Telling Humans and Computers Apart (Automatically)
or
How Lazy Cryptographers do AI
Luis von Ahn
∗
Manuel Blum
∗
John Langford
∗
If you try to get a new email account at Yahoo, you’ll be asked to prove that you’re a human
and not a computer. Why? Because a single computer program can get thousands of free email
accounts per second. And that’s bad for Yahoo. But how do you prove to a computer that you’re
a human?
Proving that you’re a human to another human can be done using an idea from the 1950s: the
Turing Test [11]. A human judge asks you a bunch of questions and decides, depending on your
answers, whether he’s talking to a human or a computer.
Proving that you’re a human to a computer is another matter. It requires a test (or a set of
tests) that computers can grade, humans can pass, but paradoxically, computers can’t pass. In our
lingo, it requires a captcha.
Gotcha!
Intuitively, a captcha is a program that can generate and grade tests that:
∗
Computer Science Dept., Carnegie Mellon University, Pittsburgh, PA 15213. {biglou,mblum,jcl}@cs.cmu.edu
1
A) Most humans can pass
But
B) Current computer programs can’t pass.
1
The acronym is a mouthful: captcha stands for “Completely Automated Public Turing Test to
Tell Computers and Humans Apart”. The p for Public means that the code and the data used by
a captcha should be publicly available. Thus a program that can generate and grade tests that
distinguish humans from computers, but whose code or data are private, is not a captcha.
Examples
Let’s look at few examples of captchas before moving on. When reading, think about why each
of these is indeed a captcha. The code for all the programs described in this section can be found
online at http://www.captcha.net.
• Gimpy. gimpy works as follows: it picks seven words out of a dictionary, and renders a
distorted image containing the words (as shown in the figure below). gimpy then presents a
test to its user, which consists of the distorted image and the directions: “type three words
appearing in the image”. Given the types of deformations that gimpy uses, most humans can
read three words from the distorted image, while current computer programs can’t.
1
The words “Most” and “Current” can be precisely defined, but the intuitive meaning is good for the purposes of
this article.
2
• Bongo. Another example of a captcha is the program we call bongo.
2
bongo asks the
user to solve a visual pattern recognition problem. In particular, it displays two series of
blocks, the Left and the Right. The blocks in the Left series differ from those in the
Right, and the user must find the characteristic that sets them apart. A possible Left and
Right series are shown below:
(These two series are different because everything in the Left is drawn with thick lines, while
everything in the Right is drawn with thin lines.) After seeing the two series of blocks, the
user is presented with a single block and is asked to determine whether this block belongs to
the Right series or to the Left. The user passes the test if he or she correctly determines
the side to which the block belongs to. Try it yourself: to which side does the isolated block
belong in the figure below (answer: Right)?
2
bongo is named after M.M. Bongard, who published a book of pattern recognition problems ([2]) in 1951.
3
• Pix. Yet another example of a captcha is a program that has a large database of labeled
images (such databases can be found in [6, 5]). All of these images should be pictures of
concrete objects (a horse, a table, a house, a flower, etc). The program picks an object at
random, finds 6 images of that object from its database, presents them to the user and then
asks the question “what are these pictures of?” Current computer programs should not be
able to answer this question, so pix should be a captcha.
But actually, pix, as stated, is not a captcha: it is very easy to write a program that can
answer the question “what are these images of?” Remember that all the code and data of a
captcha should be publicly available; in particular, the image database that pix uses should
be public. Hence, writing a program that can answer the question “what are these pictures
of?” is easy: search the database for the images presented and find their label. One way for
pix to become a captcha is to randomly distort the images before presenting them to the
user, in such a way that searching the database for the images is hard for current computer
programs.
• Eco. eco is a sound-based captcha. The program picks a word or a sequence of numbers
at random, renders the word or the numbers into a sound clip and distorts the sound clip. It
then presents the distorted sound clip to its user and asks them to enter the contents of the
sound clip. eco is based on the gap in ability between humans and computers in recognizing
spoken language. Nancy Chan of the City University in Hong Kong has also implemented a
sound-based system of this variety [3].
It’s still an open problem to create a text-based captcha (one which doesn’t use any images or
sound clips). Brighten Godfrey [7] has worked on the issues revolving around text-based captchas.
4
Online Polls
captchas have a wide variety of applications on the web. Here’s an exmaple. Almost two years
ago, http://www.slashdot.com released an online poll asking for the best school in computer science
(a dangerous question to ask over the web!). As it is the case with most online polls, IP addresses
of voters were recorded in order to prevent single users from voting more than once. However,
students at Carnegie Mellon figured out a way to stuff the ballots using programs that voted for
CMU thousands of times. CMU’s score started growing rapidly. The next day, students at MIT
wrote their own program and the poll became a contest between voting “bots”. MIT finished with
21,156 votes, Carnegie Mellon with 21,032 and every other school with less than 1,000. And, in
fact, any other online poll suffers from this weakness against bots. But captchas offer a solution:
voters should show they are human before being allowed to vote.
Reductions to Hard AI Problems
But how do we prove that computer programs will never pass the tests generated by a captcha?
Unfortunately, we believe there is no way to prove such a strong statement: since humans can pass
the tests, proving that computer programs will never pass them would show that there exist things
that humans can do but computers can’t. We (the authors) believe that some day computers will
be as good as humans, and possibly better, in every cognitive respect.
The best we can do is to present evidence that, given the current state of technology, it is hard
to write a program that can pass the tests generated by a captcha. We can do this by proving the
following statement: Any program that passes the tests generated by a captcha can be used to solve
a hard unsolved Artificial Intelligence (AI) problem. This statement requires some explanation:
• First, by “[a] program that passes the tests generated by a captcha”, we mean a program
5