Is Breaking CAPTCHA a Crime? (Wired article)



yes it is. You can get life or even a death sentence in Alabama for it.

You'll also rot in Hell for all eternity afterwards. Don't you read your Koran? "Thou shalt not suffer a captcha-breaker to live"

And its even in the Bible, Corinthians 17:11 "And the breakage of the captcha resounded mightily unto the hordes of the Israelites, and they Googledeth that it was good".
 
It almost certainly is. It's 1: unauthorized access to a computer system and 2: probably an infringment on the DMCA ;-)


IANAL.

Definitely isn't unauthorized access. Also isn't an infringement on DMCA. DMCA assumes what you do after you get in, and unauthorized means you get into a system that is supposed to lock out everyone but a specific list. CAPTCHA cracking a signup form isn't breaking into anything.
 
What if some random indian fills in the captcha for me through an api?
 
Definitely isn't unauthorized access. Also isn't an infringement on DMCA. DMCA assumes what you do after you get in, and unauthorized means you get into a system that is supposed to lock out everyone but a specific list. CAPTCHA cracking a signup form isn't breaking into anything.

Well said. No rule says that CAPTCHA strings have to be read by human eyes and not by pattern recognition algorithms.

The real infringement in the article is :

Code:
When the bots filled out purchase pages with customer credit card information, they used fake e-mail addresses and mimicked human behavior by occasionally making typing mistakes in the online forms.
 
Offenses against intellectual property.

(a) Whoever willfully, knowingly, and without authorization or without reasonable grounds to believe that he or she has such authorization, attempts or achieves access, communication, examination, or modification of data, computer programs, or supporting documentation residing or existing internal or external to a computer, computer system, or computer network commits an offense against intellectual property.
(b) Whoever willfully, knowingly, and without authorization or without reasonable grounds to believe that he or she has such authorization, destroys data, computer programs, or supporting documentation residing or existing internal or external to a computer, computer system, or computer network commits an offense against intellectual property.
(c) Whoever willfully, knowingly, and without authorization or without reasonable grounds to believe that he or she has such authorization, discloses, uses, or takes data, computer programs, or supporting documentation residing or existing internal or external to a computer, computer system, or computer network commits an offense against intellectual property.
(d)(1) Except as otherwise provided in this subsection, an offense against intellectual property is a Class A misdemeanor, punishable as provided by law.
(2) If the offense is committed for the purpose of devising or executing any scheme or artifice to defraud or to obtain any property, then the offender is guilty of a Class C felony, punishable as provided by law.
(3) If the damage to such intellectual property is greater than two thousand five hundred dollars ($2,500), or if there is an interruption or impairment of governmental operation or public communication, transportation, or supply of water, gas, or other public or utility service, then the offender is guilty of a Class B felony, punishable as provided by law.
(4) Whoever willfully, knowingly, and without authorization alters or removes data causing physical injury to any person who is not involved in said act shall be guilty of a Class A felony, punishable as provided by law.
(Acts 1985, No. 85-383, p. 326, §3,; Act 2003-355, p. 962, §1.)


This is some Alabama legalize regarding computer crime. There are no doubt tried cases setting praxis for interpretation of this of which I have no knowledge, but just reading the text you could definitly argue that if you have a computerprogram automate a decaptcha (a system to control the user is a human being), you do not have reasonable grounds to belive you are authorized. But ye, you should talk to a lawyer if you are worried.
 
I think it depends on how you look at it. So say your using xrumer to get backlinks to your money site to boost it's PV's. Aren't you in reality lying to people about the popularity of your site? Aren't you committing a fraud?
I understand that this is not what was done in the case cited by wired -- my example is much more innocent(?). But the reality is that if the news media jumps all over something, than it can easily spiral out of control. The average net user is sooo ignorant-- whatever they read or hear on the news becomes an evil truth.
 
Well I asked a friend who does this job of making people decode captcha and get paid, he said it is illegal though he did not mention anything about it being a crime.There are so many sites which decode captcha I dont think they get caught.....so if you ask me I say it is illegal but surely not a crime
 
Maybe if it can be proven that the person doing the breaking expressly agreed to the site's TOS which contains a clause about CAPTCHAs. This would mean registering on the site. Those footer notices that claim the mere act of visiting the site "constitutes acceptance of TOS" are about as worseless as those email signatures stating not to forward or publish the contents if received by anyone other than the intended recipient.