In the last two days I’ve been receiving spam comments getting past the CAPTCHA filter I installed.
The reason is here
http://network-security-research.blogspot.com/
It’s not necessary to achieve high degree of accuracy when designing automated recognition software. The accuracy of 15% is enough when attacker is able to run 100 000 tries per day, taking into the consideration the price of not automated recognition – one cent per one CAPTCHA.
I guess the claim is valid.
(covered by ./ )