeding technological growth, eh?

    ReplyDelete
  24. I'm a co-founder of a company that makes a CAPTCHA replacement, so full disclosure.

    Our solution is called PlayThru, and we use games rather than text. For me, check out areyouahuman.com.

    The problem with CAPTCHA is that it has only one way to be more effective than stopping bots: increasing the difficult of reading the word. At this point, it's easier for bots to read than humans.

    And it's really easy for them to break. Just check out http://www.captchasniper.com/# and its success rates.

    CAPTCHA is a technology that just hasn't been able to keep up over time.

    ReplyDelete
  25. This comment has been removed by the author.

    ReplyDelete
  26. This comment has been removed by the author.

    ReplyDelete

Note: Only a member of this blog may post a comment.