YoVDO

Broken CAPTCHAs and Fractured Equity - Privacy and Security in hCaptcha's Accessibility Workflow

Offered By: USENIX Enigma Conference via YouTube

Tags

Cybersecurity Courses User Authentication Courses Web Security Courses Privacy Courses Web Accessibility Courses Assistive Technology Courses Inclusive Design Courses Responsible Disclosure Courses

Course Description

Overview

Explore a critical analysis of hCaptcha's accessibility workflow in this USENIX Enigma Conference talk. Delve into the background of CAPTCHAs, assistive technologies, and their interactions. Examine the privacy and security implications of hCaptcha's visual puzzle system and its alternative accessibility workflow. Discover how the accessibility option could potentially de-anonymize users and be vulnerable to automation. Learn about the responsible disclosure process for the identified security flaw and discuss future plans for more inclusive and privacy-friendly CAPTCHA solutions. Reflect on broader questions regarding the future of CAPTCHAs, potential replacements, and the challenge of balancing inclusive access with robust security measures.

Syllabus

Introduction
Assistive Technology
Background
What is hCaptcha
How does hCaptcha work
Low friction
Privacy problem
Privacy update
Security update
Accessibility workflow
Disclosures
The Bigger Picture
Audio Captures
Accessibility
Textbased challenge
Privacy pass
Business model


Taught by

USENIX Enigma Conference

Related Courses

Ethics in Cybersecurity
LinkedIn Learning
Ethics in Information Security
LinkedIn Learning
Tech on the Go: Ethics in Cybersecurity
LinkedIn Learning
100 Bug Bounties and Security Research - Lessons from BSides Tampa 2015
YouTube
Responsible Disclosure Preparedness for IoT Security - 2017
LASCON via YouTube