Broken CAPTCHAs and Fractured Equity - Privacy and Security in hCaptcha's Accessibility Workflow
Offered By: USENIX Enigma Conference via YouTube
Course Description
Overview
Explore a critical analysis of hCaptcha's accessibility workflow in this USENIX Enigma Conference talk. Delve into the background of CAPTCHAs, assistive technologies, and their interactions. Examine the privacy and security implications of hCaptcha's visual puzzle system and its alternative accessibility workflow. Discover how the accessibility option could potentially de-anonymize users and be vulnerable to automation. Learn about the responsible disclosure process for the identified security flaw and discuss future plans for more inclusive and privacy-friendly CAPTCHA solutions. Reflect on broader questions regarding the future of CAPTCHAs, potential replacements, and the challenge of balancing inclusive access with robust security measures.
Syllabus
Introduction
Assistive Technology
Background
What is hCaptcha
How does hCaptcha work
Low friction
Privacy problem
Privacy update
Security update
Accessibility workflow
Disclosures
The Bigger Picture
Audio Captures
Accessibility
Textbased challenge
Privacy pass
Business model
Taught by
USENIX Enigma Conference
Related Courses
Ethics in CybersecurityLinkedIn Learning Ethics in Information Security
LinkedIn Learning Tech on the Go: Ethics in Cybersecurity
LinkedIn Learning 100 Bug Bounties and Security Research - Lessons from BSides Tampa 2015
YouTube Responsible Disclosure Preparedness for IoT Security - 2017
LASCON via YouTube